Pomalý notebook po facebook viru

Zpráva

trinnn · #1 Příspěvek od **trinnn** » 21 úno 2015 16:22

prosím o pomoc: Počítač byl údajně infikován virem z facebooku, kdy byly z účtu neoprávněně odesílány zprávy lidem z kontaktů.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Kristyna at 2015-02-21 15:21:04
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 238 GB (61%) free of 393 GB
Total RAM: 3959 MB (66% free)

HijackThis download failed

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-21 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-01-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-01-18 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-06-30 171104]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-21 5227112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"=C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe [2011-12-21 286720]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-12-11 845168]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-12-11 1564528]
"MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2014-10-03 1792376]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2015-01-18 39408]
"Seznam.chromeUpdatePref"=C:\Users\Kristyna\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\Lenovo\Bluetooth Software\BTTray.exe

C:\Users\Kristyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~2\Lenovo\Power2Go\CLMP3Enc.ACM
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-21 15:21:04 ----D---- C:\rsit
2015-02-21 15:21:04 ----D---- C:\Program Files (x86)\trend micro
2015-02-21 03:06:42 ----SHD---- C:\Config.Msi
2015-02-21 03:06:05 ----D---- C:\Users\Kristyna\AppData\Roaming\Dropbox
2015-02-21 02:55:13 ----D---- C:\Users\Kristyna\AppData\Roaming\AVAST Software
2015-02-21 02:53:18 ----A---- C:\windows\avastSS.scr
2015-02-21 02:47:51 ----D---- C:\Users\Kristyna\AppData\Roaming\Spyware Terminator
2015-02-21 02:47:51 ----D---- C:\ProgramData\Spyware Terminator
2015-02-21 02:47:47 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-02-11 21:21:14 ----A---- C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 21:21:09 ----A---- C:\windows\SysWOW64\sspicli.dll
2015-02-11 21:21:09 ----A---- C:\windows\SysWOW64\secur32.dll
2015-02-11 21:21:09 ----A---- C:\windows\SysWOW64\msobjs.dll
2015-02-11 21:21:09 ----A---- C:\windows\SysWOW64\msaudite.dll
2015-02-11 21:21:09 ----A---- C:\windows\SysWOW64\auditpol.exe
2015-02-11 21:21:09 ----A---- C:\windows\SysWOW64\adtschema.dll
2015-02-11 21:20:54 ----A---- C:\windows\SysWOW64\crypt32.dll
2015-02-11 21:20:53 ----A---- C:\windows\SysWOW64\wintrust.dll
2015-02-11 21:20:36 ----A---- C:\windows\SysWOW64\oleaut32.dll
2015-02-11 21:20:27 ----A---- C:\windows\SysWOW64\mstscax.dll
2015-02-11 21:20:26 ----A---- C:\windows\SysWOW64\aaclient.dll
2015-02-11 21:19:44 ----A---- C:\windows\SysWOW64\scesrv.dll
2015-02-11 21:19:13 ----A---- C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 21:19:12 ----A---- C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 21:19:11 ----A---- C:\windows\SysWOW64\srclient.dll
2015-02-11 20:53:08 ----A---- C:\autoexec.bat
2015-02-10 15:29:00 ----D---- C:\Users\Kristyna\AppData\Roaming\LavasoftStatistics
2015-02-10 15:28:53 ----D---- C:\searchplugins
2015-02-10 15:28:53 ----A---- C:\prefs.js
2015-02-10 15:28:19 ----A---- C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-02-10 15:28:19 ----A---- C:\windows\SysWOW64\LavasoftTcpService.ini
2015-02-10 15:28:11 ----A---- C:\windows\SysWOW64\LavasoftTcpService.dll
2015-01-30 08:52:57 ----N---- C:\bootsqm.dat
2015-01-30 08:51:50 ----SHD---- C:\found.003
2015-01-27 20:40:34 ----SD---- C:\windows\SysWOW64\Microsoft
2015-01-26 01:52:12 ----D---- C:\Program Files (x86)\Common Files\Intel Corporation
2015-01-24 19:50:58 ----D---- C:\ProgramData\AVG Web TuneUp
2015-01-23 06:29:57 ----D---- C:\Users\Kristyna\AppData\Roaming\TuneUp Software

