VIRY.CZ

Posílám log z USBFix:

UsbFix V 7.134 | [Deletion]

User: Milan (Administrator) # MILAN-PC
Updated 06/09/2013 by El Desaparecido
Started at 00:49:59 | 19/07/2014

Website: http://www.sosvirus.net/
Upload Malware: http://www.sosvirus.net/upload_malware.php
Contact: eldesaparecido@sosvirus.net

PC: MICRO-STAR INTERNATIONAL CO., LTD (MS-7125) (X86-based PC)
CPU: AMD Athlon(tm) 64 Processor 3000+ (1808)
RAM -> [Total : 2048 | Free : 1058]
BIOS: Phoenix - AwardBIOS v6.00PG
BOOT: Normal boot

OS: Microsoft Windows 7 Professional (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 11.0.9600.17207

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: ESET Smart Security 7.0 [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

A:\ -> Removable drive # 1 Mb (1 Mb free - 84%) [] # FAT
C:\ (%systemdrive%) -> Fixed drive # 75 Gb (11 Mb free - 14%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 596 Gb (62 Mb free - 10%) [Sklad-640GB] # NTFS
F:\ -> Fixed drive # 149 Gb (9 Mb free - 6%) [Místní disk-160GB] # NTFS
G:\ -> Fixed drive # 298 Gb (6 Mb free - 2%) [Místní disk-320GB] # NTFS
H:\ -> Removable drive # 4 Gb (4 Mb free - 100%) [] # FAT32
I:\ -> Fixed drive # 931 Gb (2 Mb free - 0%) [My Passport] # NTFS
J:\ -> Removable drive # 7 Gb (7 Mb free - 100%) [USB DISK] # FAT32
K:\ -> Removable drive # 4 Gb (1 Mb free - 33%) [KINGSTON] # FAT32

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [CTxfiHlp] - CTXFIHLP.EXE
HKLM\SOFTWARE | Run : [NVRaidService] - C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
HKLM\SOFTWARE | Run : [SoundMan] - SOUNDMAN.EXE
HKLM\SOFTWARE | Run : [PAC7302_Monitor] - C:\Windows\PixArt\PAC7302\Monitor.exe
HKLM\SOFTWARE | Run : [StartCCC] - "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM\SOFTWARE | Run : [GrooveMonitor] - "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKLM\SOFTWARE | Run : [LifeCam] - "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [egui] - "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
HKLM\SOFTWARE | Run : [Logitech Utility] - Logi_MwX.Exe
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-2536137262-3142679929-2204209605-1000\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-2536137262-3142679929-2204209605-1000\SOFTWARE | Run : [Clock Widget (HTC Home)] - "C:\Program Files\HTC Home\Clock.exe"
HKU\S-1-5-21-2536137262-3142679929-2204209605-1000\SOFTWARE | Run : [IDMan] - C:\Program Files\Internet Download Manager\IDMan.exe /onboot
HKU\S-1-5-18\SOFTWARE | Run : [GarminExpressTrayApp] - "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe

################## | Stopped processes |

Stopped! C:\Program Files\ESET\ESET Smart Security\ekrn.exe (1888)
Stopped! C:\Program Files\ESET\ESET Smart Security\egui.exe (3772)
Stopped! C:\Windows\System32\WUDFHost.exe (692)
Stopped! C:\Windows\System32\rundll32.exe (4160)
Stopped! C:\Windows\system32\SearchIndexer.exe (2640)
Stopped! C:\Windows\System32\spoolsv.exe (1928)
Stopped! C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2076)
Stopped! C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (5440)
Stopped! C:\Windows\system32\DllHost.exe (3492)
Stopped! c:\program files\windows defender\MpCmdRun.exe (1848)
Stopped! C:\Windows\system32\SearchProtocolHost.exe (2280)
Stopped! C:\Windows\system32\SearchFilterHost.exe (3904)

################## | Files # Infected Folders |

Deleted ! A:\autoactivation.vbs
Deleted ! H:\autoactivation.vbs

(!) Temporary files deleted.

