Prosím o kontrolu logu

Zpráva

ladic · #1 Příspěvek od **ladic** » 28 úno 2015 14:39

PC byl asi měsíc bez antiviru. Nyní je nainstalován avast a byl použit ccleaner. Pro jistotu prosím ještě o kontrolu logu:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by vladimír (administrator) on LENOVO on 28-02-2015 14:21:20
Running from C:\Users\vladimír\Desktop
Loaded Profiles: vladimír (Available profiles: vladimír)
Platform: Windows 8.1 Connected (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Pokki) C:\Users\vladimír\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Pokki) C:\Users\vladimír\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\vladimír\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\vladimír\AppData\Local\Pokki\Engine\StartMenuIndexer.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-08-21] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-08-21] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-27] (AVAST Software)
HKU\S-1-5-21-843212334-501336438-363375106-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-843212334-501336438-363375106-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-843212334-501336438-363375106-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-843212334-501336438-363375106-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-843212334-501336438-363375106-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
SearchScopes: HKU\S-1-5-21-843212334-501336438-363375106-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?PC=WCUG&FORM ... earchTerms}
SearchScopes: HKU\S-1-5-21-843212334-501336438-363375106-1001 -> {4EF94416-26F7-43E0-BE57-E8BA137F2766} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-27]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-27] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-21] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-08-21] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-08-21] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-08-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-27] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [2853400 2014-01-24] (Sonix Co. Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 14:21 - 2015-02-28 14:21 - 00014609 _____ () C:\Users\vladimír\Desktop\FRST.txt
2015-02-28 14:21 - 2015-02-28 14:21 - 00000000 ____D () C:\FRST
2015-02-28 14:19 - 2015-02-28 14:19 - 02087936 _____ (Farbar) C:\Users\vladimír\Desktop\FRST64.exe
2015-02-28 14:15 - 2015-02-28 14:15 - 00001070 _____ () C:\windows\PFRO.log
2015-02-28 14:15 - 2015-02-28 14:15 - 00000116 _____ () C:\windows\setupact.log
2015-02-28 14:15 - 2015-02-28 14:15 - 00000000 _____ () C:\windows\setuperr.log
2015-02-28 13:56 - 2015-02-28 13:56 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-27 08:28 - 2015-02-27 08:28 - 00000000 ____D () C:\Users\vladimír\AppData\Roaming\AVAST Software
2015-02-27 08:27 - 2015-02-27 19:47 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-02-27 08:27 - 2015-02-27 08:27 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-27 08:27 - 2015-02-27 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-27 08:27 - 2015-02-27 08:27 - 00000000 ____D () C:\ProgramData\Google
2015-02-27 08:27 - 2015-02-27 08:27 - 00000000 ____D () C:\Program Files\Google
2015-02-27 08:25 - 2015-02-28 14:15 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-27 08:25 - 2015-02-28 14:03 - 00000000 ____D () C:\Users\vladimír\AppData\Local\Google
2015-02-27 08:25 - 2015-02-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-27 08:25 - 2015-02-27 08:30 - 00003946 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-27 08:25 - 2015-02-27 08:30 - 00003710 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-27 08:25 - 2015-02-27 08:30 - 00000974 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-27 08:25 - 2015-02-27 08:27 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-02-27 08:25 - 2015-02-27 08:27 - 00087912 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-02-27 08:25 - 2015-02-27 08:25 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2015-02-27 08:25 - 2015-02-27 08:25 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-02-27 08:22 - 2015-02-27 08:22 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-27 08:21 - 2015-02-27 08:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-27 08:20 - 2015-02-27 08:20 - 05006864 _____ (AVAST Software) C:\Users\vladimír\Downloads\avast_free_antivirus_setup_online.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-28 14:21 - 2014-12-25 12:15 - 00003592 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-843212334-501336438-363375106-1001
2015-02-28 14:20 - 2014-08-21 14:15 - 00739924 _____ () C:\windows\system32\perfh005.dat
2015-02-28 14:20 - 2014-08-21 14:15 - 00151610 _____ () C:\windows\system32\perfc005.dat
2015-02-28 14:20 - 2014-03-18 10:53 - 01745984 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-28 14:17 - 2014-12-25 12:09 - 00000000 ____D () C:\Users\vladimír\AppData\Local\Pokki
2015-02-28 14:15 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-28 14:14 - 2014-08-21 15:17 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-02-28 14:14 - 2014-08-21 14:22 - 01346344 _____ () C:\Users\Public\CAFADEBUG.log
2015-02-28 14:14 - 2014-08-21 13:34 - 01739110 _____ () C:\windows\WindowsUpdate.log
2015-02-28 14:09 - 2014-04-02 18:34 - 00000000 ____D () C:\windows\Panther
2015-02-28 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2015-02-28 14:04 - 2014-12-25 12:23 - 00003974 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{9EA203C9-431F-45B8-AD73-12132AEE1CB3}
2015-02-28 13:57 - 2014-08-21 15:06 - 00000000 ____D () C:\Program Files\mcafee
2015-02-28 13:53 - 2013-08-22 16:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2015-02-27 20:45 - 2015-01-25 09:59 - 00000000 ____D () C:\Users\vladimír\Desktop\ema
2015-02-27 20:35 - 2014-12-28 09:01 - 00000000 ____D () C:\Users\vladimír\Desktop\fotbal
2015-02-27 19:58 - 2014-12-25 12:13 - 00000000 ____D () C:\Users\vladimír\AppData\Roaming\LSC
2015-02-27 19:48 - 2014-12-25 12:33 - 00002337 _____ () C:\Users\vladimír\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-27 18:41 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-02-22 19:03 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2015-02-22 12:43 - 2014-08-21 15:18 - 00010184 _____ () C:\windows\SysWOW64\VisualDiscovery.ini
2015-02-22 12:43 - 2014-08-21 15:18 - 00005016 _____ () C:\windows\SysWOW64\VisualDiscoveryOff.ini
2015-02-22 12:43 - 2014-08-21 15:18 - 00005016 _____ () C:\windows\system32\VisualDiscoveryOff.ini
2015-02-22 12:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-02-22 12:42 - 2013-08-22 15:44 - 00371304 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-22 12:39 - 2014-12-25 13:08 - 00000000 ____D () C:\Users\vladimír\AppData\Roaming\Skype
2015-02-13 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\NDF