======List of files/folders modified in the last 1 month======

2015-02-21 15:21:04 ----RD---- C:\Program Files (x86)
2015-02-21 15:09:09 ----D---- C:\windows\Temp
2015-02-21 15:02:57 ----D---- C:\windows\Microsoft.NET
2015-02-21 14:23:03 ----A---- C:\windows\SysWOW64\log.txt
2015-02-21 13:30:10 ----RSD---- C:\windows\assembly
2015-02-21 03:23:11 ----SHD---- C:\windows\Installer
2015-02-21 03:16:23 ----D---- C:\Users\Kristyna\AppData\Roaming\Seznam.cz
2015-02-21 03:13:16 ----D---- C:\windows\SysWOW64
2015-02-21 03:13:16 ----A---- C:\windows\SysWOW64\PerfStringBackup.INI
2015-02-21 03:12:58 ----D---- C:\windows\inf
2015-02-21 03:12:52 ----D---- C:\windows\System32
2015-02-21 03:01:33 ----SHD---- C:\System Volume Information
2015-02-21 02:53:28 ----D---- C:\Windows
2015-02-21 02:51:12 ----D---- C:\Program Files
2015-02-21 02:47:51 ----HD---- C:\ProgramData
2015-02-21 02:40:27 ----D---- C:\Program Files (x86)\AVG
2015-02-21 02:18:38 ----D---- C:\windows\winsxs
2015-02-21 02:13:33 ----D---- C:\windows\SysWOW64\cs-CZ
2015-02-21 01:50:47 ----D---- C:\windows\Tasks
2015-02-21 01:50:46 ----D---- C:\Program Files (x86)\Common Files
2015-02-21 01:06:35 ----D---- C:\ProgramData\Microsoft Help
2015-02-21 01:00:53 ----A---- C:\windows\win.ini
2015-02-09 09:04:26 ----D---- C:\windows\Prefetch
2015-02-07 08:08:54 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-27 20:37:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-01-27 20:28:56 ----D---- C:\windows\Minidump
2015-01-27 20:21:26 ----D---- C:\Program Files (x86)\Opera
2015-01-27 20:21:09 ----D---- C:\Users\Kristyna\AppData\Roaming\Opera Software

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\SysWOW64\drivers\aswRvrt.sys []
R0 aswVmm;avast! VM Monitor; C:\windows\SysWOW64\drivers\aswVmm.sys []
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys []
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys []
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\windows\system32\DRIVERS\stflt.sys []
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys []
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys []
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys []
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys []
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys []
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys []
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
R3 usbsmi;Lenovo EasyCamera Service Display Name V1; C:\windows\system32\DRIVERS\SMIksdrv.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys []
S2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\SysWOW64\FsUsbExDisk.SYS [2013-10-30 37344]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys []
S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\windows\System32\Drivers\IT9135BDA.sys []
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys []
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys []
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys []
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys []
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-21 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe []
R2 ssinstall;SInstalátor; C:\windows\SysWOW64\ssins.exe [2013-10-04 2324216]
R2 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-02-05 3037520]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-01-18 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe /V []
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 21 úno 2015 16:34

Zdravim

Udajne? Kdo to rikal?

