Program blokovan zasadami skupiny co stím ?

[Kristina]

Jojo protože jsem si nezkopirovala ten log vadí to nějak ? snad ne:)

[Kristina]

Logfile of random's system information tool 1.09 (written by random/random)
Run by asus at 2014-03-30 13:09:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 27 GB (26%) free of 102 GB
Total RAM: 2038 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:23, on 23.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\wininit.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\asus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [oxrwzv] regsvr32.exe "C:\ProgramData\oxrwzv.dat"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

--
End of file - 8188 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-18 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-03-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-03-21 171944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup]
C:\Program Files\ASUS\Asus WebStorage\BackupService.exe [2009-07-31 947472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeyMon]
AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\windows\system32\hkcmd.exe [2009-10-15 354840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]
AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxExt]
C:\windows\system32\IgfxExt.exe [2009-10-15 174616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\windows\system32\igfxtray.exe [2009-10-15 137752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynAsusAcpi]
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-09-27 1957040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotKeyMon.lnk]
C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [2009-09-11 100328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-03-30 09:29:00 ----DC---- C:\_OTL
2014-03-28 14:59:19 ----D---- C:\Users\asus\AppData\Roaming\vlc
2014-03-27 19:56:28 ----AC---- C:\ComboFix.txt
2014-03-27 19:49:15 ----DC---- C:\$RECYCLE.BIN
2014-03-27 17:24:32 ----D---- C:\windows\temp
2014-03-27 07:09:21 ----DC---- C:\Config.Msi
2014-03-26 20:55:50 ----A---- C:\windows\ntbtlog.txt
2014-03-26 15:13:46 ----A---- C:\windows\SWREG.exe
2014-03-26 15:13:46 ----A---- C:\windows\PEV.exe
2014-03-26 15:13:46 ----A---- C:\windows\NIRCMD.exe
2014-03-26 15:13:46 ----A---- C:\windows\MBR.exe
2014-03-26 15:13:45 ----A---- C:\windows\zip.exe
2014-03-26 15:13:45 ----A---- C:\windows\SWSC.exe
2014-03-26 15:13:45 ----A---- C:\windows\sed.exe
2014-03-26 15:13:45 ----A---- C:\windows\grep.exe
2014-03-26 15:11:33 ----DC---- C:\Qoobox
2014-03-26 15:10:31 ----D---- C:\windows\erdnt
2014-03-25 21:07:15 ----A---- C:\windows\system32\drivers\wStLibG.sys
2014-03-25 19:40:00 ----D---- C:\Program Files\Seznam.cz
2014-03-25 19:36:28 ----D---- C:\Program Files\PCData
2014-03-25 18:38:37 ----D---- C:\Users\asus\AppData\Roaming\Origin
2014-03-25 18:38:24 ----D---- C:\ProgramData\Origin
2014-03-25 18:38:23 ----D---- C:\Program Files\Origin Games
2014-03-25 18:33:52 ----D---- C:\Program Files\Origin
2014-03-25 18:03:11 ----D---- C:\ProgramData\Electronic Arts
2014-03-25 17:34:11 ----D---- C:\Program Files\Electronic Arts
2014-03-24 21:52:18 ----A---- C:\windows\system32\vp6vfw.dll
2014-03-24 21:52:04 ----D---- C:\Program Files\Microsoft WSE
2014-03-24 20:51:31 ----DC---- C:\AdwCleaner
2014-03-24 19:52:56 ----D---- C:\Users\asus\AppData\Roaming\Seznam.cz
2014-03-24 17:33:49 ----A---- C:\windows\system32\drivers\dtsoftbus01.sys
2014-03-24 17:33:03 ----D---- C:\Program Files\DAEMON Tools Lite
2014-03-24 17:12:51 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-24 17:11:06 ----D---- C:\Users\asus\AppData\Roaming\DAEMON Tools Lite
2014-03-24 17:09:49 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-03-23 22:06:20 ----D---- C:\Users\asus\AppData\Roaming\Malwarebytes
2014-03-23 22:04:17 ----D---- C:\ProgramData\Malwarebytes
2014-03-23 22:03:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-03-23 18:52:02 ----D---- C:\Program Files\trend micro
2014-03-23 18:52:01 ----DC---- C:\rsit
2014-03-22 11:57:15 ----D---- C:\Users\asus\AppData\Roaming\uTorrent
2014-03-21 20:36:11 ----D---- C:\ProgramData\Oracle
2014-03-21 20:35:34 ----D---- C:\Program Files\Common Files\Java
2014-03-21 20:35:01 ----A---- C:\windows\system32\javaws.exe
2014-03-21 20:33:33 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2014-03-21 20:33:32 ----A---- C:\windows\system32\javaw.exe
2014-03-21 20:33:32 ----A---- C:\windows\system32\java.exe
2014-03-21 20:19:03 ----D---- C:\Users\asus\AppData\Roaming\DropboxMaster
2014-03-21 20:12:45 ----D---- C:\Users\asus\AppData\Roaming\Dropbox
2014-03-15 09:07:32 ----A---- C:\windows\system32\qedit.dll
2014-03-15 09:07:23 ----A---- C:\windows\system32\jsproxy.dll
2014-03-15 09:07:23 ----A---- C:\windows\system32\iernonce.dll
2014-03-15 09:07:23 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-03-15 09:07:23 ----A---- C:\windows\system32\ieetwcollector.exe
2014-03-15 09:07:21 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-03-15 09:07:21 ----A---- C:\windows\system32\jscript9diag.dll
2014-03-15 09:07:21 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-03-15 09:07:20 ----A---- C:\windows\system32\ieapfltr.dll
2014-03-15 09:07:19 ----A---- C:\windows\system32\wininet.dll
2014-03-15 09:07:15 ----A---- C:\windows\system32\ieui.dll
2014-03-15 09:07:12 ----A---- C:\windows\system32\ieUnatt.exe
2014-03-15 09:07:11 ----A---- C:\windows\system32\iertutil.dll
2014-03-15 09:07:08 ----A---- C:\windows\system32\jscript9.dll
2014-03-15 09:07:05 ----A---- C:\windows\system32\mshtml.dll
2014-03-15 09:07:01 ----A---- C:\windows\system32\urlmon.dll
2014-03-15 09:06:59 ----A---- C:\windows\system32\msfeeds.dll
2014-03-15 09:06:55 ----A---- C:\windows\system32\msrating.dll
2014-03-15 09:06:54 ----A---- C:\windows\system32\iesetup.dll
2014-03-15 09:06:54 ----A---- C:\windows\system32\ie4uinit.exe
2014-03-15 09:06:52 ----A---- C:\windows\system32\ieframe.dll
2014-03-15 09:04:47 ----A---- C:\windows\system32\wwansvc.dll
2014-03-15 09:04:38 ----A---- C:\windows\system32\win32k.sys
2014-03-15 09:04:26 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-03-15 09:04:21 ----A---- C:\windows\system32\wer.dll
2014-03-06 12:59:23 ----D---- C:\windows\Migration
2014-03-06 10:06:33 ----A---- C:\windows\system32\vbscript.dll

