PLS o kontrolu logu děkuji

[bmwacs]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Matt at 2014-10-17 22:00:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 159 GB (66%) free of 240 GB
Total RAM: 2048 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:45, on 17.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Matt\Desktop\RSIT.exe
C:\Program Files\trend micro\Matt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1636753572-3598009634-4216576655-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1636753572-3598009634-4216576655-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

--
End of file - 5717 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\k7z9rebo.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-16 457712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-16 4085896]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-09-26 4811032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-17 22:00:24 ----D---- C:\Program Files\trend micro
2014-10-17 22:00:23 ----D---- C:\rsit
2014-10-17 21:11:11 ----A---- C:\Windows\system32\generaltel.dll
2014-10-17 21:11:11 ----A---- C:\Windows\system32\aepdu.dll
2014-10-17 21:11:09 ----A---- C:\Windows\system32\aeinv.dll
2014-10-17 21:09:30 ----A---- C:\Windows\system32\win32k.sys
2014-10-17 21:09:18 ----A---- C:\Windows\system32\rastls.dll
2014-10-17 21:09:17 ----A---- C:\Windows\system32\qdvd.dll
2014-10-17 21:09:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-17 21:09:16 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-17 21:09:15 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 21:09:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 21:09:14 ----A---- C:\Windows\system32\vbscript.dll
2014-10-17 21:09:14 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-17 21:09:14 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-17 21:09:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 21:09:14 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-17 21:09:13 ----A---- C:\Windows\system32\wininet.dll
2014-10-17 21:09:12 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-17 21:09:11 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-17 21:09:11 ----A---- C:\Windows\system32\ieui.dll
2014-10-17 21:09:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-17 21:09:09 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-17 21:09:09 ----A---- C:\Windows\system32\iertutil.dll
2014-10-17 21:09:07 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-17 21:09:06 ----A---- C:\Windows\system32\jscript9.dll
2014-10-17 21:09:05 ----A---- C:\Windows\system32\mshtml.dll
2014-10-17 21:09:03 ----A---- C:\Windows\system32\urlmon.dll
2014-10-17 21:09:03 ----A---- C:\Windows\system32\iernonce.dll
2014-10-17 21:09:03 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-17 21:09:02 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-17 21:09:02 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-17 21:09:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-17 21:09:00 ----A---- C:\Windows\system32\msrating.dll
2014-10-17 21:08:59 ----A---- C:\Windows\system32\iesetup.dll
2014-10-17 21:08:59 ----A---- C:\Windows\system32\ieframe.dll
2014-10-17 21:07:37 ----A---- C:\Windows\system32\mscories.dll
2014-10-17 21:07:37 ----A---- C:\Windows\system32\mscorier.dll
2014-10-17 21:07:37 ----A---- C:\Windows\system32\dfshim.dll
2014-10-17 20:45:09 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-17 20:45:09 ----A---- C:\Windows\system32\drivers\athur.sys
2014-10-17 20:45:09 ----A---- C:\Windows\system32\athur.sys
2014-10-17 20:44:30 ----D---- C:\ProgramData\TP-LINK
2014-10-16 19:20:59 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-16 19:20:59 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-16 19:20:59 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-16 19:20:59 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-16 19:20:59 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-16 19:20:51 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 19:20:50 ----A---- C:\Windows\system32\mstsc.exe
2014-10-16 19:20:49 ----A---- C:\Windows\system32\winsta.dll
2014-10-16 19:20:49 ----A---- C:\Windows\system32\termsrv.dll
2014-10-16 19:20:48 ----A---- C:\Windows\system32\winlogon.exe
2014-10-16 19:20:48 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-16 19:20:48 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-16 19:20:48 ----A---- C:\Windows\system32\aaclient.dll
2014-10-16 19:20:47 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-16 19:20:47 ----A---- C:\Windows\system32\credssp.dll
2014-10-16 19:20:46 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 19:20:18 ----A---- C:\Windows\system32\msi.dll
2014-10-16 19:18:22 ----A---- C:\Windows\system32\packager.dll
2014-09-24 19:25:14 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 1 month======

