Nechtěné otevírání oken v prohlížeči kontrola logu

Zpráva

zdenek.ob · #1 Příspěvek od **zdenek.ob** » 31 kvě 2016 16:36

Logfile of random's system information tool 1.10 (written by random/random)
Run by Rebel at 2016-05-31 17:21:37
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (1%) free of 457 GB
Total RAM: 3067 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:22:28, on 31.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\totalcmd\TOTALCMD.EXE
F:\SchemataCAD\SchemataCAD.exe
C:\Users\Rebel\AppData\Local\Temp\ELMD60A.tmp
C:\PROGRA~1\MIF5BA~1\Office12\OIS.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Users\Rebel\Downloads\RSIT.exe
C:\Program Files\trend micro\Rebel.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.net/wpad.dat?c607f009ec7 ... 16d7773547
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [openvpn-gui] c:\Program Files\OpenVPN\bin\openvpn-gui.exe --connect NASVoj30.ovpn
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'MSSQLSERVER')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'MSSQLSERVER')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: AdeonaClientService - Unknown owner - C:\Program Files\Adeona\cygrunsrv.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Control Web IPC (CwIPCSvc) - Moravian Instruments® - C:\Program Files\Moravian Instruments\Shared\cwsvc.exe
O23 - Service: CWsluzba - Unknown owner - C:\option\srvany.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EMP_NSWLSV - SEIKO EPSON CORPORATION - C:\Program Files\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HW Virtual Serial Port (single) (HW_VSP3s_Service) - Unknown owner - C:\Program Files\HW group\HW VSP3s\HW_VSP3s_srv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: MCT10 Service - Unknown owner - C:\Program Files\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9457 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 30971257-bd3e-4960-bf80-e87fb74f2d22.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:30971257-bd3e-4960-bf80-e87fb74f2d22
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 920b4633-bd53-41c4-83a2-031443d23efc.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:920b4633-bd53-41c4-83a2-031443d23efc
C:\Windows\tasks\Wise Care 365.job - C:\Program Files\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, firebug@software.joehewitt.com:1.6.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"deskCutv2@gmail.com"=C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\extensions\deskCutv2@gmail.com

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IPC/npmedia3.0.0.1,version=3.0.0.1]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.1\npmedia3.0.0.1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IPC/npmedia3.0.0.2,version=3.0.0.2]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.2\npmedia3.0.0.2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\extensions\
deskCutv2@gmail.com
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{A95ECCE5-EF19-46bf-847B-3761F41FC4A5}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\searchplugins\
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2010-03-06 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-02-15 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2010-03-06 360448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"openvpn-gui"=c:\Program Files\OpenVPN\bin\openvpn-gui.exe [2013-08-22 398648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-03-01 6825888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011-09-09 523216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 4556048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GNE_SwapScreen]
C:\Ja\Instal\DualMonitor\SwapScreen.exe [2011-04-13 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files\PDF24\pdf24.exe [2014-11-28 193568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2015-04-10 455392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusAlerts]
C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2011-07-19 136760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.266\SSSCHE~1.EXE [2015-12-02 277920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk]
C:\Windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico [2014-03-24 29310]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Rebel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MIF5BA~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3fhg"=mp3fhg.acm
"vidc.DIVX"=DivX.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv50"=ir50_32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"VIDC.VP80"=vp8vfw.dll
"vidc.mjpg"=pvmjpg30.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-05-31 17:21:37 ----D---- C:\rsit
2016-05-31 17:21:37 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2016-05-31 17:22:28 ----D---- C:\Windows\Prefetch
2016-05-31 17:22:18 ----D---- C:\Windows\Temp
2016-05-31 17:21:37 ----RD---- C:\Program Files
2016-05-31 12:29:33 ----D---- C:\Windows\system32\config
2016-05-31 12:26:18 ----SHD---- C:\System Volume Information
2016-05-31 08:50:56 ----D---- C:\Windows\System32
2016-05-31 08:50:56 ----D---- C:\Windows\inf
2016-05-31 08:50:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-26 23:00:24 ----D---- C:\Windows\system32\NDF
2016-05-01 20:18:57 ----D---- C:\Windows\system32\LogFiles