======List of files/folders modified in the last 1 month======

2014-03-30 10:24:03 ----D---- C:\windows\system32\config
2014-03-30 10:10:15 ----D---- C:\windows\Prefetch
2014-03-30 10:04:11 ----SHD---- C:\System Volume Information
2014-03-30 09:56:58 ----D---- C:\windows\System32
2014-03-30 09:56:58 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-03-30 09:56:57 ----D---- C:\windows\inf
2014-03-30 09:30:17 ----SHD---- C:\windows\Installer
2014-03-30 09:30:14 ----RD---- C:\Program Files
2014-03-30 09:30:14 ----D---- C:\ProgramData
2014-03-30 09:30:13 ----D---- C:\windows\Tasks
2014-03-28 15:05:27 ----D---- C:\Program Files\VideoLAN
2014-03-27 19:56:34 ----D---- C:\windows\system32\drivers
2014-03-27 19:49:27 ----D---- C:\Windows
2014-03-27 19:49:27 ----C---- C:\windows\system.ini
2014-03-27 19:49:11 ----D---- C:\windows\system32\drivers\etc
2014-03-27 17:14:49 ----D---- C:\windows\AppPatch
2014-03-27 17:14:42 ----D---- C:\Program Files\Common Files
2014-03-27 07:09:48 ----A---- C:\windows\win.ini
2014-03-26 18:43:44 ----D---- C:\windows\system32\Tasks
2014-03-26 17:51:04 ----HD---- C:\Program Files\InstallShield Installation Information
2014-03-25 17:45:27 ----D---- C:\windows\winsxs
2014-03-25 17:34:06 ----D---- C:\windows\system32\catroot2
2014-03-24 23:25:19 ----D---- C:\Program Files\Common Files\microsoft shared
2014-03-24 21:52:13 ----RSD---- C:\windows\assembly
2014-03-24 21:52:05 ----SD---- C:\Users\asus\AppData\Roaming\Microsoft
2014-03-24 21:01:19 ----D---- C:\windows\system32\catroot
2014-03-24 20:59:28 ----D---- C:\ProgramData\ICQ
2014-03-24 20:46:19 ----D---- C:\windows\Sun
2014-03-24 17:40:17 ----D---- C:\windows\system32\DriverStore
2014-03-23 18:39:18 ----D---- C:\windows\debug
2014-03-21 20:31:27 ----D---- C:\Program Files\Java
2014-03-21 20:24:14 ----D---- C:\Program Files\Adobe
2014-03-21 20:24:02 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-03-21 14:25:25 ----D---- C:\Program Files\Internet Explorer
2014-03-21 14:25:17 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-20 23:18:13 ----D---- C:\ProgramData\Microsoft Help
2014-03-20 23:11:05 ----D---- C:\windows\system32\MRT
2014-03-20 23:06:55 ----A---- C:\windows\system32\MRT.exe
2014-03-20 22:30:14 ----D---- C:\Program Files\Google
2014-03-15 09:11:06 ----A---- C:\windows\system32\FlashPlayerApp.exe
2014-03-08 16:50:13 ----D---- C:\windows\Microsoft.NET
2014-03-06 20:07:37 ----D---- C:\windows\rescache
2014-03-06 13:00:08 ----D---- C:\windows\system32\en-US
2014-03-06 12:59:23 ----SD---- C:\ProgramData\Microsoft
2014-03-06 10:02:10 ----D---- C:\windows\system32\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-24 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 51200]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 igd;igd; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-10-10 635552]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 catchme;catchme; \??\C:\Users\asus\AppData\Local\Temp\catchme.sys []
S3 FlashUSB;FlashUSB; C:\windows\system32\DRIVERS\FlashUSB.sys [2010-05-12 16896]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-10-10 635552]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbbus;LGE Mobile Composite USB Device; C:\windows\system32\DRIVERS\lgusbbus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\windows\system32\DRIVERS\lgusbdiag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\windows\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-15 257928]
S4 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[Márty84]