==================== Files in the root of some directories =======

2014-08-21 14:22 - 2014-08-21 14:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-21 17:28

==================== End Of Log ============================

#2 Příspěvek od **Márty84** » 28 úno 2015 14:51

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

ladic · #3 Příspěvek od **ladic** » 28 úno 2015 15:04

# AdwCleaner v4.111 - Logfile created 28/02/2015 at 15:00:16
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : vladimír - LENOVO
# Running from : C:\Users\vladimír\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\windows\SysWOW64\VisualDiscovery.ini
File Deleted : C:\windows\SysWOW64\VisualDiscoveryOff.ini
File Deleted : C:\windows\System32\VisualDiscoveryOff.ini

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKLM\SOFTWARE\VisualDiscovery
Key Deleted : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

*************************

AdwCleaner[R0].txt - [2801 bytes] - [28/02/2015 14:57:32]
AdwCleaner[S0].txt - [2707 bytes] - [28/02/2015 15:00:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2766 bytes] ##########

#4 Příspěvek od **Márty84** » 28 úno 2015 15:16

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

ladic · #5 Příspěvek od **ladic** » 01 bře 2015 13:37

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1. 3. 2015
Čas skenování: 12:09:48
Protokol: log.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.28.03
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: vladimAr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 506933
Uplynulý čas: 1 hod, 21 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#6 Příspěvek od **Márty84** » 01 bře 2015 13:47