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2009-03-24 40560]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2014-06-26 35064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2010-12-01 143248]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2010-12-01 41936]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2014-12-14 229208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2009-08-20 356864]
R2 Dpmtrcdd;Dpmtrcdd; C:\Windows\System32\DRIVERS\dpmtrcdd.sys [2003-10-16 30192]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [2012-08-24 17184]
R3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock.sys [2011-09-09 87976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-06-02 25104]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2012-01-23 7523840]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 35288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-05 691696]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2009-08-23 308859]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 evserial7;Virtual Serial Ports Driver 7 (Eltima Software); C:\Windows\System32\DRIVERS\evserial7.sys [2011-12-20 58632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-07-14 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\Windows\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;GD-04K USB Interface; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2012-10-02 4608]
S3 VSBC7;Virtual Serial Bus Enumerator 7 (Eltima Software); C:\Windows\system32\DRIVERS\evsbc7.sys [2011-12-20 33032]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
S4 RsFx0200;RsFx0200 Driver; C:\Windows\system32\DRIVERS\RsFx0200.sys [2012-02-11 268888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdeonaClientService;AdeonaClientService; C:\Program Files\Adeona\cygrunsrv.exe [2008-07-13 68096]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; C:\Program Files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-08-23 1528624]
R2 CwIPCSvc;Control Web IPC; C:\Program Files\Moravian Instruments\Shared\cwsvc.exe [2004-01-29 57344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EMP_NSWLSV;EMP_NSWLSV; C:\Program Files\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [2010-12-15 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-11-20 539888]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2009-12-16 3750400]
R2 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2010-10-27 13824]
R2 InterBaseGuardian;InterBase Guardian; C:\Program Files\Borland\InterBase\bin\ibguard.exe [2001-11-29 32768]
R2 MCT10 Service;MCT10 Service; C:\Program Files\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe [2010-12-09 59392]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2012-02-11 206424]
R2 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-11-20 111856]
R2 s7oiehsx;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2007-08-28 208968]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-02-11 269912]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 uvnc_service;uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2014-12-10 1795864]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-09-09 475088]
R3 InterBaseServer;InterBase Server; C:\Program Files\Borland\InterBase\bin\ibserver.exe [2001-11-29 1769472]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CWsluzba;CWsluzba; C:\option\srvany.exe [2003-04-18 8192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 HW_VSP3s_Service;HW Virtual Serial Port (single); C:\Program Files\HW group\HW VSP3s\HW_VSP3s_srv.exe [2009-02-21 498968]
S2 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2007-03-22 163840]
S2 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S2 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2012-02-11 438360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-17 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2015-06-04 85096]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1030928]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-06 1044816]
S3 getPlusHelper;getPlus(R) Helper; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 102912]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [2015-12-02 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-11-20 259824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Apache2.2;Apache2.2; C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [2010-03-04 24645]
S4 Apache2;Apache2Triad Apache2 Service; C:\apache2triad\bin\httpd.exe [2011-01-09 17408]
S4 Apache2SSL;Apache2Triad Apache2 Service with SSL; C:\apache2triad\bin\httpd.exe [2011-01-09 17408]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2011-07-08 162816]
S4 MioNet;MioNet Service; C:\Program Files\MioNet\MioNetManager.exe [2006-06-03 139264]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 MySql;Apache2Triad MySql Service; C:\apache2triad\mysql\bin\mysqld.exe [2011-01-09 3960832]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [2011-08-27 49152]
S4 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [2011-08-27 69632]
S4 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [2011-08-27 115773440]
S4 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [2011-08-27 12800]
S4 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000]
S4 PgSql;Apache2Triad PostgreSQL Service; C:\apache2triad\pgsql\bin\pg_ctl.exe [2011-01-09 75207]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 31 kvě 2016 18:06

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

zdenek.ob · #3 Příspěvek od **zdenek.ob** » 31 kvě 2016 19:00

# AdwCleaner v5.119 - Log vytvořen 31/05/2016 v 19:54:37
# Aktualizováno 30/05/2016 by Xplode
# Databáze : 2016-05-30.3 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X86)
# Uživatelské jméno : Rebel - REBEL-PC
# Spuštěno z : C:\Users\Rebel\Desktop\adwcleaner_5.119.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\LuckyBrowse
[-] Složka Smazáno : C:\ProgramData\simplitec
[-] Složka Smazáno : C:\ProgramData\13209552975552190150
[#] Složka Smazáno : C:\ProgramData\Application Data\LuckyBrowse
[#] Složka Smazáno : C:\ProgramData\Application Data\simplitec
[#] Složka Smazáno : C:\ProgramData\Application Data\13209552975552190150
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\LuckyBrowse
[-] Složka Smazáno : C:\Program Files\GreenTree Applications
[-] Složka Smazáno : C:\Program Files\LuckyBrowse
[-] Složka Smazáno : C:\Program Files\RayDld
[-] Složka Smazáno : C:\Program Files\StatFoobar
[-] Složka Smazáno : C:\Users\Rebel\AppData\Roaming\SpringFiles
[-] Složka Smazáno : C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\extensions\deskCutv2@gmail.com

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Program Files\Mozilla Firefox\browser\searchplugins\yoursearching.xml