################## | Registry |

################## | Mountpoints2 |

################## | Listing |

[12/10/2013 - 03:15:50 | N | 141824] A:\wscript.exe
[08/05/2014 - 08:36:50 | N | 4630] A:\KROJZL_MILAN_ING.p12
[07/07/2012 - 15:35:30 | D ] A:\stare certifikaty
[30/07/2013 - 18:27:04 | SHD ] C:\$Recycle.Bin
[01/09/2013 - 13:58:19 | D ] C:\Autodesk
[10/06/2009 - 23:42:20 | N | 24] C:\autoexec.bat
[19/07/2014 - 00:26:40 | RASHD ] C:\Autorun.inf
[30/06/2014 - 21:02:57 | SHD ] C:\Boot
[20/11/2010 - 14:40:07 | RASH | 383786] C:\bootmgr
[30/07/2013 - 19:08:11 | N | 8192] C:\BOOTSECT.BAK
[05/02/2014 - 21:40:53 | D ] C:\Brother's Keeper 6
[17/12/1993 - 01:11:10 | N | 94720] C:\CARDFILE.EXE
[10/06/2009 - 23:42:20 | N | 10] C:\config.sys
[14/07/2009 - 06:53:55 | SHD ] C:\Documents and Settings
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] C:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] C:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] C:\eula.3082.txt
[18/07/2014 - 22:29:34 | D ] C:\FRST
[11/08/2013 - 00:02:35 | D ] C:\Garmin
[07/11/2007 - 08:00:40 | N | 1110] C:\globdata.ini
[18/07/2014 - 22:28:32 | ASH | 1610260480] C:\hiberfil.sys
[17/08/2013 - 08:23:54 | D ] C:\Install
[07/11/2007 - 08:03:18 | N | 562688] C:\install.exe
[07/11/2007 - 08:00:40 | N | 843] C:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] C:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] C:\install.res.3082.dll
[07/08/2013 - 23:08:04 | N | 0] C:\IO.SYS
[15/03/2014 - 01:29:14 | N | 415] C:\LOGFILE.TXT
[07/08/2013 - 23:08:04 | N | 0] C:\MSDOS.SYS
[10/08/2013 - 16:44:37 | RHD ] C:\MSOCache
[30/07/2013 - 18:24:46 | N | 374434] C:\NTHFV
[18/07/2014 - 22:28:34 | ASH | 2147016704] C:\pagefile.sys
[14/07/2009 - 04:37:05 | D ] C:\PerfLogs
[18/07/2014 - 22:24:20 | D ] C:\Program Files
[18/07/2014 - 22:13:21 | HD ] C:\ProgramData
[30/07/2013 - 18:24:44 | SHD ] C:\Recovery
[18/07/2014 - 21:53:56 | SHD ] C:\System Volume Information
[19/07/2014 - 00:52:05 | D ] C:\UsbFix
[19/07/2014 - 00:26:41 | N | 16315] C:\UsbFix [Clean 1] MILAN-PC.txt
[19/07/2014 - 00:52:31 | A | 7110] C:\UsbFix [Clean 2] MILAN-PC.txt
[30/07/2013 - 18:26:51 | D ] C:\Users
[07/11/2007 - 08:00:40 | N | 5686] C:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] C:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] C:\VC_RED.MSI
[18/07/2014 - 19:28:37 | D ] C:\Windows
[30/07/2013 - 18:24:46 | N | 20] C:\winx.ld
[01/09/2013 - 20:37:50 | D ] C:\_Záloha
[17/07/2014 - 17:39:27 | SHDC ] E:\$RECYCLE.BIN
[19/07/2014 - 00:26:40 | RASHDC ] E:\Autorun.inf
[18/05/2014 - 21:46:27 | DC ] E:\Filmy
[14/07/2014 - 16:55:09 | DC ] E:\Filmy_duchovní
[11/05/2014 - 23:16:57 | DC ] E:\Milan
[16/01/2010 - 12:56:07 | SHD ] E:\System Volume Information
[25/03/2013 - 07:08:03 | DC ] E:\Vesmír
[02/04/2014 - 14:23:16 | SHD ] F:\$RECYCLE.BIN
[20/06/2012 - 18:29:20 | N | 0] F:\AUTOEXEC.BAT