MBAM muzete odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

ladic · #7 Příspěvek od **ladic** » 01 bře 2015 14:02

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-02-2015
Ran by vladimír (administrator) on LENOVO on 01-03-2015 13:58:38
Running from C:\Users\vladimír\Desktop
Loaded Profiles: vladimír (Available profiles: vladimír)
Platform: Windows 8.1 Connected (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-08-21] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-08-21] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-843212334-501336438-363375106-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-843212334-501336438-363375106-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-843212334-501336438-363375106-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-843212334-501336438-363375106-1001 -> {4EF94416-26F7-43E0-BE57-E8BA137F2766} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-27]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-27] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-21] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-08-21] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-08-21] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-08-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-27] ()
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [2853400 2014-01-24] (Sonix Co. Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 13:58 - 2015-03-01 13:58 - 00014257 _____ () C:\Users\vladimír\Desktop\FRST.txt
2015-02-28 15:24 - 2015-03-01 12:05 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 15:23 - 2015-02-28 15:23 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-28 15:23 - 2015-02-28 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-28 15:23 - 2015-02-28 15:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-28 15:23 - 2015-02-28 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-28 15:23 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-02-28 15:23 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-02-28 15:23 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-02-28 14:57 - 2015-02-28 15:00 - 00000000 ____D () C:\AdwCleaner
2015-02-28 14:21 - 2015-03-01 13:58 - 00000000 ____D () C:\FRST
2015-02-28 14:19 - 2015-03-01 13:54 - 02092544 _____ (Farbar) C:\Users\vladimír\Desktop\FRST64.exe
2015-02-28 14:15 - 2015-03-01 11:44 - 00000679 _____ () C:\windows\setupact.log
2015-02-28 14:15 - 2015-02-28 14:15 - 00001070 _____ () C:\windows\PFRO.log
2015-02-28 14:15 - 2015-02-28 14:15 - 00000000 _____ () C:\windows\setuperr.log
2015-02-28 13:56 - 2015-02-28 13:56 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-27 08:28 - 2015-02-27 08:28 - 00000000 ____D () C:\Users\vladimír\AppData\Roaming\AVAST Software
2015-02-27 08:27 - 2015-02-27 19:47 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-02-27 08:27 - 2015-02-27 08:27 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-02-27 08:27 - 2015-02-27 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-02-27 08:27 - 2015-02-27 08:27 - 00000000 ____D () C:\ProgramData\Google
2015-02-27 08:27 - 2015-02-27 08:27 - 00000000 ____D () C:\Program Files\Google
2015-02-27 08:25 - 2015-02-28 15:01 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-27 08:25 - 2015-02-28 14:03 - 00000000 ____D () C:\Users\vladimír\AppData\Local\Google
2015-02-27 08:25 - 2015-02-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-27 08:25 - 2015-02-27 08:30 - 00003946 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-27 08:25 - 2015-02-27 08:30 - 00003710 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-27 08:25 - 2015-02-27 08:30 - 00000974 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-27 08:25 - 2015-02-27 08:27 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-02-27 08:25 - 2015-02-27 08:27 - 00087912 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-02-27 08:25 - 2015-02-27 08:25 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-02-27 08:25 - 2015-02-27 08:25 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2015-02-27 08:25 - 2015-02-27 08:25 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-02-27 08:22 - 2015-02-27 08:22 - 00000000 ____D () C:\Program Files\AVAST Software
2015-02-27 08:21 - 2015-02-27 08:22 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-27 08:20 - 2015-02-27 08:20 - 05006864 _____ (AVAST Software) C:\Users\vladimír\Downloads\avast_free_antivirus_setup_online.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-01 13:58 - 2014-08-21 13:34 - 01882372 _____ () C:\windows\WindowsUpdate.log
2015-03-01 13:00 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2015-03-01 12:14 - 2014-12-25 12:23 - 00003974 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{9EA203C9-431F-45B8-AD73-12132AEE1CB3}
2015-02-28 15:30 - 2014-12-25 12:15 - 00003594 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-843212334-501336438-363375106-1001
2015-02-28 15:06 - 2014-08-21 14:15 - 00739924 _____ () C:\windows\system32\perfh005.dat
2015-02-28 15:06 - 2014-08-21 14:15 - 00151610 _____ () C:\windows\system32\perfc005.dat
2015-02-28 15:06 - 2014-03-18 10:53 - 01745984 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-28 15:01 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-28 15:00 - 2014-08-21 15:17 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-02-28 15:00 - 2014-08-21 14:22 - 01367384 _____ () C:\Users\Public\CAFADEBUG.log
2015-02-28 14:17 - 2014-12-25 12:09 - 00000000 ____D () C:\Users\vladimír\AppData\Local\Pokki
2015-02-28 14:09 - 2014-04-02 18:34 - 00000000 ____D () C:\windows\Panther
2015-02-28 13:57 - 2014-08-21 15:06 - 00000000 ____D () C:\Program Files\mcafee
2015-02-28 13:53 - 2013-08-22 16:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2015-02-27 20:45 - 2015-01-25 09:59 - 00000000 ____D () C:\Users\vladimír\Desktop\ema
2015-02-27 20:35 - 2014-12-28 09:01 - 00000000 ____D () C:\Users\vladimír\Desktop\fotbal
2015-02-27 19:58 - 2014-12-25 12:13 - 00000000 ____D () C:\Users\vladimír\AppData\Roaming\LSC
2015-02-27 19:48 - 2014-12-25 12:33 - 00002337 _____ () C:\Users\vladimír\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-02-27 18:41 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-02-22 19:03 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2015-02-22 12:43 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-02-22 12:42 - 2013-08-22 15:44 - 00371304 _____ () C:\windows\system32\FNTCACHE.DAT
2015-02-22 12:39 - 2014-12-25 13:08 - 00000000 ____D () C:\Users\vladimír\AppData\Roaming\Skype
2015-02-13 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\NDF