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : LuckyBrowse

***** [ Registry ] *****

[-] Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{8DD92279-9B04-4C6F-A862-EF3C24603804}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Klíč Smazáno : HKCU\Software\Mozilla\Extends
[-] Klíč Smazáno : HKCU\Software\WEBAPP
[-] Klíč Smazáno : HKCU\Software\SprgFiles
[-] Klíč Smazáno : HKCU\Software\WIN
[-] Klíč Smazáno : HKCU\Software\madFlac
[-] Klíč Smazáno : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč Smazáno : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč Smazáno : HKLM\SOFTWARE\Description
[-] Klíč Smazáno : HKLM\SOFTWARE\ihpmserver
[-] Klíč Smazáno : HKLM\SOFTWARE\LuckyBrowse
[-] Klíč Smazáno : HKLM\SOFTWARE\RayDld
[-] Klíč Smazáno : HKLM\SOFTWARE\simplitec
[-] Klíč Smazáno : HKLM\SOFTWARE\yoursearchingSoftware
[-] Klíč Smazáno : HKLM\SOFTWARE\SprgFiles
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AppDataLow\Software\DefaultTab
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EE3095A7-96EA-40BC-908C-59D648CADCDC}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3D60860C-5392-4F35-9281-6C685E953E62}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{482ECF1B-91AA-47A8-8A29-EB1AA7130BAA}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{7648FE06-CA85-4739-B27A-67523CC7DE6E}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{13307484-11BD-4A22-AAB8-688EB1197D0C}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B5047F78-3227-4B75-AF76-4C6C16CC32DE}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F3696E78-E8D3-4655-93ED-9832B240DDF6}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1EAEA0E9-93C8-4988-96B8-7E08B26E94DE}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{6975E40F-50BF-42CB-967E-32B1B9A9A43D}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D8881AB6-102A-4788-BDCA-6536818A2E3F}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{25E28249-46EA-4E4A-A0DE-85B611089300}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{26B53BB0-F197-4FA4-8124-866077598708}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{5FBBD4EE-BB32-4F7C-A9C8-2529899B67F1}]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{624F8C23-E06E-4931-9796-1A755506E917}]

***** [ Prohlížeče ] *****

[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("browser.search.defaultenginename", "yoursearching");
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ptid", "wpc");
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "SAMSUNGXHM500JI_S1YAJ90SB24650");
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("extensions.D8ejSlaPJYylsrWA.scode", "(function(){try{if(window.location.href.indexOf(\"pdsGqds5rdCHpjYErHk6qdr9pa\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...]
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("extensions.wS1tbcubZCbK9jyQ.scode", "(function(){try{if(window.location.href.indexOf(\"pdsGqds5rdCHpjYErHk6qdr9pa\")>-1){return;}}catch(e){}try{var d=[[\"www.ewoss.com\",\"livewebcams.xyz\"[...]
[-] [C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js] Smazáno : user_pref("network.hxxp.request.max-start-delay", 0);

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7696 bytů] - [31/05/2016 19:54:37]
C:\AdwCleaner\AdwCleaner[R0].txt - [13598 bytů] - [03/06/2014 14:57:45]
C:\AdwCleaner\AdwCleaner[R1].txt - [13385 bytů] - [03/06/2014 15:00:49]
C:\AdwCleaner\AdwCleaner[R2].txt - [1361 bytů] - [03/06/2014 15:46:51]
C:\AdwCleaner\AdwCleaner[R3].txt - [10545 bytů] - [03/08/2015 08:26:17]
C:\AdwCleaner\AdwCleaner[S0].txt - [578 bytů] - [03/06/2014 15:00:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [22320 bytů] - [03/06/2014 15:01:31]
C:\AdwCleaner\AdwCleaner[S2].txt - [1426 bytů] - [03/06/2014 15:56:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [8898 bytů] - [03/08/2015 08:32:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8356 bytů] ##########

#4 Příspěvek od **Rudy** » 31 kvě 2016 19:36

Dejte nový log RSIT.