[19/07/2014 - 00:26:40 | RASHD ] F:\Autorun.inf
[29/07/2013 - 18:55:23 | N | 238] F:\boot.ini
[24/03/2013 - 20:56:45 | N | 211] F:\boot.iniiiiii
[02/08/2007 - 14:00:00 | N | 4952] F:\Bootfont.bin
[27/10/2012 - 21:11:19 | D ] F:\Brother's Keeper 6
[17/12/1993 - 03:11:10 | N | 94720] F:\CARDFILE.EXE
[20/07/2013 - 23:18:06 | D ] F:\Config.Msi
[20/06/2012 - 18:29:20 | N | 0] F:\CONFIG.SYS
[10/08/2013 - 16:32:16 | D ] F:\Documents and Settings
[05/01/2014 - 14:13:29 | D ] F:\Dokumenty
[03/11/2013 - 00:16:24 | D ] F:\Downloads
[13/09/2012 - 22:15:25 | N | 190] F:\drwtsn32.log
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.1028.txt
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.1031.txt
[07/11/2007 - 08:00:40 | N | 10134] F:\eula.1033.txt
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.1036.txt
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.1040.txt
[07/11/2007 - 08:00:40 | N | 118] F:\eula.1041.txt
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.1042.txt
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.2052.txt
[07/11/2007 - 08:00:40 | N | 17734] F:\eula.3082.txt
[29/12/2012 - 11:22:29 | D ] F:\found.000
[10/07/2014 - 22:37:06 | D ] F:\Garmin
[07/11/2007 - 08:00:40 | N | 1110] F:\globdata.ini
[07/11/2007 - 08:03:18 | N | 562688] F:\install.exe
[07/11/2007 - 08:00:40 | N | 843] F:\install.ini
[07/11/2007 - 08:03:18 | N | 76304] F:\install.res.1028.dll
[07/11/2007 - 08:03:18 | N | 96272] F:\install.res.1031.dll
[07/11/2007 - 08:03:18 | N | 91152] F:\install.res.1033.dll
[07/11/2007 - 08:03:18 | N | 97296] F:\install.res.1036.dll
[07/11/2007 - 08:03:18 | N | 95248] F:\install.res.1040.dll
[07/11/2007 - 08:03:18 | N | 81424] F:\install.res.1041.dll
[07/11/2007 - 08:03:18 | N | 79888] F:\install.res.1042.dll
[07/11/2007 - 08:03:18 | N | 75792] F:\install.res.2052.dll
[07/11/2007 - 08:03:18 | N | 96272] F:\install.res.3082.dll
[20/06/2012 - 18:29:20 | N | 0] F:\IO.SYS
[17/10/2012 - 20:25:07 | N | 0] F:\KbList.txt
[28/11/2012 - 22:16:57 | N | 3145] F:\LOGFILE.TXT
[20/06/2012 - 18:29:20 | N | 0] F:\MSDOS.SYS
[25/06/2012 - 22:12:23 | RHD ] F:\MSOCache
[13/04/2008 - 22:13:04 | N | 47564] F:\NTDETECT.COM
[14/04/2008 - 00:01:48 | N | 250576] F:\ntldr
[19/06/2013 - 20:34:02 | N | 57632] F:\PA7302.DAT
[29/07/2013 - 20:41:51 | N | 120586240] F:\PAGEFILE.SYS
[30/12/2013 - 22:35:46 | D ] F:\Program Files
[24/06/2012 - 22:26:40 | SHD ] F:\RECYCLER
[06/08/2012 - 12:39:32 | N | 85882] F:\SROUBY.CRD
[02/11/2013 - 21:46:28 | D ] F:\Sygic
[20/06/2012 - 18:34:43 | SHD ] F:\System Volume Information
[08/12/2012 - 09:02:23 | N | 50] F:\user.js
[07/11/2007 - 08:00:40 | N | 5686] F:\vcredist.bmp
[07/11/2007 - 08:09:22 | N | 1442522] F:\VC_RED.cab
[07/11/2007 - 08:12:28 | N | 232960] F:\VC_RED.MSI
[12/01/2013 - 21:24:37 | DC ] G:\!Dokumenty
[04/05/2014 - 00:00:09 | SHDC ] G:\$RECYCLE.BIN