Je tam 64bit system, tak dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe

trinnn · #3 Příspěvek od **trinnn** » 21 úno 2015 16:59

diky za reakci, sestra mi dala notebook, abych ji ho odviroval, ze ji z facebooku odesilaj zpravy jejim pratelum, potom co klikla na nejaky odkaz, nebyl tam ani antivir, tak jsem myslel ze bude stacit spyware terminator a avast, ale ani jeden nic nenasel

tady je ten spravny log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kristyna at 2015-02-21 16:52:15
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 238 GB (61%) free of 393 GB
Total RAM: 3959 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:52:59, on 21.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\windows\SysWOW64\NOTEPAD.EXE
C:\windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kristyna.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe"
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Kristyna\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\windows\SysWOW64\ssins.exe
O23 - Service: Spyware Terminator 2015 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11837 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
winlogon.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 25638592
\??\C:\windows\system32\conhost.exe "-68336825520758745941622027605-1442876543-1034437679-15423560401240124250-140901064
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
C:\windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Samsung\Kies\Kies.exe" /preload
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fea15d29-9428-4e4a-bd5e-d1b84e8ec8dd -SystemEventPortName:HostProcess-0e9362a2-e47d-4a8a-8dee-b86f6c162545 -IoCancelEventPortName:HostProcess-7c3e814a-98d1-4aa2-9de3-b20f02432432 -NonStateChangingEventPortName:HostProcess-ae18d64e-a798-42bb-bfe1-a9723314b145 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:647abb46-70c1-4c5d-9a45-38220eede7c3 -DeviceGroupId:WpdFsGroup
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledWithHighProbabilityThreshold/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2592.2.819257073\844953659" /prefetch:673131151
"taskhost.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\Kristyna\Downloads\RSITx64.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledWithHighProbabilityThreshold/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="2592.28.1355570466\1940870475" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group3 pct:10c stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledWithHighProbabilityThreshold/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --disable-webrtc-hw-encoding --disable-gpu-compositing --channel="2592.29.334867466\1557286913" /prefetch:673131151

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-21 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-01-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-21 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-21 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-01-18 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-21 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-01-18 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-01-18 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2010-05-07 16416360]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-22 521272]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-24 2598280]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2009-12-19 776608]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2009-12-17 4367808]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2009-12-17 6988736]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"PrnStatusMX"=C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [2012-07-04 1240064]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-02-05 3860304]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-02-05 5456720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"=C:\Program Files (x86)\BlazeVideo\BlazeHDTV 6.0\MediaDetector.exe [2011-12-21 286720]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-12-11 845168]
"KiesPreload"=C:\Program Files (x86)\Samsung\Kies\Kies.exe [2013-12-11 1564528]
"MyDriveConnect.exe"=C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [2014-10-03 1792376]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2015-01-18 39408]
"Seznam.chromeUpdatePref"=C:\Users\Kristyna\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe remove []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion]
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-03 284696]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-06-30 171104]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-21 5227112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