zdenek.ob · #5 Příspěvek od **zdenek.ob** » 01 čer 2016 07:03

Logfile of random's system information tool 1.10 (written by random/random)
Run by Rebel at 2016-06-01 07:59:23
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (1%) free of 457 GB
Total RAM: 3067 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:00:09, on 1.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\totalcmd\TOTALCMD.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Rebel\Desktop\RSIT.exe
C:\Program Files\trend micro\Rebel.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.net/wpad.dat?c607f009ec7 ... 16d7773547
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O4 - HKLM\..\Run: [openvpn-gui] c:\Program Files\OpenVPN\bin\openvpn-gui.exe --connect NASVoj30.ovpn
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'MSSQLSERVER')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'MSSQLSERVER')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: AdeonaClientService - Unknown owner - C:\Program Files\Adeona\cygrunsrv.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Control Web IPC (CwIPCSvc) - Moravian Instruments® - C:\Program Files\Moravian Instruments\Shared\cwsvc.exe
O23 - Service: CWsluzba - Unknown owner - C:\option\srvany.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EMP_NSWLSV - SEIKO EPSON CORPORATION - C:\Program Files\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HW Virtual Serial Port (single) (HW_VSP3s_Service) - Unknown owner - C:\Program Files\HW group\HW VSP3s\HW_VSP3s_srv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: MCT10 Service - Unknown owner - C:\Program Files\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9117 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 30971257-bd3e-4960-bf80-e87fb74f2d22.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:30971257-bd3e-4960-bf80-e87fb74f2d22
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 920b4633-bd53-41c4-83a2-031443d23efc.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:920b4633-bd53-41c4-83a2-031443d23efc
C:\Windows\tasks\Wise Care 365.job - C:\Program Files\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, firebug@software.joehewitt.com:1.6.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IPC/npmedia3.0.0.1,version=3.0.0.1]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.1\npmedia3.0.0.1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IPC/npmedia3.0.0.2,version=3.0.0.2]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.2\npmedia3.0.0.2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\extensions\
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{A95ECCE5-EF19-46bf-847B-3761F41FC4A5}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\searchplugins\
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2010-03-06 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-02-15 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2010-03-06 360448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"openvpn-gui"=c:\Program Files\OpenVPN\bin\openvpn-gui.exe [2013-08-22 398648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-03-01 6825888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011-09-09 523216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 4556048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GNE_SwapScreen]
C:\Ja\Instal\DualMonitor\SwapScreen.exe [2011-04-13 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files\PDF24\pdf24.exe [2014-11-28 193568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2015-04-10 455392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusAlerts]
C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2011-07-19 136760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.266\SSSCHE~1.EXE [2015-12-02 277920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk]
C:\Windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico [2014-03-24 29310]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Rebel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MIF5BA~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3fhg"=mp3fhg.acm
"vidc.DIVX"=DivX.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv50"=ir50_32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"VIDC.VP80"=vp8vfw.dll
"vidc.mjpg"=pvmjpg30.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-05-31 17:21:37 ----D---- C:\rsit
2016-05-31 17:21:37 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2016-06-01 08:00:04 ----D---- C:\Windows\Temp
2016-06-01 07:59:57 ----D---- C:\Windows\Prefetch
2016-05-31 20:00:51 ----D---- C:\Windows\System32
2016-05-31 20:00:51 ----D---- C:\Windows\inf
2016-05-31 20:00:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-31 19:54:39 ----D---- C:\Windows\system32\Tasks
2016-05-31 19:54:38 ----RD---- C:\Program Files
2016-05-31 19:54:37 ----HD---- C:\ProgramData
2016-05-31 19:54:37 ----D---- C:\AdwCleaner
2016-05-31 12:29:33 ----D---- C:\Windows\system32\config
2016-05-31 12:26:18 ----SHD---- C:\System Volume Information
2016-05-26 23:00:24 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2009-03-24 40560]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2014-06-26 35064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2010-12-01 143248]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2010-12-01 41936]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2014-12-14 229208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2009-08-20 356864]
R2 Dpmtrcdd;Dpmtrcdd; C:\Windows\System32\DRIVERS\dpmtrcdd.sys [2003-10-16 30192]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [2012-08-24 17184]
R3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock.sys [2011-09-09 87976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-06-02 25104]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2012-01-23 7523840]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 35288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-05 691696]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2009-08-23 308859]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 evserial7;Virtual Serial Ports Driver 7 (Eltima Software); C:\Windows\System32\DRIVERS\evserial7.sys [2011-12-20 58632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-07-14 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\Windows\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;GD-04K USB Interface; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2012-10-02 4608]
S3 VSBC7;Virtual Serial Bus Enumerator 7 (Eltima Software); C:\Windows\system32\DRIVERS\evsbc7.sys [2011-12-20 33032]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
S4 RsFx0200;RsFx0200 Driver; C:\Windows\system32\DRIVERS\RsFx0200.sys [2012-02-11 268888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdeonaClientService;AdeonaClientService; C:\Program Files\Adeona\cygrunsrv.exe [2008-07-13 68096]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; C:\Program Files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-08-23 1528624]
R2 CwIPCSvc;Control Web IPC; C:\Program Files\Moravian Instruments\Shared\cwsvc.exe [2004-01-29 57344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EMP_NSWLSV;EMP_NSWLSV; C:\Program Files\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [2010-12-15 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-11-20 539888]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2009-12-16 3750400]
R2 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2010-10-27 13824]
R2 InterBaseGuardian;InterBase Guardian; C:\Program Files\Borland\InterBase\bin\ibguard.exe [2001-11-29 32768]
R2 MCT10 Service;MCT10 Service; C:\Program Files\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe [2010-12-09 59392]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2012-02-11 206424]
R2 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-11-20 111856]
R2 s7oiehsx;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2007-08-28 208968]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-02-11 269912]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 uvnc_service;uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2014-12-10 1795864]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-09-09 475088]
R3 InterBaseServer;InterBase Server; C:\Program Files\Borland\InterBase\bin\ibserver.exe [2001-11-29 1769472]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CWsluzba;CWsluzba; C:\option\srvany.exe [2003-04-18 8192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 HW_VSP3s_Service;HW Virtual Serial Port (single); C:\Program Files\HW group\HW VSP3s\HW_VSP3s_srv.exe [2009-02-21 498968]
S2 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2007-03-22 163840]
S2 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S2 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2012-02-11 438360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-17 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2015-06-04 85096]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1030928]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-06 1044816]
S3 getPlusHelper;getPlus(R) Helper; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 102912]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [2015-12-02 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-11-20 259824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Apache2.2;Apache2.2; C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [2010-03-04 24645]
S4 Apache2;Apache2Triad Apache2 Service; C:\apache2triad\bin\httpd.exe [2011-01-09 17408]
S4 Apache2SSL;Apache2Triad Apache2 Service with SSL; C:\apache2triad\bin\httpd.exe [2011-01-09 17408]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2011-07-08 162816]
S4 MioNet;MioNet Service; C:\Program Files\MioNet\MioNetManager.exe [2006-06-03 139264]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 MySql;Apache2Triad MySql Service; C:\apache2triad\mysql\bin\mysqld.exe [2011-01-09 3960832]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [2011-08-27 49152]
S4 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [2011-08-27 69632]
S4 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [2011-08-27 115773440]
S4 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [2011-08-27 12800]
S4 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000]
S4 PgSql;Apache2Triad PostgreSQL Service; C:\apache2triad\pgsql\bin\pg_ctl.exe [2011-01-09 75207]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 01 čer 2016 18:06