[05/02/2012 - 17:48:50 | DC ] G:\4583ecfc210a97d9b15eccf78864
[14/05/2014 - 21:37:24 | DC ] G:\aaa
[21/06/2012 - 03:04:48 | DC ] G:\Any Converters
[17/05/2014 - 18:56:36 | DC ] G:\Arakain
[18/07/2014 - 19:21:24 | DC ] G:\Autodesk
[19/07/2014 - 00:26:40 | RASHDC ] G:\Autorun.inf
[17/05/2014 - 18:59:31 | DC ] G:\Boogie-Woogie
[20/02/2012 - 23:12:35 | DC ] G:\Brother's Keeper 6
[12/01/2013 - 21:15:50 | DC ] G:\Bývalé disky_C
[31/12/2013 - 15:21:18 | DC ] G:\Chata Kameňák
[31/12/2013 - 13:17:02 | DC ] G:\Cigánski diabli
[31/12/2013 - 14:01:22 | DC ] G:\Cikáni-jdou-do-nebe
[31/12/2013 - 13:28:56 | DC ] G:\Cimbálová muzika Moravia
[14/05/2014 - 21:36:02 | DC ] G:\Dokumenty
[18/07/2014 - 19:22:30 | DC ] G:\Downloads
[31/12/2013 - 14:00:12 | DC ] G:\FaLun_KungFu
[11/05/2014 - 21:53:52 | DC ] G:\Filmy
[12/01/2014 - 01:25:23 | DC ] G:\Install
[09/07/2014 - 16:00:09 | DC ] G:\Kontrabas
[14/05/2014 - 21:45:55 | DC ] G:\Letadla
[11/05/2014 - 23:18:43 | DC ] G:\Milan
[31/12/2013 - 15:26:52 | DC ] G:\Náramek
[14/05/2014 - 21:39:14 | DC ] G:\Náramek-Hanka
[08/08/2013 - 21:29:19 | DC ] G:\PCTeacher
[17/03/2014 - 18:55:51 | DC ] G:\PCTranslator
[13/01/2014 - 22:43:30 | DC ] G:\Pole
[17/02/2013 - 17:31:56 | RDC ] G:\Program Files-Smazat!!!!!!
[21/06/2012 - 00:55:32 | DC ] G:\Průkazové foto
[24/06/2012 - 22:47:35 | SHDC ] G:\RECYCLER
[14/05/2014 - 21:39:14 | DC ] G:\Sbor
[04/02/2012 - 18:22:47 | SHD ] G:\System Volume Information
[14/02/2014 - 17:54:00 | DC ] G:\The Universe
[31/12/2013 - 13:21:43 | DC ] G:\Tragacnice---generálka-výběr_2
[31/12/2013 - 01:20:16 | DC ] G:\Translat
[21/04/2013 - 15:37:11 | DC ] G:\Vaření - Tim Ferriss
[25/02/2012 - 16:16:39 | DC ] G:\WinFast WorkArea
[11/05/2014 - 22:19:48 | DC ] G:\Záloha
[29/01/2013 - 23:36:20 | DC ] G:\česká-škola-lyžování---běžky
[07/07/2012 - 15:35:30 | D ] H:\stare certifikaty
[08/05/2014 - 08:36:50 | N | 4630] H:\KROJZL_MILAN_ING.p12
[16/07/2014 - 10:22:57 | SHD ] I:\$RECYCLE.BIN
[04/05/2014 - 17:02:23 | D ] I:\1. Fotky - pořádek
[04/05/2014 - 17:01:40 | D ] I:\2. Hanka
[08/05/2014 - 23:12:04 | D ] I:\3. Milan
[04/05/2014 - 16:51:37 | D ] I:\4. Společné
[19/07/2014 - 00:26:41 | RASHD ] I:\Autorun.inf
[08/07/2014 - 07:20:51 | D ] I:\MAA
[07/07/2014 - 13:54:15 | D ] I:\Prezentace
[04/05/2014 - 16:38:30 | SHD ] I:\RECYCLER
[08/07/2014 - 11:40:23 | SHD ] I:\System Volume Information
[10/03/2011 - 00:43:50 | N | 3290480] I:\WD Quick Formatter.exe
[10/03/2011 - 00:43:44 | N | 4246384] I:\WD SmartWare.exe
[19/07/2014 - 00:26:42 | RASHD ] J:\Autorun.inf
[05/09/2013 - 20:40:12 | D ] K:\Videokurz Revoluční cvičení 6ti minutovka
[09/10/2013 - 12:27:52 | D ] K:\Kontrabas-old
[10/10/2013 - 16:59:04 | N | 18231] K:\Přehled - banky k 10.10.2013.xlsx
[24/10/2013 - 05:57:58 | D ] K:\Kontrabas
[29/06/2014 - 11:17:42 | D ] K:\50 Acoustic Blues licks you must know
[19/07/2014 - 00:26:42 | RASHD ] K:\Autorun.inf