Jojo protože jsem si nezkopirovala ten log vadí to nějak ? snad ne:)

Nevadi, jen se tim vysvetlilo to, proc v logu nic nebylo smazane, respektive ze uz ty veci program nenasel, takze smazt nemohl.


Drzi se to u vas jako kliste


Postupujte podle navodu kolegy

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[Kristina]

udelala jsem co jsem mela pocitac se mi , ale nerestartoval a nejspis mi to nenalezlo ani zadnou chybu a Create Restore point jsem tam nikde nevidela je to mozne?

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.30.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
asus :: KRISTINA_ASUS [administrator]

30.3.2014 17:07:06
mbar-log-2014-03-30 (17-07-06).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 241773
Time elapsed: 1 hour(s), 6 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

[Márty84]

Jelikoz nic nemazal, nepotreboval restart, ani vytvaret bod obnovy. Proto jste to nevidela

Provedla jste tento krok? V logu ty radky porad vidim

Vypnete antivir, at nebrani programu v praci.
Najdete tento soubor C:\Program Files\trend micro\asus.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku (pokud je tam najdete) dejte vlevo zatrzitko
Kód:
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [oxrwzv] regsvr32.exe "C:\ProgramData\oxrwzv.dat"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\asus\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

Kliknete na nápis Fix checked a potvrdte

Udelejte sken s AVPTool http://forum.viry.cz/viewtopic.php?f=29&t=58179

[Kristina]

Ano ten krok jsem udelala ale nenasla jsem to tam takze jsem to nemohla zaskrtnout..Ted delam ten sken

[Márty84]

OK

[Kristina]

Ty jo tak po dvouch dnech se mi to konecne udelalo klikla jsem na to co jsem mela a neukazalo se mi tam to save jak se mi mělo ukazat kvůli tomu logu ..

[Márty84]

A nasel neco?

[Kristina]

myslim ze ne

[Márty84]

Hlaska se porad objevuje?


Stahnete SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte ho na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do okna zkopirujte tento skript

Kód: Vybrat vše

:filefind
*oxrwzv*

:regfind
oxrwzv

:folderfind
*oxrwzv*

kliknete na Look a chvili pockejte
Mel by na vas vyskocit log s nazvem Systemlook
Ten mi sem zkopirujte

[Kristina]

SystemLook 30.07.11 by jpshortstuff
Log created at 09:29 on 05/04/2014 by asus
Administrator - Elevation successful

========== filefind ==========

Searching for "*oxrwzv*"
C:\Qoobox\Quarantine\Registry_backups\MSConfigStartUp-oxrwzv.reg.dat --a--c- 866 bytes [19:57 26/03/2014] [19:57 26/03/2014] 6D0A9863AAC85A050B8BC92EF63D26EF

========== regfind ==========

Searching for "oxrwzv"
No data found.

========== folderfind ==========

Searching for "*oxrwzv*"
No folders found.

-= EOF =-

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[Kristina]

No pořád se mi tam ukazuje to s čím mám problém . Nevim já bych to takhle asi nechala děkuju za trpělivost Akorát nemůžu nikde najít ten Microsoft Security Essential kdyz spustim cleaner tak v tech programech na odinstalovani je , ale nevim kde je ulozenej nikde ho nevidim chci zkusit jestli jde ubec zapnout a kdyz se bude objevovat hlaska tak bych si nejspis mela instalovat jiny antivir ne?

[Kristina]

a ještě bych byla ráda kdyby jste mi pomohl jak mam zapnout webkameru jeste jsem na to neprisla od ty doby co mam tenhle pocitac
A nějak zrychlit třeba celkově pc? jde mi spíš o to když koukám na filmy online nebo na youtube pisnicky tak , že se ten obraz seká ale zvuk jde normálně