Delší start ntb, prosím o kontrolu

[rakato11]

Dobrý den, prodloužil se mi start ntb, poprosil bych o kontrolu logu z RSIT který přikládám, děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Otakar Vavrečka at 2014-09-18 10:38:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (15%) free of 158 GB
Total RAM: 3066 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:39:04, on 18.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\MSTMON_N.EXE
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Otakar Vavrečka\Desktop\RSIT.exe
C:\Program Files\trend micro\Otakar Vavrečka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\Windows\system32\MSTMON_N.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\Windows\TEMP\E_S1D31.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Viber] "C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR-Sound_Organizer - Sony Corporation - C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe

--
End of file - 7374 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe#
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6a811f49157b.job - C:\Program Files\Google\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8b84abba174e.job - C:\Program Files\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cf497f52fda691.job - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA1cf6b48d8ac1e7d.job - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#

=========Mozilla firefox=========

ProfilePath - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\extensions\
{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"MP3 Skype Recorder"=C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [2011-11-17 1975296]
"EPSON Stylus SX200 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"Viber"=C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe [2014-09-02 936656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent\uTorrent.exe [2014-01-24 905296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files\Canon\ImageBrowser EX\MFManager.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-15 17:58:14 ----D---- C:\Program Files\Common Files\Skype
2014-09-15 17:27:15 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ViberPC
2014-09-15 10:59:08 ----A---- C:\Windows\system32\%InstallDir%speclean.exe
2014-09-13 13:51:46 ----D---- C:\Program Files\Mozilla Firefox
2014-09-13 13:29:10 ----D---- C:\rsit
2014-09-13 13:29:10 ----D---- C:\Program Files\trend micro
2014-09-10 10:33:38 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 10:33:37 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 10:33:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 10:33:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 10:33:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 10:33:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 10:33:33 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 10:33:33 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 10:33:31 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 10:33:30 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 10:33:30 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 10:33:30 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 10:33:28 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 10:33:28 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 10:15:45 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 10:15:45 ----A---- C:\Windows\system32\kerberos.dll
2014-08-30 15:15:12 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\dvdcss
2014-08-28 10:00:58 ----A---- C:\Windows\system32\aepdu.dll
2014-08-28 10:00:57 ----A---- C:\Windows\system32\aeinv.dll
2014-08-28 10:00:56 ----A---- C:\Windows\system32\shell32.dll
2014-08-28 08:50:07 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 08:50:07 ----A---- C:\Windows\system32\gdi32.dll
2014-08-22 14:08:12 ----A---- C:\Windows\system32\wups2.dll
2014-08-22 14:08:11 ----A---- C:\Windows\system32\wucltux.dll
2014-08-22 14:08:11 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-22 14:08:11 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-22 14:07:33 ----A---- C:\Windows\system32\wups.dll
2014-08-22 14:07:33 ----A---- C:\Windows\system32\wudriver.dll
2014-08-22 14:07:33 ----A---- C:\Windows\system32\wuapi.dll
2014-08-22 14:06:58 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-22 14:06:57 ----A---- C:\Windows\system32\wuapp.exe
2014-08-19 20:51:20 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-19 20:51:17 ----A---- C:\Windows\system32\icardres.dll
2014-08-19 20:51:14 ----A---- C:\Windows\system32\icardagt.exe
2014-08-19 20:51:12 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-19 20:19:21 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-19 20:19:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-08-19 20:19:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-19 20:19:19 ----A---- C:\Windows\system32\cdd.dll
2014-08-19 20:01:50 ----A---- C:\Windows\system32\tzres.dll
2014-08-19 20:01:25 ----A---- C:\Windows\system32\msi.dll
2014-08-19 20:01:24 ----A---- C:\Windows\system32\msihnd.dll
2014-08-19 20:01:24 ----A---- C:\Windows\system32\consent.exe
2014-08-19 20:01:24 ----A---- C:\Windows\system32\authui.dll