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

zdenek.ob · #7 Příspěvek od **zdenek.ob** » 01 čer 2016 18:52

Logfile of random's system information tool 1.10 (written by random/random)
Run by Rebel at 2016-06-01 19:46:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (1%) free of 457 GB
Total RAM: 3067 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:49:07, on 1.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\notepad.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\Windows\system32\conhost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Rebel\Desktop\RSIT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Rebel.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.net/wpad.dat?c607f009ec7 ... 16d7773547
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [openvpn-gui] c:\Program Files\OpenVPN\bin\openvpn-gui.exe --connect NASVoj30.ovpn
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'MSSQLSERVER')
O4 - HKUS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'MSSQLSERVER')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: AdeonaClientService - Unknown owner - C:\Program Files\Adeona\cygrunsrv.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 10\cbVSCService.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Control Web IPC (CwIPCSvc) - Moravian Instruments® - C:\Program Files\Moravian Instruments\Shared\cwsvc.exe
O23 - Service: CWsluzba - Unknown owner - C:\option\srvany.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EMP_NSWLSV - SEIKO EPSON CORPORATION - C:\Program Files\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\Windows\system32\hasplms.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files\HP\HPBDSService\HPBDSService.exe
O23 - Service: HW Virtual Serial Port (single) (HW_VSP3s_Service) - Unknown owner - C:\Program Files\HW group\HW VSP3s\HW_VSP3s_srv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: MCT10 Service - Unknown owner - C:\Program Files\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: S7TraceServiceX - SIEMENS AG - C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9102 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 30971257-bd3e-4960-bf80-e87fb74f2d22.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:30971257-bd3e-4960-bf80-e87fb74f2d22
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 920b4633-bd53-41c4-83a2-031443d23efc.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:920b4633-bd53-41c4-83a2-031443d23efc
C:\Windows\tasks\Wise Care 365.job - C:\Program Files\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.4, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, firebug@software.joehewitt.com:1.6.0, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IPC/npmedia3.0.0.1,version=3.0.0.1]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.1\npmedia3.0.0.1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IPC/npmedia3.0.0.2,version=3.0.0.2]
"Description"=
"Path"=C:\Program Files\webrec\Torch\3.0.0.2\npmedia3.0.0.2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\extensions\
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{A95ECCE5-EF19-46bf-847B-3761F41FC4A5}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\searchplugins\
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2010-03-06 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-02-15 56712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"openvpn-gui"=c:\Program Files\OpenVPN\bin\openvpn-gui.exe [2013-08-22 398648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2016-03-01 6825888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011-09-09 523216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 4556048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GNE_SwapScreen]
C:\Ja\Instal\DualMonitor\SwapScreen.exe [2011-04-13 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files\PDF24\pdf24.exe [2014-11-28 193568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2015-04-10 455392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusAlerts]
C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe [2011-07-19 136760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.266\SSSCHE~1.EXE [2015-12-02 277920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk]
C:\Windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico [2014-03-24 29310]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Rebel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MIF5BA~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"EnableLUA"=0
"PromptOnSecureDesktop"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3fhg"=mp3fhg.acm
"vidc.DIVX"=DivX.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.iv50"=ir50_32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=DivX.dll
"VIDC.VP80"=vp8vfw.dll
"vidc.mjpg"=pvmjpg30.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-06-01 19:37:41 ----D---- C:\_OTM
2016-05-31 17:21:37 ----D---- C:\rsit
2016-05-31 17:21:37 ----D---- C:\Program Files\trend micro