################## | Vaccin |

A:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
K:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net |

Fajn, jak se chova PC nyni???

Na první pohled dobře. Zmizelo rozšíření z Google chrom ale viry už neblikají. Z registrů zmizely odkazy na wscript (až na jeden), všechny disky jsem zkontroloval a soubory wscript.exe (např. v C:\Windows\System32 nebo z USB disků) jsem smazal ručně. Snad je to správně?

Ano, to byl dobry krok

Dejte tedy novy log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786 a mrknem, ci je vse OK

Omlouvám se za zdržení ale kontroloval jsem konfiguraci, integraci rozšíření do prohlížečů atd. Zdá se, že vše je OK.
Log: (Hijack This opět nedokončil scan - posuvník nedojel na konec ale log je snadi celý)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2014-07-19 10:36:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 2048 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:37:02, on 19.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
C:\Windows\SOUNDMAN.EXE
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HTC Home\Clock.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Milan\Downloads\Programs\RSIT_2.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - (no file)
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Clock Widget (HTC Home)] "C:\Program Files\HTC Home\Clock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 9742 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2014-07-10 417816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2007-04-09 19968]
"NVRaidService"=C:\Program Files\NVIDIA Corporation\Raid\nvraidservice.exe [2010-04-09 163944]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-12-13 135536]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-03 43816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]
"Logitech Utility"=C:\Windows\Logi_MwX.Exe [2003-12-11 20992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Clock Widget (HTC Home)"=C:\Program Files\HTC Home\Clock.exe [2011-11-28 2036736]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2014-07-10 3858000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2013-08-04 2532352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
C:\Program Files\Internet Download Manager\IDMan.exe [2014-07-10 3858000]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open -
.vbs - open -