======List of files/folders modified in the last 1 month======

2014-09-18 10:38:26 ----D---- C:\Windows\temp
2014-09-18 10:19:41 ----A---- C:\Windows\VTWAIN.INI
2014-09-18 10:19:21 ----D---- C:\Windows\system32\config
2014-09-17 19:10:48 ----SHD---- C:\Windows\Installer
2014-09-17 19:09:55 ----AD---- C:\Windows\System32
2014-09-17 19:05:04 ----D---- C:\Windows\system32\catroot2
2014-09-16 16:36:17 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2014-09-16 08:46:16 ----SHD---- C:\System Volume Information
2014-09-15 17:58:14 ----RD---- C:\Program Files\Skype
2014-09-15 17:58:14 ----D---- C:\Program Files\Common Files
2014-09-15 17:58:04 ----D---- C:\ProgramData\Skype
2014-09-15 17:57:37 ----D---- C:\Windows\Prefetch
2014-09-14 08:58:23 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-09-13 22:27:11 ----D---- C:\Windows\inf
2014-09-13 22:27:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-13 20:57:33 ----RD---- C:\Program Files
2014-09-10 18:51:02 ----D---- C:\Windows\Microsoft.NET
2014-09-10 18:48:12 ----RSD---- C:\Windows\assembly
2014-09-10 18:31:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 14:46:54 ----D---- C:\Windows\winsxs
2014-09-10 14:45:30 ----D---- C:\Windows\system32\en-US
2014-09-10 14:45:29 ----D---- C:\Program Files\Internet Explorer
2014-09-10 10:33:56 ----D---- C:\Windows\system32\catroot
2014-09-10 10:32:55 ----D---- C:\Windows\system32\MRT
2014-09-10 10:28:23 ----A---- C:\Windows\system32\MRT.exe
2014-09-01 17:01:22 ----D---- C:\Windows\system32\drivers
2014-09-01 16:54:24 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2014-09-01 16:51:19 ----RSD---- C:\Windows\Fonts
2014-09-01 16:51:17 ----D---- C:\ProgramData\Seagull
2014-09-01 16:47:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\YouTube Downloader
2014-09-01 16:32:10 ----D---- C:\Program Files\YTD
2014-09-01 16:16:44 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\DMCache
2014-08-30 15:45:44 ----D---- C:\Windows\system32\NDF
2014-08-30 12:48:00 ----D---- C:\Windows\rescache
2014-08-28 10:03:20 ----SD---- C:\Windows\system32\CompatTel
2014-08-27 15:34:18 ----HD---- C:\ProgramData
2014-08-25 06:53:44 ----N---- C:\Windows\system32\MpSigStub.exe
2014-08-23 21:30:34 ----D---- C:\Windows
2014-08-23 21:30:33 ----D---- C:\Windows\Jaksta
2014-08-22 20:25:11 ----D---- C:\Windows\system32\cs-CZ
2014-08-21 15:37:24 ----D---- C:\Windows\PolicyDefinitions
2014-08-21 15:37:24 ----D---- C:\Windows\ehome
2014-08-19 20:50:34 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2013-06-03 46096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R3 5U876UVC;HP Webcam [2 MP series]; C:\Windows\system32\DRIVERS\5U876.sys [2009-11-13 114688]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-09-26 4268608]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-19 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 PPSCAN;PPSCAN; C:\Windows\system32\drivers\PPSCAN.sys [2002-03-29 91520]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-10-10 13464]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-13 114288]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer; C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [2012-11-08 174176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1343400]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[rakato11]

# AdwCleaner v3.310 - Report created 19/09/2014 at 11:01:49
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Otakar Vavrečka - PC-OTAKAR
# Running from : C:\Users\Otakar Vavrečka\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Device
Folder Deleted : C:\ProgramData\FileCure
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Folder Deleted : C:\Program Files\Free Video Converter
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

***** [ Scheduled Tasks ] *****

Task Deleted : paretologic registration3
Task Deleted : paretologic update version3
Task Deleted : RegClean Pro
Task Deleted : Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKCU\Software\smarttweak

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.2 (x86 cs)