======List of files/folders modified in the last 1 month======

2016-06-01 19:48:59 ----D---- C:\Windows\Temp
2016-06-01 19:47:20 ----D---- C:\Windows\System32
2016-06-01 19:47:20 ----D---- C:\Windows\inf
2016-06-01 19:47:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-01 19:46:08 ----D---- C:\Windows\Prefetch
2016-06-01 19:42:52 ----D---- C:\Windows\system32\LogFiles
2016-06-01 19:40:40 ----D---- C:\Windows
2016-05-31 19:54:39 ----D---- C:\Windows\system32\Tasks
2016-05-31 19:54:38 ----RD---- C:\Program Files
2016-05-31 19:54:37 ----HD---- C:\ProgramData
2016-05-31 19:54:37 ----D---- C:\AdwCleaner
2016-05-31 12:29:33 ----D---- C:\Windows\system32\config
2016-05-31 12:26:18 ----SHD---- C:\System Volume Information
2016-05-26 23:00:24 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hotcore3;hc3ServiceName; C:\Windows\system32\DRIVERS\hotcore3.sys [2009-03-24 40560]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2014-06-26 35064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2010-12-01 143248]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2010-12-01 41936]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2014-12-14 229208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2009-08-20 356864]
R2 Dpmtrcdd;Dpmtrcdd; C:\Windows\System32\DRIVERS\dpmtrcdd.sys [2003-10-16 30192]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [2012-08-24 17184]
R3 acsock;acsock; C:\Windows\system32\DRIVERS\acsock.sys [2011-09-09 87976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-06-02 25104]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2012-01-23 7523840]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 35288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-05 691696]
S2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2009-08-23 308859]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 evserial7;Virtual Serial Ports Driver 7 (Eltima Software); C:\Windows\System32\DRIVERS\evserial7.sys [2011-12-20 58632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-07-14 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 s7oefs_x;SIMATIC MPI/EFS Driver; C:\Windows\System32\drivers\s7oefs_x.sys [2002-10-18 30512]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2004-06-28 42752]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 usbser;GD-04K USB Interface; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2012-10-02 4608]
S3 VSBC7;Virtual Serial Bus Enumerator 7 (Eltima Software); C:\Windows\system32\DRIVERS\evsbc7.sys [2011-12-20 33032]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
S4 RsFx0200;RsFx0200 Driver; C:\Windows\system32\DRIVERS\RsFx0200.sys [2012-02-11 268888]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2014-07-23 142648]
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdeonaClientService;AdeonaClientService; C:\Program Files\Adeona\cygrunsrv.exe [2008-07-13 68096]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; C:\Program Files\Cobian Backup 10\cbVSCService.exe [2010-09-23 67584]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-08-23 1528624]
R2 CwIPCSvc;Control Web IPC; C:\Program Files\Moravian Instruments\Shared\cwsvc.exe [2004-01-29 57344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EMP_NSWLSV;EMP_NSWLSV; C:\Program Files\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [2010-12-15 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-11-20 539888]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2009-12-16 3750400]
R2 HP DS Service;HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [2010-10-27 13824]
R2 InterBaseGuardian;InterBase Guardian; C:\Program Files\Borland\InterBase\bin\ibguard.exe [2001-11-29 32768]
R2 MCT10 Service;MCT10 Service; C:\Program Files\Danfoss Drives\VLT Motion Control Tool\MCT 10 Set-up Software\MCTServ.exe [2010-12-09 59392]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2012-02-11 206424]
R2 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-11-20 111856]
R2 s7oiehsx;SIMATIC IEPG Help Service; C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe [2007-08-28 208968]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2012-02-11 269912]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
R2 uvnc_service;uvnc_service; C:\Program Files\uvnc bvba\UltraVNC\WinVNC.exe [2014-12-10 1795864]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-09-09 475088]
R3 InterBaseServer;InterBase Server; C:\Program Files\Borland\InterBase\bin\ibserver.exe [2001-11-29 1769472]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CWsluzba;CWsluzba; C:\option\srvany.exe [2003-04-18 8192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 HW_VSP3s_Service;HW Virtual Serial Port (single); C:\Program Files\HW group\HW VSP3s\HW_VSP3s_srv.exe [2009-02-21 498968]
S2 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 S7TraceServiceX;S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceServiceX.exe [2007-03-22 163840]
S2 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S2 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); c:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2012-02-11 438360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-17 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2015-06-04 85096]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1030928]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-06 1044816]
S3 getPlusHelper;getPlus(R) Helper; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 102912]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [2015-12-02 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-11-20 259824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Apache2.2;Apache2.2; C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe [2010-03-04 24645]
S4 Apache2;Apache2Triad Apache2 Service; C:\apache2triad\bin\httpd.exe [2011-01-09 17408]
S4 Apache2SSL;Apache2Triad Apache2 Service with SSL; C:\apache2triad\bin\httpd.exe [2011-01-09 17408]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2011-07-08 162816]
S4 MioNet;MioNet Service; C:\Program Files\MioNet\MioNetManager.exe [2006-06-03 139264]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 MySql;Apache2Triad MySql Service; C:\apache2triad\mysql\bin\mysqld.exe [2011-01-09 3960832]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [2011-08-27 49152]
S4 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [2011-08-27 69632]
S4 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [2011-08-27 115773440]
S4 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [2011-08-27 12800]
S4 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [2011-08-27 512000]
S4 PgSql;Apache2Triad PostgreSQL Service; C:\apache2triad\pgsql\bin\pg_ctl.exe [2011-01-09 75207]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 01 čer 2016 19:41