======List of files/folders created in the last 1 month======

2014-07-19 10:36:53 ----D---- C:\Program Files\trend micro
2014-07-19 10:36:52 ----D---- C:\rsit
2014-07-19 09:59:26 ----D---- C:\Users\Milan\AppData\Roaming\IDM
2014-07-19 09:59:08 ----D---- C:\Program Files\Internet Download Manager
2014-07-19 01:25:51 ----SHD---- C:\Config.Msi
2014-07-19 00:52:33 ----RASHD---- C:\Autorun.inf
2014-07-19 00:49:59 ----A---- C:\UsbFix [Clean 2] MILAN-PC.txt
2014-07-19 00:18:02 ----N---- C:\UsbFix [Clean 1] MILAN-PC.txt
2014-07-19 00:16:55 ----D---- C:\UsbFix
2014-07-18 19:28:23 ----D---- C:\FRST
2014-07-17 20:23:47 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-17 20:22:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-07-17 20:22:37 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-17 20:22:37 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-07-17 20:22:36 ----D---- C:\ProgramData\Malwarebytes
2014-07-17 20:22:36 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-07-14 20:47:17 ----D---- C:\Program Files\WinRAR
2014-07-13 22:21:18 ----D---- C:\Program Files\DjMixerProfessional
2014-07-13 13:35:33 ----D---- C:\Users\Milan\AppData\Roaming\SynthMaker
2014-07-13 13:35:25 ----D---- C:\Users\Milan\AppData\Roaming\Acoustica
2014-07-13 13:30:30 ----D---- C:\Program Files\VST
2014-07-13 13:29:40 ----D---- C:\ProgramData\Acoustica
2014-07-13 13:29:38 ----D---- C:\Program Files\Acoustica Mixcraft 6
2014-07-12 20:20:43 ----D---- C:\Program Files\iPod
2014-07-12 20:20:40 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-12 20:20:40 ----D---- C:\Program Files\iTunes
2014-07-10 16:51:05 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2014-07-09 06:14:11 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 06:14:10 ----A---- C:\Windows\system32\osk.exe
2014-07-09 06:13:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 06:13:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 06:13:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 06:13:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 06:13:56 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 06:13:55 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 06:13:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 06:13:55 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 06:13:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 06:13:54 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 06:13:54 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 06:13:54 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 06:13:52 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 06:13:52 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 06:13:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 06:13:51 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 06:13:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 06:13:49 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 06:13:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 06:13:48 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 06:13:46 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 06:13:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 06:13:44 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 06:13:44 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 06:13:42 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 06:13:42 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 06:13:40 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 06:13:36 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 06:12:07 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 06:11:59 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 06:11:30 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 06:11:30 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 06:11:30 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 06:11:30 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 06:11:30 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 06:11:30 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 06:11:29 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 06:10:52 ----A---- C:\Windows\system32\aepdu.dll
2014-07-09 06:10:50 ----A---- C:\Windows\system32\aeinv.dll
2014-07-09 06:10:12 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-05 10:49:43 ----D---- C:\Program Files\Common Files\Logitech
2014-07-05 10:49:42 ----A---- C:\Windows\system32\LMOUSE32.DLL
2014-07-05 10:49:42 ----A---- C:\Windows\system32\LMOUSE16.DLL
2014-07-05 10:49:42 ----A---- C:\Windows\system32\LGUICOM.DLL
2014-07-05 10:49:42 ----A---- C:\Windows\system32\COMNCTR.DLL
2014-07-05 10:49:38 ----N---- C:\Windows\system32\lmoufrc.dll
2014-07-05 10:49:38 ----N---- C:\Windows\system32\LCOINST.DLL
2014-07-05 10:49:38 ----N---- C:\Windows\system32\drivers\LCCFLTR.SYS
2014-07-05 10:49:38 ----N---- C:\Windows\system32\drivers\L8042PR2.SYS
2014-07-05 10:49:38 ----D---- C:\Program Files\Logitech
2014-07-05 10:49:38 ----A---- C:\Windows\system32\drivers\lmouflt2.sys
2014-07-05 10:49:38 ----A---- C:\Windows\system32\drivers\LHIDUSB.SYS
2014-07-05 10:49:38 ----A---- C:\Windows\system32\drivers\LHIDFLT2.SYS
2014-07-05 10:49:38 ----A---- C:\Windows\LOGI_MWX.EXE
2014-07-01 18:12:03 ----A---- C:\Windows\system32\FNTCACHE.DAT