[ File : C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\en14cy36.default\prefs.js ]


[ File : C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\g44vyo5s.default\prefs.js ]


[ File : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ File : C:\Users\Monika\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121125&babsrc=SP_ss&mntrId=c8b9cbef000000000000c417fe29afa8
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&b ... 6&tsp=4920
Deleted [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&b ... 6&tsp=4920
Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ehgldbbpchgpcfagfpfjgoomddhccfgh
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R1].txt - [2216 octets] - [19/09/2014 10:58:43]
AdwCleaner[S1].txt - [2610 octets] - [19/09/2014 11:01:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2670 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[rakato11]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 22.9.2014
Scan Time: 8:46:38
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.22.01
Rootkit Database: v2014.09.19.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Otakar VavreÄ?ka

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 698305
Time Elapsed: 2 hr, 39 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.SearchQu, HKU\S-1-5-21-505298747-3480647553-2469496864-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, , [05a41dd3c3b8cb6bba67840d2bd7f907],
PUP.Optional.Bandoo.A, HKU\S-1-5-21-505298747-3480647553-2469496864-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D717F81-9148-4F12-8568-69135F087DB0}, , [acfd9858fb806dc96c77843f7a88da26],
PUP.Optional.uTorrentTB.A, HKU\S-1-5-21-505298747-3480647553-2469496864-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pacgpkgadgmibnhpdidcnfafllnmeomc, , [ebbea24ed8a3c27407f7c3653cc7738d],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Otakar VavreÄ?ka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp, , [1b8ee90789f2c96d886638ca758e9769],

Files: 9
PUP.Optional.OpenCandy, C:\Program Files\ICQ7.5\upgrade\2dcd1d63cb45e6613582211c3d5f4b23, , [7f2a45ab68133df9c18e7faee71efa06],
PUP.Optional.OpenCandy, C:\Program Files\ICQ7.6\install_dll\OCSetupHlp.dll, , [a2075c944338e6508bc4de4fcd389a66],
RiskWare.Tool.CK, D:\Programy-1\Revo_Uninstaller_Pro_2.5.8.rar, , [9e0b16da88f3ec4a32901a0516ecbe42],
RiskWare.Tool.CK, D:\PA?enesenA© z dÄ?tskA©\VymeniteÄ3nA1 disk\ProBook 4710s\Programy-OtA­k\aktivator.rar, , [149548a806757cbab266041ce919619f],
Trojan.Dropper.PGen, D:\PA?enesenA© z dÄ?tskA©\VymeniteÄ3nA1 disk\ProBook 4710s\Programy-OtA­k\Your.Uninstaller_.2008.6.1.1236.rar, , [9c0d3cb4e497aa8c80db69f9c43c4eb2],
RiskWare.Tool.CK, D:\Eagle\programovani_mcu_eagle_5_7_0_patch.zip, , [8722b43c77045dd950928d9316ec41bf],
PUP.WirelessKeyView, D:\A-Wifi\wirelesskeyview.zip, , [7633be3280fb2f07e574c84e09fcd42c],
PUP.Aircrack, D:\A-Wifi\aircrack\aircrack-ng-0.9.3-win.zip, , [decb15db0675e84e0ec92bf59b67c040],
PUP.Optional.Searchqu.A, C:\Users\Otakar VavreÄ?ka\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, , [90194ca45e1d8caa0deeef6113f1fa06],

Physical Sectors: 0
(No malicious items detected)


(end)

[Márty84]

Vsechny nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[rakato11]

Prosím o radu jak to provést, jakým způsobem je dát do karantény, děkuji.

[Márty84]

Kdyz test dobehne a ukazou se vysledky, mela by tam byt moznost "Vse do karanteny"

[rakato11]

Tak to budu muset ten test provést ještě 2x neboť nyní mám jenom ten výpis. Po skončení se mi nějaká možnost ukázala že mohu přesunout do karantény ale to jsem neudělal jelikož v návodu je napsáno počkat na poradce. Scan mi probíhal dosti dlouho, 2 hr, 39 min, 6 sec.