C:\Users\Kristyna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-21 16:52:15 ----D---- C:\Program Files\trend micro
2015-02-21 15:21:04 ----D---- C:\rsit
2015-02-21 15:21:04 ----D---- C:\Program Files (x86)\trend micro
2015-02-21 03:06:42 ----SHD---- C:\Config.Msi
2015-02-21 03:06:05 ----D---- C:\Users\Kristyna\AppData\Roaming\Dropbox
2015-02-21 02:55:13 ----D---- C:\Users\Kristyna\AppData\Roaming\AVAST Software
2015-02-21 02:53:47 ----A---- C:\windows\system32\drivers\aswVmm.sys
2015-02-21 02:53:47 ----A---- C:\windows\system32\drivers\aswStm.sys
2015-02-21 02:53:47 ----A---- C:\windows\system32\drivers\aswSP.sys
2015-02-21 02:53:46 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2015-02-21 02:53:46 ----A---- C:\windows\system32\drivers\aswmonflt.sys
2015-02-21 02:53:45 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2015-02-21 02:53:45 ----A---- C:\windows\system32\drivers\aswHwid.sys
2015-02-21 02:53:44 ----A---- C:\windows\system32\drivers\aswsnx.sys
2015-02-21 02:53:32 ----A---- C:\windows\system32\aswBoot.exe
2015-02-21 02:53:18 ----A---- C:\windows\avastSS.scr
2015-02-21 02:51:12 ----D---- C:\Program Files\AVAST Software
2015-02-21 02:47:51 ----D---- C:\Users\Kristyna\AppData\Roaming\Spyware Terminator
2015-02-21 02:47:51 ----D---- C:\ProgramData\Spyware Terminator
2015-02-21 02:47:47 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-02-11 21:21:17 ----A---- C:\windows\system32\invagent.dll
2015-02-11 21:21:17 ----A---- C:\windows\system32\generaltel.dll
2015-02-11 21:21:17 ----A---- C:\windows\system32\devinv.dll
2015-02-11 21:21:17 ----A---- C:\windows\system32\appraiser.dll
2015-02-11 21:21:17 ----A---- C:\windows\system32\aitstatic.exe
2015-02-11 21:21:17 ----A---- C:\windows\system32\aeinv.dll
2015-02-11 21:21:16 ----A---- C:\windows\system32\aepic.dll
2015-02-11 21:21:16 ----A---- C:\windows\system32\aepdu.dll
2015-02-11 21:21:15 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-02-11 21:21:14 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 21:21:10 ----A---- C:\windows\system32\lsasrv.dll
2015-02-11 21:21:10 ----A---- C:\windows\system32\drivers\cng.sys
2015-02-11 21:21:09 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-02-11 21:21:09 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-02-11 21:21:09 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-02-11 21:21:09 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-02-11 21:21:09 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-02-11 21:21:09 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-02-11 21:21:09 ----A---- C:\windows\system32\sspisrv.dll
2015-02-11 21:21:09 ----A---- C:\windows\system32\sspicli.dll
2015-02-11 21:21:09 ----A---- C:\windows\system32\secur32.dll
2015-02-11 21:21:09 ----A---- C:\windows\system32\msobjs.dll
2015-02-11 21:21:09 ----A---- C:\windows\system32\msaudite.dll
2015-02-11 21:21:09 ----A---- C:\windows\system32\lsass.exe
2015-02-11 21:21:09 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-02-11 21:21:09 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-02-11 21:21:09 ----A---- C:\windows\system32\auditpol.exe
2015-02-11 21:21:09 ----A---- C:\windows\system32\adtschema.dll
2015-02-11 21:20:54 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-02-11 21:20:54 ----A---- C:\windows\system32\wintrust.dll
2015-02-11 21:20:54 ----A---- C:\windows\system32\crypt32.dll
2015-02-11 21:20:53 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-02-11 21:20:36 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2015-02-11 21:20:36 ----A---- C:\windows\system32\oleaut32.dll
2015-02-11 21:20:27 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-02-11 21:20:27 ----A---- C:\windows\system32\mstscax.dll
2015-02-11 21:20:26 ----A---- C:\windows\SYSWOW64\aaclient.dll
2015-02-11 21:19:44 ----A---- C:\windows\SYSWOW64\scesrv.dll
2015-02-11 21:19:44 ----A---- C:\windows\system32\scesrv.dll
2015-02-11 21:19:14 ----A---- C:\windows\system32\ntoskrnl.exe
2015-02-11 21:19:13 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 21:19:12 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-02-11 21:19:11 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-02-11 21:19:11 ----A---- C:\windows\system32\srcore.dll
2015-02-11 21:19:11 ----A---- C:\windows\system32\srclient.dll
2015-02-11 21:19:11 ----A---- C:\windows\system32\rstrui.exe
2015-02-11 21:18:54 ----A---- C:\windows\system32\win32k.sys
2015-02-11 20:53:08 ----A---- C:\autoexec.bat
2015-02-11 20:51:39 ----D---- C:\Program Files\Enigma Software Group
2015-02-10 15:29:00 ----D---- C:\Users\Kristyna\AppData\Roaming\LavasoftStatistics
2015-02-10 15:28:53 ----D---- C:\searchplugins
2015-02-10 15:28:53 ----A---- C:\prefs.js
2015-02-10 15:28:19 ----A---- C:\windows\SYSWOW64\LavasoftTcpServiceOff.ini
2015-02-10 15:28:19 ----A---- C:\windows\SYSWOW64\LavasoftTcpService.ini
2015-02-10 15:28:19 ----A---- C:\windows\system32\LavasoftTcpServiceOff.ini
2015-02-10 15:28:13 ----A---- C:\windows\system32\LavasoftTcpService64.dll
2015-02-10 15:28:11 ----A---- C:\windows\SYSWOW64\LavasoftTcpService.dll
2015-01-30 08:52:57 ----N---- C:\bootsqm.dat
2015-01-30 08:51:50 ----SHD---- C:\found.003
2015-01-27 20:40:34 ----SD---- C:\windows\SYSWOW64\Microsoft
2015-01-24 19:50:58 ----D---- C:\ProgramData\AVG Web TuneUp
2015-01-23 06:29:57 ----D---- C:\Users\Kristyna\AppData\Roaming\TuneUp Software