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?

zdenek.ob · #9 Příspěvek od **zdenek.ob** » 01 čer 2016 22:46

Dost se to zlepšilo prohlížeč pracuje rychleji, ale stejně mě to párkrát přesměrovalo na nechtěnou stránku.

#10 Příspěvek od **Rudy** » 02 čer 2016 17:21

Udělejte ještě tyto skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

zdenek.ob · #11 Příspěvek od **zdenek.ob** » 02 čer 2016 22:43

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Rebel on źt 02.06.2016 at 23:06:39,51.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rebel\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2.6.2016 23:08:12 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Eusing Free Registry Cleaner deleted successfully
C:\Program Files\Fotolab deleted successfully
C:\Program Files\PokerStars deleted successfully
C:\Program Files\Sony Ericsson deleted successfully
C:\Program Files\Wondershare deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\PROGRA~2\AWEM deleted successfully
C:\PROGRA~2\ProductData deleted successfully
C:\PROGRA~2\Shared Space deleted successfully
C:\PROGRA~2\Sony Ericsson deleted successfully
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Rebel\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Rebel\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Rebel\AppData\Roaming\Nico Mak Computing deleted successfully
C:\Users\Rebel\AppData\Roaming\UltraVNC deleted successfully
C:\Users\Rebel\AppData\Local\PokerStars deleted successfully
C:\Users\Rebel\AppData\Local\Safe mirror deleted successfully
C:\Users\Rebel\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Rebel\AppData\Roaming\TomTom\HOME\Profiles\o87etj8z.default\prefs.js:

Added to C:\Users\Rebel\AppData\Roaming\TomTom\HOME\Profiles\o87etj8z.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default

---- Lines extensions.D8ejSlaPJYylsrWA removed from prefs.js ----
user_pref("extensions.D8ejSlaPJYylsrWA.epoch", "1438668999");
user_pref("extensions.D8ejSlaPJYylsrWA.url", "http://levelbitcat.org/sync2/?q=hfZ9oel ... C9qGhIC7n0
---- Lines extensions.EV4kPUuMX9nV83Qb removed from prefs.js ----
user_pref("extensions.EV4kPUuMX9nV83Qb.epoch", "1424073882");
user_pref("extensions.EV4kPUuMX9nV83Qb.url", "http://gethexnow.com/sync2/?q=hfZ9ofV9C ... C7n0rjkErT
---- Lines extensions.bzyZAToQSPiLJ5oI removed from prefs.js ----
user_pref("extensions.bzyZAToQSPiLJ5oI.epoch", "1424073883");
user_pref("extensions.bzyZAToQSPiLJ5oI.url", "http://fasten-tech.com/sync2/?q=hfZ9oe4 ... aGrdaMBzqU
---- Lines extensions.wS1tbcubZCbK9jyQ removed from prefs.js ----
user_pref("extensions.wS1tbcubZCbK9jyQ.epoch", "1438668998");
user_pref("extensions.wS1tbcubZCbK9jyQ.url", "http://transferbookmy.info/sync2/?q=hfZ ... YFqihIC7n0
---- FireFox user.js and prefs.js backups ----

user_02.06.2016_2328_.backup
prefs_02.06.2016_2328_.backup

ProfilePath: C:\Users\Rebel\AppData\Roaming\TomTom\HOME\Profiles\o87etj8z.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_02.06.2016_2328_.backup