[Márty84]

Pkud jste program zavrel, musi se udelat novy test, jinak to smazat nepujde

[rakato11]

Už se na tom pracuje. Dal jsem do karantény nalezené objekty a scanuji znovu. Napodruhé mi to nalezlo více objektů, zde jsou ty nalezené objekty které jsem dal do karantény, až dojde scanování, dám další výsledek.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.9.2014
Čas skenování: 14:32:10
Protokol: scan.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.09.22.02
Databáze rootkitů: v2014.09.19.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Otakar VavreÄ?ka

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 698799
Uplynulý čas: 3 hod, 31 min, 22 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 3
PUP.Optional.SearchQu, HKU\S-1-5-21-505298747-3480647553-2469496864-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Do karantény, [1f8b1ed20576b086c4acf69bc53d2fd1],
PUP.Optional.Bandoo.A, HKU\S-1-5-21-505298747-3480647553-2469496864-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D717F81-9148-4F12-8568-69135F087DB0}, Do karantény, [9317ce22700b2511f73b962e55ad38c8],
PUP.Optional.uTorrentTB.A, HKU\S-1-5-21-505298747-3480647553-2469496864-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pacgpkgadgmibnhpdidcnfafllnmeomc, Do karantény, [753529c7235865d1dd70d2573bc8bc44],

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 1
PUP.Optional.DVDVideoSoftTB.A, C:\Users\Otakar VavreÄ?ka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp, Do karantény, [c1e9cd235c1f4beb71cc2fd4b74c06fa],

Soubory: 9
PUP.Optional.OpenCandy, C:\Program Files\ICQ7.5\upgrade\2dcd1d63cb45e6613582211c3d5f4b23, Do karantény, [dad0638dd6a50a2cd2d40e1f8f766898],
PUP.Optional.OpenCandy, C:\Program Files\ICQ7.6\install_dll\OCSetupHlp.dll, Do karantény, [248611df6516ab8b3274b27b996c4eb2],
RiskWare.Tool.CK, D:\Programy-1\Revo_Uninstaller_Pro_2.5.8.rar, Do karantény, [aefcef01c6b5bf77cc371b057d85619f],
RiskWare.Tool.CK, D:\PA?enesenA© z dÄ?tskA©\VymeniteÄ3nA1 disk\ProBook 4710s\Programy-OtA­k\aktivator.rar, Do karantény, [e5c51fd1354683b35ffafc24669ccc34],
Trojan.Dropper.PGen, D:\PA?enesenA© z dÄ?tskA©\VymeniteÄ3nA1 disk\ProBook 4710s\Programy-OtA­k\Your.Uninstaller_.2008.6.1.1236.rar, Do karantény, [eac0559bbbc00a2ceb87372bc13f7d83],
RiskWare.Tool.CK, D:\Eagle\programovani_mcu_eagle_5_7_0_patch.zip, Do karantény, [04a6856b2853aa8c71b2d44dd9298878],
PUP.WirelessKeyView, D:\A-Wifi\wirelesskeyview.zip, Do karantény, [c4e6965a0d6edc5ad4dc59bd8382639d],
PUP.Aircrack, D:\A-Wifi\aircrack\aircrack-ng-0.9.3-win.zip, Do karantény, [268479770972f0463fd946db38ca0cf4],
PUP.Optional.Searchqu.A, C:\Users\Otakar VavreÄ?ka\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, Do karantény, [9812b53b45366dc98dbdd0814cb8cc34],

Fyzické sektory: 0
(No malicious items detected)


(end)

[rakato11]

Zde je sken po odstránění nalezených objektů:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.9.2014
Čas skenování: 18:14:57
Protokol: skan.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.09.22.04
Databáze rootkitů: v2014.09.19.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Otakar VavreÄ?ka

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 698460
Uplynulý čas: 2 hod, 49 min, 31 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

[Márty84]