======List of files/folders modified in the last 1 month======

2015-02-21 16:52:15 ----D---- C:\Program Files
2015-02-21 16:45:00 ----D---- C:\windows\Temp
2015-02-21 16:41:17 ----D---- C:\windows\Microsoft.NET
2015-02-21 15:21:19 ----D---- C:\windows\System32
2015-02-21 15:21:19 ----D---- C:\windows\inf
2015-02-21 15:21:19 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-02-21 15:21:04 ----RD---- C:\Program Files (x86)
2015-02-21 14:35:02 ----D---- C:\windows\system32\config
2015-02-21 14:23:05 ----A---- C:\windows\SYSWOW64\log.txt
2015-02-21 13:30:10 ----RSD---- C:\windows\assembly
2015-02-21 03:48:06 ----D---- C:\windows\system32\drivers
2015-02-21 03:23:11 ----SHD---- C:\windows\Installer
2015-02-21 03:16:23 ----D---- C:\Users\Kristyna\AppData\Roaming\Seznam.cz
2015-02-21 03:13:16 ----D---- C:\windows\SysWOW64
2015-02-21 03:13:16 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2015-02-21 03:05:06 ----D---- C:\windows\system32\Tasks
2015-02-21 03:01:33 ----SHD---- C:\System Volume Information
2015-02-21 02:53:28 ----D---- C:\Windows
2015-02-21 02:47:51 ----HD---- C:\ProgramData
2015-02-21 02:40:27 ----D---- C:\Program Files (x86)\AVG
2015-02-21 02:22:47 ----D---- C:\windows\system32\catroot2
2015-02-21 02:18:38 ----D---- C:\windows\winsxs
2015-02-21 02:13:35 ----SD---- C:\windows\system32\CompatTel
2015-02-21 02:13:34 ----D---- C:\windows\system32\appraiser
2015-02-21 02:13:33 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-02-21 02:13:33 ----D---- C:\windows\system32\cs-CZ
2015-02-21 02:08:17 ----D---- C:\Program Files\Common Files
2015-02-21 01:50:47 ----D---- C:\windows\Tasks
2015-02-21 01:50:46 ----D---- C:\Program Files (x86)\Common Files
2015-02-21 01:06:35 ----D---- C:\ProgramData\Microsoft Help
2015-02-21 01:01:37 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-02-21 01:00:53 ----A---- C:\windows\win.ini
2015-02-21 00:59:41 ----D---- C:\windows\system32\MRT
2015-02-21 00:49:29 ----A---- C:\windows\system32\MRT.exe
2015-02-11 21:18:18 ----D---- C:\windows\system32\catroot
2015-02-09 09:04:26 ----D---- C:\windows\Prefetch
2015-02-07 08:08:54 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-01-27 20:37:12 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-01-27 20:28:56 ----D---- C:\windows\Minidump
2015-01-27 20:21:26 ----D---- C:\Program Files (x86)\Opera
2015-01-27 20:21:09 ----D---- C:\Users\Kristyna\AppData\Roaming\Opera Software
2015-01-27 19:08:07 ----D---- C:\windows\system32\NDF
2015-01-23 06:29:42 ----D---- C:\windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-02-21 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-02-21 267632]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-02-21 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-02-21 1050432]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-02-21 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-02-21 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-02-21 87912]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\windows\system32\DRIVERS\stflt.sys [2011-08-24 51496]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-19 28176]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-06-18 4170304]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-06-24 167816]
R3 HECIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2010-01-28 86120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
R3 usbsmi;Lenovo EasyCamera Service Display Name V1; C:\windows\system32\DRIVERS\SMIksdrv.sys [2010-04-20 200704]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-02-21 116728]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\SysWOW64\FsUsbExDisk.SYS [2013-10-30 37344]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-04-30 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2014-04-30 27760]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 IT9135BDA;IT9135 BDA Devices; C:\windows\System32\Drivers\IT9135BDA.sys [2013-01-06 164864]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-03-12 242720]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2013-08-21 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2013-08-21 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2013-08-21 188232]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2013-08-21 158024]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-21 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-09 268824]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2010-05-07 392296]
R2 ssinstall;SInstalátor; C:\windows\SysWOW64\ssins.exe [2013-10-04 2324216]
R2 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-02-05 3037520]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-09 2320920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-01-18 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-27 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-01-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 21 úno 2015 17:07