======List of files/folders modified in the last 1 month======

2014-07-19 10:37:02 ----D---- C:\Windows\Prefetch
2014-07-19 10:36:56 ----D---- C:\Windows\Temp
2014-07-19 10:36:53 ----D---- C:\Program Files
2014-07-19 10:23:02 ----D---- C:\Windows\system32\config
2014-07-19 10:10:52 ----D---- C:\Users\Milan\AppData\Roaming\DMCache
2014-07-19 10:07:39 ----D---- C:\Users\Milan\AppData\Roaming\Dropbox
2014-07-19 10:07:28 ----D---- C:\Users\Milan\AppData\Roaming\DropboxMaster
2014-07-19 10:06:30 ----D---- C:\Program Files\HTC Home
2014-07-19 09:59:48 ----D---- C:\Windows\system32\drivers
2014-07-19 09:59:47 ----D---- C:\Windows\inf
2014-07-19 09:48:43 ----D---- C:\Windows
2014-07-19 01:56:40 ----D---- C:\Windows\system32\catroot
2014-07-19 01:50:42 ----SHD---- C:\Windows\Installer
2014-07-19 01:50:18 ----RSD---- C:\Windows\assembly
2014-07-19 01:50:17 ----D---- C:\ProgramData\Autodesk
2014-07-19 01:50:05 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-07-19 01:49:59 ----RSD---- C:\Windows\Fonts
2014-07-19 01:46:01 ----D---- C:\Program Files\Common Files
2014-07-19 01:30:05 ----SHD---- C:\System Volume Information
2014-07-19 01:20:20 ----D---- C:\Windows\system32\DriverStore
2014-07-19 01:20:16 ----D---- C:\Program Files\Common Files\Apple
2014-07-19 01:19:34 ----D---- C:\Windows\system32\catroot2
2014-07-19 01:08:38 ----D---- C:\Windows\System32
2014-07-19 01:01:07 ----D---- C:\Windows\system32\wdi
2014-07-18 23:17:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-18 22:28:26 ----D---- C:\Windows\Panther
2014-07-18 22:24:28 ----D---- C:\Windows\system32\drivers\etc
2014-07-18 22:24:21 ----D---- C:\Windows\Tasks
2014-07-18 22:24:21 ----D---- C:\Windows\system32\Tasks
2014-07-18 22:18:09 ----D---- C:\Users\Milan\AppData\Roaming\Skype
2014-07-18 22:13:21 ----HD---- C:\ProgramData
2014-07-18 19:21:20 ----D---- C:\Program Files\EarMaster School 5
2014-07-18 19:21:20 ----D---- C:\Program Files\EarMaster Pro 5
2014-07-14 16:47:18 ----D---- C:\Program Files\JDownloader
2014-07-13 13:08:33 ----D---- C:\Windows\debug
2014-07-09 19:23:48 ----D---- C:\Windows\rescache
2014-07-09 06:33:23 ----D---- C:\Windows\winsxs
2014-07-09 06:29:23 ----D---- C:\Windows\system32\en-US
2014-07-09 06:29:23 ----D---- C:\Program Files\Windows Journal
2014-07-09 06:29:22 ----D---- C:\Program Files\Internet Explorer
2014-07-09 06:29:21 ----D---- C:\Windows\system32\Dism
2014-07-09 06:29:21 ----D---- C:\Windows\ehome
2014-07-09 06:29:20 ----SD---- C:\Windows\system32\CompatTel
2014-07-09 06:29:20 ----D---- C:\Windows\system32\cs-CZ
2014-07-09 06:22:23 ----D---- C:\Windows\system32\MRT
2014-07-09 06:18:32 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 06:17:58 ----D---- C:\ProgramData\Microsoft Help
2014-07-08 21:15:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-07-06 21:29:21 ----D---- C:\Program Files\Google
2014-07-05 10:49:39 ----HD---- C:\Program Files\InstallShield Installation Information
2014-07-05 10:47:48 ----D---- C:\Program Files\Common Files\LogiShrd
2014-07-05 10:47:36 ----D---- C:\ProgramData\Logishrd
2014-06-30 21:02:57 ----SHD---- C:\Boot
2014-06-28 08:23:28 ----D---- C:\Program Files\CCleaner
2014-06-22 22:42:24 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 nvatabus;nvatabus; C:\Windows\system32\DRIVERS\nvatabus.sys [2004-12-07 87936]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Si3114r5;SiI-3114 SoftRaid 5 Controller; C:\Windows\system32\DRIVERS\Si3114r5.sys [2008-04-29 210472]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-04-29 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2008-04-29 12200]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-06-02 42784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2014-06-09 113680]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 4450816]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\Windows\system32\DRIVERS\LHidFlt2.Sys [2003-12-11 25630]
R3 LHidUsb;Logitech USB Receiver device driver; C:\Windows\System32\Drivers\LHidUsb.Sys [2003-12-11 37916]
R3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0; C:\Windows\system32\DRIVERS\libusb0.sys [2013-09-23 35776]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\Windows\System32\Drivers\LMouFlt2.sys [2003-12-11 70894]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-07-19 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-12-13 30576]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-19 10088]
S2 CX23880;WinFast CX2388x WDM Video Capture.; C:\Windows\system32\drivers\cx88vid.sys [2005-08-11 163584]
S2 CXTUNE;Conexant 2388x Tuner; C:\Windows\system32\drivers\CX88TUNE_IBV32.sys [2006-11-02 17664]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-18 98600]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 511272]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 520488]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-12 546048]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 14632]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-12 560384]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 157480]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-03-19 88832]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 92968]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
S3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 163112]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 L8042PR2;Logitech PS/2 Mouse Filter Driver; C:\Windows\System32\Drivers\l8042pr2.sys [2003-12-11 51582]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 43800]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-05-23 37528]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2013-05-23 28312]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\Windows\system32\DRIVERS\nvnetbus.sys [2004-11-24 12928]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 126760]
S3 PAC7302;Eye 312; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-03-19 184192]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 733184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-12-13 135536]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2014-01-28 1731896]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-06-09 435032]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-30 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08 262320]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-07-08 553288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-30 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