MBAM odinstalujte a dejte novy log z RSIT

[rakato11]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Otakar Vavrečka at 2014-09-23 10:58:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 21 GB (13%) free of 158 GB
Total RAM: 3066 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:23, on 23.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\SCANJET\PrecisionScanLT\hppwrsav.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\System32\MSTMON_N.EXE
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe
C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Otakar Vavrečka\Desktop\RSIT.exe
C:\Program Files\trend micro\Otakar Vavrečka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [hppwrsav] C:\SCANJET\PrecisionScanLT\hppwrsav.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\Windows\system32\MSTMON_N.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [MP3 Skype Recorder] C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\Windows\TEMP\E_S1D31.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Viber] "C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\bin\listicka.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR-Sound_Organizer - Sony Corporation - C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe

--
End of file - 7350 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe#
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6a811f49157b.job - C:\Program Files\Google\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8b84abba174e.job - C:\Program Files\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cf497f52fda691.job - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA1cf6b48d8ac1e7d.job - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#

=========Mozilla firefox=========

ProfilePath - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\components\
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\extensions\
{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hppwrsav"=C:\SCANJET\PrecisionScanLT\hppwrsav.exe [1999-06-07 23552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\Windows\system32\MSTMON_N.EXE [2004-11-25 151552]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5110672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"MP3 Skype Recorder"=C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [2011-11-17 1975296]
"EPSON Stylus SX200 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]
"Google Update"=C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-15 136176]
"Viber"=C:\Users\Otakar Vavrečka\AppData\Local\Viber\Viber.exe [2014-09-02 936656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent\uTorrent.exe [2014-04-14 398760]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files\Canon\ImageBrowser EX\MFManager.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-19 11:00:10 ----A---- C:\Windows\system32\sqlite3.dll
2014-09-19 10:58:38 ----D---- C:\AdwCleaner
2014-09-18 23:05:24 ----D---- C:\Film-Torrent
2014-09-18 22:40:34 ----D---- C:\Program Files\Mozilla Firefox
2014-09-18 22:30:57 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\uTorrent
2014-09-18 21:45:57 ----D---- C:\AMARA
2014-09-15 17:58:14 ----D---- C:\Program Files\Common Files\Skype
2014-09-15 17:27:15 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\ViberPC
2014-09-15 10:59:08 ----A---- C:\Windows\system32\%InstallDir%speclean.exe
2014-09-13 13:29:10 ----D---- C:\rsit
2014-09-13 13:29:10 ----D---- C:\Program Files\trend micro
2014-09-10 10:33:38 ----A---- C:\Windows\system32\iesetup.dll
2014-09-10 10:33:37 ----A---- C:\Windows\system32\ieui.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\msrating.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\jscript9diag.dll
2014-09-10 10:33:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-10 10:33:35 ----A---- C:\Windows\system32\ieapfltr.dll
2014-09-10 10:33:35 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\vbscript.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\iernonce.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-09-10 10:33:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-09-10 10:33:34 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-10 10:33:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 10:33:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-10 10:33:33 ----A---- C:\Windows\system32\iedkcs32.dll
2014-09-10 10:33:33 ----A---- C:\Windows\system32\ie4uinit.exe
2014-09-10 10:33:31 ----A---- C:\Windows\system32\iertutil.dll
2014-09-10 10:33:30 ----A---- C:\Windows\system32\wininet.dll
2014-09-10 10:33:30 ----A---- C:\Windows\system32\urlmon.dll
2014-09-10 10:33:30 ----A---- C:\Windows\system32\jscript9.dll
2014-09-10 10:33:28 ----A---- C:\Windows\system32\mshtml.dll
2014-09-10 10:33:28 ----A---- C:\Windows\system32\ieframe.dll
2014-09-10 10:15:45 ----A---- C:\Windows\system32\lsasrv.dll
2014-09-10 10:15:45 ----A---- C:\Windows\system32\kerberos.dll
2014-08-30 15:15:12 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\dvdcss
2014-08-28 10:00:58 ----A---- C:\Windows\system32\aepdu.dll
2014-08-28 10:00:57 ----A---- C:\Windows\system32\aeinv.dll
2014-08-28 10:00:56 ----A---- C:\Windows\system32\shell32.dll
2014-08-28 08:50:07 ----A---- C:\Windows\system32\win32k.sys
2014-08-28 08:50:07 ----A---- C:\Windows\system32\gdi32.dll