Terminatora odinstalujte, nebo aspon vypnete jeho stit. Muze byt v kolizi s Avastem.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

trinnn · #5 Příspěvek od **trinnn** » 21 úno 2015 17:19

Tady je ten log a po odinstalování terminatora, se pocitac neuveritelne zrychlil...

# AdwCleaner v4.111 - Logfile created 21/02/2015 at 17:12:20
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kristyna - KRISTYNA-PC
# Running from : C:\Users\Kristyna\Downloads\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Kristyna\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Kristyna\AppData\Roaming\IHlpr
File Deleted : C:\Users\Kristyna\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B281A260-3857-4FD9-9BB7-97F687138006}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v40.0.2214.111

[C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=8BB9CCDE-FA74-4869-9150-AEE0BEC1A85C&apn_ptnrs=U3&apn_sauid=01D57A43-8B4B-4DA5-9626-E8785B96BF21&apn_dtid=OSJ000YYCZ&q={searchTerms}
[C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=8BB9CCDE-FA74-4869-9150-AEE0BEC1A85C&apn_ptnrs=U3&apn_sauid=01D57A43-8B4B-4DA5-9626-E8785B96BF21&apn_dtid=OSJ000YYCZ&q={searchTerms}
[C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://tridistri.cz/inshop/scripts/shop.aspx?action=dosearch&searchphrase={searchTerms}
[C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://spokojenypes.cz/inshop/scripts/shop.aspx?action=dosearch&searchphrase={searchTerms}
[C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://sweet-and-beautiful.blog.cz/hledani?query={searchTerms}

*************************

AdwCleaner[R0].txt - [7462 bytes] - [21/02/2015 17:10:31]
AdwCleaner[S0].txt - [7127 bytes] - [21/02/2015 17:12:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7186 bytes] ##########

#6 Příspěvek od **Márty84** » 21 úno 2015 17:25

Zrejme dochazelo ke kolizim stitu s Avastem

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

trinnn · #7 Příspěvek od **trinnn** » 21 úno 2015 21:22

Tak to asi vypada ze je vse v poradku...

Scan Date: 21.2.2015
Scan Time: 17:34:41
Logfile: rdd.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.21.05
Rootkit Database: v2015.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Kristyna

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 529682
Time Elapsed: 2 hr, 36 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.OpenCandy, C:\Users\Kristyna\Downloads\GOMPLAYERENSETUP.EXE, , [8792d9481e6c2b0b19f6f8f8ec19d52b],

Physical Sectors: 0
(No malicious items detected)

(end)

#8 Příspěvek od **Márty84** » 21 úno 2015 23:59

Nalez hodte do karanteny, pak muzete MBAM odinstalovat.

Pokud tam fakt ta havet byla, je treba dobre procistit prohlizece, takze....