Spustte HJT a provedeme fixnuti polozek

HJT najdete zde C:\Program Files\trend micro\Milan.exe
Otevre se Vam okno, kliknete na Do a system scan only
V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - (no file)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - (no file)
Kliknete na Fix checked (vlevo dole)
HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Nejsem si jistý, zda jsou všechny řádky "fixnuty": (chybové hlášení(
Please help us improve HijackThis by reporting this error

Click 'Yes' to submit

Error Details:

An unexpected error has occurred at procedure: modBackup_MakeBackup(sItem=O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file))
Error #5 - Invalid procedure call or argument

Windows version: Windows NT 6.01.3505
MSIE version: 9.11.9600.17207
HijackThis version: 2.0.4

zkusit znovu Hijack This?

Ty radky jsou jen zbytecnosti, nejsou zcela nezbytne nutne je opravit

Chybové hlášení nelze vypnout a vždy odkáže na stránku:

http://free.antivirus.com/us/?function% ... D2%2E0%2E4

Ani kdyz neni HJT spusten, tak to stale vyskakuje??

Jinak pokud HJT zlobi, tak to preskocte a nechte byt

Už jsem to vypnul. Spustil jsem HJT znovu ale téměř všechny (13 z 16) fixed řádky tam zůstaly.
Mám ale pocit, že PC je již OK. Co si o tom myslíte?
Mám zkusit ještě nějaký log?

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}]

Soubor ulozte jako oprava.reg
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem oprava.reg
Pripadny dotaz na zmenu registru potvrdte
Okno jen problikne a opravi regsitry - soubor muzete smazat

Restart PC a melo by to byt OK

Zdá se, že vše funguje perfektně. Pokud je to vše, tak Vám moc děkuji. Mám dobrý pocit z Vaší práce.

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK

Re: LNK/Agent.AK