==== Deleting Files \ Folders ======================

C:\Program Files\Eusing Free Registry Cleaner not found
C:\Program Files\Fotolab not found
C:\Program Files\PokerStars not found
C:\Users\Rebel\AppData\Local\PokerStars not found
C:\Program Files\Sony Ericsson not found
C:\Program Files\Wondershare not found
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~2\HPs deleted
C:\PROGRA~2\HP deleted
C:\Program Files\Tv For Chrome deleted
C:\Program Files\webplugin.exe deleted
C:\Program Files\Oracle BPA Suite11g deleted
C:\Program Files\Sweet Home 3D deleted
C:\Users\Rebel\.android deleted
C:\Program Files\DELTALOGIC deleted
C:\bsm_chrome.exe deleted
C:\cmdinstall.exe deleted
C:\Users\Rebel\AppData\Roaming\REBEL-PC.MTBF.txt deleted
C:\PROGRA~2\UAB deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Rebel\AppData\Local\{01A9A77D-6AAA-4910-89DD-AA1CF94D5618} deleted
C:\Users\Rebel\AppData\Local\TempDIR deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Users\Public\Documents\AlawarWrapper deleted
C:\Users\Rebel\AppData\Roaming\PV2006.exe deleted
"C:\Windows\Installer\325036e.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Rebel\AppData\Roaming\TomTom\HOME\Profiles\o87etj8z.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default
- HTTP - %ProfilePath%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
- Installer Management - %ProfilePath%\extensions\{A95ECCE5-EF19-46bf-847B-3761F41FC4A5}
- Adobe DLM powered by getPlusR - %ProfilePath%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Rebel\AppData\Roaming\TomTom\HOME\Profiles\o87etj8z.default
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default
E50A1DB5DE70D656287511297B42F9F2 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
9E4F520270BF7301CC24E8FA67791C22 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
1153F58FACBC9731AF6CDF313F76DF29 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
BADFB0DCCD9B7E9F2F6EB7954D24EED1 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
EEEB86077BB4682B3FCFEDA5AED3E396 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
21FF3F07336CE4F8DF6AF1746BC26AAB - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E0BCE90537E4A41AF36D5BDD5963A09D - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
43CEBDFA8B91BEB5FEBD4F9E6768AEF2 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
398334B85CBD2CEED553CC5C160B0D8D - C:\Program Files\Software602\602XML\Filler\npfiller.dll - Software602 Form Filler
073A22FDCDAFD513DAD0D972BD2DF76E - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll - Silverlight Plug-In
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
C617E32F8BA7EAF1245290CE70FA3568 - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll - Java(TM) Platform SE 7
8830A12FA2B2F7B9B1D7B04B56E7469F - C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.0.147
F777940695E6526D6F788B96D8296848 - C:\Program Files\webrec\Torch\3.0.0.2\npmedia3.0.0.2.dll - MMX
6241145FEA2C870C9D9D15A2D28E6119 - C:\Program Files\webrec\Torch\3.0.0.1\npmedia3.0.0.1.dll - ???
0F445B821549F9FF471BBA56C69953D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
6827CA29D7AD3595660271F3F05C79B5 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Web Player
855B79451ECF62602F20EB4D5C71F99B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
FD82108FD60B63010325D9AF6F00AF99 - C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash
3E31FF7F2EA6E7BB507605C2B9081FA3 - C:\Program Files\Virtools\3D Life Player\npvirtools.dll - 3DVIA player
6D23BB87BCF88731959BF79082D442E6 - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrlui.dll - Microsoft® Silverlight

==== Chromium Look ======================

Brushed - Rebel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg
AdBlock - Rebel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://www.google.com"
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Rebel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\788b5c46ee5b8b2458698709a5b6f5f1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9416A209-B8AD-4FE5-A893-3BDA6E9BDEC5} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{64c5b887-b5ee-42b8-8596-78905a6b5f1f} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3DA245C5-23B1-4874-BFA7-287B7D6C1EF6} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\902A6149DA8B5EF48A39B3ADE6B9ED5C deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\788b5c46ee5b8b2458698709a5b6f5f1 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\5C542AD31B324784FB7A82B7D7C6E16F deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully

==== Empty IE Cache ======================

C:\Users\Rebel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Rebel\AppData\Local\Mozilla\Firefox\Profiles\tbg316ce.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Rebel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6503 folders=749 1472842121 bytes)

==== Empty Temp Folders ======================

C:\Users\apache2triad\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MSSQLSERVER\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Rebel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Rebel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 02.06.2016 at 23:39:20,76 ======================

zdenek.ob · #12 Příspěvek od **zdenek.ob** » 02 čer 2016 22:49

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x86
Ran by Rebel (Administrator) on źt 02.06.2016 at 23:43:10,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 5

Successfully deleted: C:\Users\Rebel\AppData\Roaming\Mozilla\Firefox\Profiles\tbg316ce.default\user.js (File)
Successfully deleted: C:\Windows\System32\Tasks\Wise Care 365 (Task)
Successfully deleted: C:\Windows\System32\Tasks\Wise Turbo Checker (Task)
Successfully deleted: C:\Windows\Tasks\Wise Care 365.job (Task)
Successfully deleted: C:\Windows\Tasks\Wise Turbo Checker.job (Task)

Registry: 1

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 02.06.2016 at 23:46:49,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#13 Příspěvek od **Rudy** » 03 čer 2016 17:51

OK. Jak to vypadá nyní?

zdenek.ob · #14 Příspěvek od **zdenek.ob** » 04 čer 2016 21:32

Připadá mi že teď to moc velký vliv nemělo. stále se mi otevírají nechtěná okna ve Firefoxu.

#15 Příspěvek od **Rudy** » 04 čer 2016 21:40

Zkuste ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

VIRY.CZ

Nechtěné otevírání oken v prohlížeči kontrola logu

Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu

Re: Nechtěné otevírání oken v prohlížeči kontrola logu