Postupujte podle navodu kolegy

vyosek píše: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu

Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu

Probehne vytvoreni zalohy a nasledne prohledavani

Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

trinnn · #9 Příspěvek od **trinnn** » 22 úno 2015 01:26

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Kristyna on ne 22.02.2015 at 0:37:33,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARINSTALLER_EN_SIG-69785058.pf
Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARMANAGER_8CA8B414-8A88BD82.pf
Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf
Successfully deleted: [File] C:\windows\prefetch\GOOGLETOOLBARUSER_32.EXE-34B1B1C5.pf
Successfully deleted: [File] C:\windows\prefetch\GTOOLBAR_SETUP_14215737625064-8147482E.pf
Successfully deleted: [File] "C:\windows\s.bat"

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 22.02.2015 at 0:42:31,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zoek.exe v5.0.0.0 Updated 21-February-2015
Tool run by Kristyna on ne 22.02.2015 at 0:45:18,61.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kristyna\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.2.2015 0:46:55 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Sony Mobile deleted successfully
C:\PROGRA~2\Spyware Terminator deleted successfully
C:\PROGRA~2\trend micro deleted successfully
C:\PROGRA~3\AVG Web TuneUp deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Sony Mobile deleted successfully
C:\PROGRA~3\ZoomBrowser deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\Users\Kristyna\AppData\Roaming\Opera Software deleted successfully
C:\Users\Kristyna\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Kristyna\AppData\Local\GHISLER deleted successfully
C:\Users\Kristyna\AppData\Local\Opera Software deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1763881157-800078381-1142160317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1763881157-800078381-1142160317-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_USERS\S-1-5-21-1763881157-800078381-1142160317-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Kristyna\AppData\Roaming\Zotero\Zotero\Profiles\mamtoark.default\prefs.js:

Added to C:\Users\Kristyna\AppData\Roaming\Zotero\Zotero\Profiles\mamtoark.default\prefs.js:

==== Batch Command(s) Run By Tool======================

Katalog Winsock byl ŁspŘçnŘ resetov n.
K dokonźenˇ resetov nˇ je nutn‚ restartovat poźˇtaź.

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Sony Mobile not found
C:\PROGRA~2\Spyware Terminator not found
C:\PROGRA~2\trend micro not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~2\Uninstall Information deleted
C:\PROGRA~2\Windows Live SkyDrive deleted
C:\prefs.js deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysWOW64\LavasoftTcpService.dll deleted
C:\windows\SysWOW64\LavasoftTcpService.ini deleted
C:\windows\SysWOW64\LavasoftTcpServiceOff.ini deleted
"C:\Users\Kristyna\AppData\Local\{76846697-FEFD-41BF-98FC-465A8A697C72}" deleted
"C:\Users\Kristyna\AppData\Local\{D055630C-7A9C-48C2-B21A-65D5A4EAB267}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21.02.2015 03:48]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Kristyna\AppData\Roaming\Zotero\Zotero\Profiles\mamtoark.default
- Undetermined - E:\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org
- Undetermined - E:\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21.02.2015 02:52]

Dark Skin for Youtubeâ„˘ - Kristyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\acoficpnnchlekagnhbjlpkkmcfmhhml
Angry Birds - Kristyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
Avast Online Security - Kristyna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Fix ======================

C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.avg.com_0.localstorage deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.avg.com_0.localstorage-journal deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.darklyrics.com_0.localstorage deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.darklyrics.com_0.localstorage-journal deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.adtaily.pl_0.localstorage deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.adtaily.pl_0.localstorage-journal deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.geewa.com_0.localstorage deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.geewa.com_0.localstorage-journal deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.unister-adservices.com_0.localstorage deleted successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.unister-adservices.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=s ... earchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... 1I7VSNH_cs"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=s ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kristyna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kristyna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kristyna\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Kristyna\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=116 folders=15 35740670 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kristyna\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Kristyna\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 22.02.2015 at 1:19:36,98 ======================

#10 Příspěvek od **Márty84** » 22 úno 2015 08:57

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

29.3. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Pomalý notebook po facebook viru

Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru

Re: Pomalý notebook po facebook viru