======List of files/folders modified in the last 1 month======

2014-09-23 10:58:17 ----D---- C:\Windows\temp
2014-09-23 10:57:42 ----RD---- C:\Program Files
2014-09-23 10:57:41 ----D---- C:\Windows\system32\drivers
2014-09-23 08:48:27 ----D---- C:\Windows\system32\config
2014-09-23 08:36:11 ----A---- C:\Windows\VTWAIN.INI
2014-09-22 18:06:07 ----AD---- C:\Windows\System32
2014-09-22 08:36:45 ----D---- C:\ProgramData\Malwarebytes
2014-09-21 20:26:56 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2014-09-19 13:46:40 ----D---- C:\FT-Filmy
2014-09-19 11:03:12 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-09-19 11:01:49 ----HD---- C:\ProgramData
2014-09-19 10:53:48 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2014-09-18 22:29:02 ----SHD---- C:\System Volume Information
2014-09-17 19:10:48 ----SHD---- C:\Windows\Installer
2014-09-17 19:05:04 ----D---- C:\Windows\system32\catroot2
2014-09-15 17:58:14 ----RD---- C:\Program Files\Skype
2014-09-15 17:58:14 ----D---- C:\Program Files\Common Files
2014-09-15 17:58:04 ----D---- C:\ProgramData\Skype
2014-09-15 17:57:37 ----D---- C:\Windows\Prefetch
2014-09-13 22:27:11 ----D---- C:\Windows\inf
2014-09-13 22:27:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-10 18:51:02 ----D---- C:\Windows\Microsoft.NET
2014-09-10 18:48:12 ----RSD---- C:\Windows\assembly
2014-09-10 18:31:34 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 14:46:54 ----D---- C:\Windows\winsxs
2014-09-10 14:45:30 ----D---- C:\Windows\system32\en-US
2014-09-10 14:45:29 ----D---- C:\Program Files\Internet Explorer
2014-09-10 10:33:56 ----D---- C:\Windows\system32\catroot
2014-09-10 10:32:55 ----D---- C:\Windows\system32\MRT
2014-09-10 10:28:23 ----A---- C:\Windows\system32\MRT.exe
2014-09-01 16:51:19 ----RSD---- C:\Windows\Fonts
2014-09-01 16:51:17 ----D---- C:\ProgramData\Seagull
2014-09-01 16:47:00 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\YouTube Downloader
2014-09-01 16:32:10 ----D---- C:\Program Files\YTD
2014-09-01 16:16:44 ----D---- C:\Users\Otakar Vavrečka\AppData\Roaming\DMCache
2014-08-30 15:45:44 ----D---- C:\Windows\system32\NDF
2014-08-30 12:48:00 ----D---- C:\Windows\rescache
2014-08-28 10:03:20 ----SD---- C:\Windows\system32\CompatTel
2014-08-25 06:53:44 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2013-06-03 46096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 174400]
R3 5U876UVC;HP Webcam [2 MP series]; C:\Windows\system32\DRIVERS\5U876.sys [2009-11-13 114688]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-09-26 4268608]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 MLPTDR_N;MLPTDR_N; \??\C:\Windows\system32\MLPTDR_N.SYS [2003-07-19 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 PPSCAN;PPSCAN; C:\Windows\system32\drivers\PPSCAN.sys [2002-03-29 91520]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2005-08-17 58352]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2005-08-17 8272]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2005-08-17 93872]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2013-10-10 13464]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-09-12 1337752]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-18 114288]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 PACSPTISVR-Sound_Organizer;PACSPTISVR-Sound_Organizer; C:\Program Files\Sony\Sound Organizer\Sony.Earth\PACSPTISVR.exe [2012-11-08 174176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-23 1343400]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2012-07-13 769432]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Jeste jeden sken a budem mazat.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).