2014-10-17 22:00:28 ----D---- C:\Windows\Temp
2014-10-17 22:00:24 ----D---- C:\Program Files
2014-10-17 21:57:03 ----D---- C:\Windows\inf
2014-10-17 21:57:02 ----D---- C:\Windows\debug
2014-10-17 21:57:02 ----D---- C:\Windows
2014-10-17 21:57:00 ----D---- C:\Windows\System32
2014-10-17 21:57:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-17 21:55:45 ----D---- C:\Program Files\CCleaner
2014-10-17 21:55:03 ----D---- C:\Windows\Microsoft.NET
2014-10-17 21:55:02 ----RSD---- C:\Windows\assembly
2014-10-17 21:51:55 ----D---- C:\Windows\winsxs
2014-10-17 21:51:36 ----D---- C:\Windows\system32\config
2014-10-17 21:50:30 ----SD---- C:\Windows\system32\CompatTel
2014-10-17 21:50:26 ----D---- C:\Windows\system32\en-US
2014-10-17 21:50:26 ----D---- C:\Program Files\Internet Explorer
2014-10-17 21:30:16 ----SHD---- C:\System Volume Information
2014-10-17 21:14:23 ----D---- C:\Program Files\PokerStars
2014-10-17 21:05:42 ----D---- C:\Windows\system32\drivers
2014-10-17 21:05:39 ----D---- C:\Windows\system32\DriverStore
2014-10-17 21:05:39 ----D---- C:\Windows\system32\catroot
2014-10-17 20:45:36 ----D---- C:\Windows\system32\Tasks
2014-10-17 20:44:30 ----HD---- C:\ProgramData
2014-10-17 20:27:40 ----RSD---- C:\Windows\Fonts
2014-10-17 20:27:39 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 22:46:04 ----SHD---- C:\Windows\Installer
2014-10-16 22:46:02 ----D---- C:\ProgramData\Microsoft Help
2014-10-16 22:37:48 ----D---- C:\Windows\system32\MRT
2014-10-16 22:37:44 ----A---- C:\Windows\system32\MRT.exe
2014-10-16 19:19:51 ----D---- C:\Windows\system32\catroot2
2014-10-16 19:12:50 ----D---- C:\Program Files\Battle.net
2014-10-12 23:00:00 ----D---- C:\Windows\rescache
2014-09-28 13:49:32 ----D---- C:\Users\Matt\AppData\Roaming\Ahead
2014-09-25 22:35:59 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-16 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-16 192352]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-16 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-16 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-16 414520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-16 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-16 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-16 71944]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2013-06-28 1445888]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 netr28u;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2009-07-14 657408]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-16 50344]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-31 634656]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-19 1259296]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-16 116648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-16 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-09-12 114288]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Je s pc nejaky problem, nebo jde ciste jen o prevenci?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[bmwacs]

Zdá se v pořádku ale nevím proto zde nechávám kontrolovat odborníky

[Márty84]

Ptam se proto, ze zadny log neukaze vse. Takze kdyz je nejaky problem, nechavam to proskenovat vice skenerama. Kdezto kdyz je pc bez potizi, staci jen bezna cistka od zbytecnosti

[bmwacs]

Pokud mohu poprosit udělal bych maximální kontrolu děkuji.

[Márty84]

OK.

Tak nejprve ten ADWCleaner.

[bmwacs]

# AdwCleaner v4.000 - Report created 18/10/2014 at 13:29:47
# DB v2014-10-17.9
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Matt - MATT-PC
# Running from : C:\Users\Matt\Desktop\adwcleaner_4.000.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.1 (x86 cs)


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [849 octets] - [18/10/2014 13:24:32]
AdwCleaner[S0].txt - [698 octets] - [18/10/2014 13:29:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [757 octets] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[bmwacs]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.10.2014
Čas skenování: 19:43:53
Protokol: mb.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.10.21.08
Databáze rootkitů: v2014.10.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Matt

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 554327
Uplynulý čas: 2 hod, 20 min, 55 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 7
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [55076bac0e6e47ef105feef3cf3551af],
PUP.Optional.Softonic.A, F:\Documents and Settings\Matt\Local Settings\temp\KMP_3.8.0.121.exe, , [0f4d37e02755c2746e13ae87aa57b44c],
PUP.Optional.Softonic.A, F:\Documents and Settings\Matt\Local Settings\temp\KMP_3.8.0.122.exe, , [441836e1d9a386b07110142117ea45bb],
PUP.Optional.Softonic.A, F:\Documents and Settings\Matt\Local Settings\temp\KMP_3.9.0.124.exe, , [dc80d245621aaa8cd9a8d95ca75a3fc1],
PUP.Optional.Softonic.A, F:\Documents and Settings\Matt\Local Settings\temp\KMP_3.9.0.125.exe, , [aeae7a9d67151d19e39e95a06f92aa56],
PUP.Optional.Softonic.A, F:\Documents and Settings\Matt\Local Settings\temp\KMP_3.9.0.126.exe, , [055725f2e29a37ffe79a8da80ef3669a],
PUP.Optional.Softonic, F:\Documents and Settings\Matt\Local Settings\temp\KMP_3.9.0.127.exe, , [6bf146d1205cf5418630f5c7b54c19e7],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[Márty84]

Takova kontrolni otazka. Jak je to s legalitou systemu?

[bmwacs]

Pročpak měl bych mít originál-

[bmwacs]

Pro jistotu jsem ověřil pravost.

[Márty84]

No mate tam aktivne vyuzivany crack na windows, ktery prave obelhava ten test pravosti

[bmwacs]

DVD s originálním WIN 7 jsem hodně poškrábal ale obdržel jsem prý čistý instalační disk. při zadávání jsem zadal originální kód mých Windows 7 a co s tím mám tedy dělat?

[Márty84]

Jestli jste posledni, kdo preinstalovaval system a je to jak pisete, tak nechapu, proc je tam aktivovany ten crack Nevim, kdo ma k tomu pc jeste pristup a kdo tam co delal, ale v logu proste je.

Nevim co to udela, kdyz se smaze silou. 100% se toho da zbavit preinstalaci systemu a aktivaci bez pouziti cracku.