==================== Files in the root of some directories =======

2014-08-21 14:22 - 2014-08-21 14:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\vladimír\AppData\Local\Temp\Quarantine.exe
C:\Users\vladimír\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-01 13:29

==================== End Of Log ============================

#8 Příspěvek od **Márty84** » 01 bře 2015 14:17

Jelikoz to nebylo uplne podle navodu, dejte jeste log z RSITx64 http://forum.viry.cz/viewtopic.php?f=13&t=130786

ladic · #9 Příspěvek od **ladic** » 01 bře 2015 14:28

Logfile of random's system information tool 1.10 (written by random/random)
Run by vladimír at 2015-03-01 14:24:33
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 876 GB (96%) free of 911 GB
Total RAM: 3979 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:24:40, on 1. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\vladimír.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9194 bytes

======Listing Processes======

wininit.exe
winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 694764450512
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
taskhostex.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {1B11D5ED-F165-486A-8DD0-55296E2980A1}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\windows\system32\CxAudMsg64.exe
dashost.exe {dedc1131-f03b-4e6c-869e6f04e953e7e0}
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7561cf80-20f4-4ccd-b1a0-b17e481104e4 -SystemEventPortName:HostProcess-7a584a51-7610-4827-bfce-b79634025b8e -IoCancelEventPortName:HostProcess-7e520917-e333-4b70-9d38-c89c5e6d267b -NonStateChangingEventPortName:HostProcess-6182389a-8588-44c1-98f8-05a21e0092d6 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d231aca6-5e2a-43c0-93e3-75c97b6c492f -DeviceGroupId:WudfDefaultDevicePool
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\windows\system32\wbem\unsecapp.exe -Embedding
adb fork-server server
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3144 CREDAT:267521 /prefetch:2
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xfb0_0xfac_0x56eea340"
taskhost.exe
"C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16.0.3327.1030_x64__8wekyb3d8bbwe\onenoteim.exe" -ServerName:microsoft.onenoteim.AppXxqb9ypsz6cs1w07e1pmjy4ww4dy9tpqr.mca
"C:\windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel

"C:\Users\vladimír\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-27 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-27 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-27 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-05-22 3276104]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-08-21 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-08-21 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-08-21 10842096]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-02-27 5227112]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-01 14:24:33 ----D---- C:\rsit
2015-03-01 14:24:33 ----D---- C:\Program Files\trend micro
2015-02-28 15:23:32 ----D---- C:\ProgramData\Malwarebytes
2015-02-28 14:57:29 ----D---- C:\AdwCleaner
2015-02-28 14:21:17 ----D---- C:\FRST
2015-02-28 13:56:45 ----D---- C:\ProgramData\McAfee
2015-02-27 08:34:10 ----SHD---- C:\Config.Msi
2015-02-27 08:28:03 ----D---- C:\Users\vladimír\AppData\Roaming\AVAST Software
2015-02-27 08:27:24 ----D---- C:\Program Files\Google
2015-02-27 08:27:19 ----D---- C:\ProgramData\Google
2015-02-27 08:25:49 ----D---- C:\Program Files (x86)\Google
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswVmm.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswStm.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswSP.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswsnx.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswmonflt.sys
2015-02-27 08:25:38 ----A---- C:\windows\system32\drivers\aswHwid.sys
2015-02-27 08:25:36 ----A---- C:\windows\system32\aswBoot.exe
2015-02-27 08:25:33 ----A---- C:\windows\avastSS.scr
2015-02-27 08:22:51 ----D---- C:\Program Files\AVAST Software
2015-02-27 08:21:20 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2015-03-01 14:24:33 ----RD---- C:\Program Files
2015-03-01 14:15:41 ----D---- C:\windows\Temp
2015-03-01 14:05:12 ----D---- C:\windows\Prefetch
2015-03-01 14:05:07 ----RD---- C:\Program Files (x86)
2015-03-01 14:05:07 ----D---- C:\windows\system32\drivers
2015-03-01 14:03:01 ----HD---- C:\Program Files\WindowsApps
2015-03-01 14:03:01 ----D---- C:\windows\AppReadiness
2015-03-01 14:02:38 ----D---- C:\windows\Inf
2015-03-01 14:00:00 ----D---- C:\windows\system32\sru
2015-03-01 13:59:44 ----AD---- C:\Windows
2015-03-01 13:51:11 ----D---- C:\windows\system32\config
2015-03-01 13:49:01 ----D---- C:\windows\debug
2015-03-01 13:45:46 ----SHD---- C:\System Volume Information
2015-03-01 13:38:41 ----D---- C:\windows\WinSxS
2015-03-01 13:37:57 ----D---- C:\windows\system32\catroot2
2015-03-01 13:33:19 ----D---- C:\windows\Microsoft.NET
2015-02-28 15:23:32 ----HD---- C:\ProgramData
2015-02-28 15:06:20 ----AD---- C:\windows\System32
2015-02-28 15:06:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-02-28 15:00:16 ----D---- C:\windows\SysWOW64
2015-02-28 14:17:41 ----D---- C:\windows\system32\wdi
2015-02-28 14:12:59 ----D---- C:\windows\system32\Tasks
2015-02-28 14:09:59 ----D---- C:\windows\Panther
2015-02-28 14:09:58 ----D---- C:\windows\Logs
2015-02-28 13:57:06 ----D---- C:\Program Files\mcafee
2015-02-28 13:57:06 ----D---- C:\Program Files\Common Files
2015-02-28 13:55:31 ----D---- C:\windows\Tasks
2015-02-28 13:54:18 ----D---- C:\Program Files (x86)\Common Files
2015-02-28 13:53:14 ----HD---- C:\windows\ELAMBKUP
2015-02-27 19:58:02 ----D---- C:\Users\vladimír\AppData\Roaming\LSC
2015-02-27 08:35:01 ----SHD---- C:\windows\Installer
2015-02-27 08:27:46 ----D---- C:\windows\system32\DriverStore
2015-02-22 12:41:19 ----D---- C:\windows\system32\catroot
2015-02-22 12:39:57 ----D---- C:\windows\system32\CodeIntegrity
2015-02-22 12:39:14 ----D---- C:\Users\vladimír\AppData\Roaming\Skype
2015-02-17 17:50:50 ----RSD---- C:\windows\assembly
2015-02-13 20:05:05 ----D---- C:\windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-02-27 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-02-27 267632]
R0 MBI;@oem10.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-02-27 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-02-27 1050432]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-02-27 436624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-02-27 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-02-27 87912]
R3 ACPIVPC;@oem22.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-08-21 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-05-19 402696]
R3 ibtusb;@oem15.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem16.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 RSUSBVSTOR;@oem20.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 SNP2UVC;@oem19.inf,%SERVICE_DISPLAY_NAME%;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2014-01-24 2853400]
R3 TXEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-02-27 116728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 btmaux;@oem14.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 mfencrk;McAfee Inc. mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [2014-09-19 96600]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-02-27 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-08-21 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-08-21 288240]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-08-21 67856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-27 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-08-21 305136]

-----------------EOF-----------------

#10 Příspěvek od **Márty84** » 01 bře 2015 14:42

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-27 194032]

C:\Windows\system32\DRIVERS\mfencrk.sys

2015-02-28 13:56 - 2015-02-28 13:56 - 00000000 ____D () C:\ProgramData\McAfee

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

ladic · #11 Příspěvek od **ladic** » 01 bře 2015 15:41

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-02-2015
Ran by vladimír at 2015-03-01 15:35:58 Run:1
Running from C:\Users\vladimír\Desktop
Loaded Profiles: vladimír (Available profiles: vladimír)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-27 194032]

C:\Windows\system32\DRIVERS\mfencrk.sys

2015-02-28 13:56 - 2015-02-28 13:56 - 00000000 ____D () C:\ProgramData\McAfee

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
"HKCR\PROTOCOLS\Filter\application/x-mfe-ipt" => Key deleted successfully.
HKCR\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => Key not found.
mfencrk => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
gusvc => Service deleted successfully.
C:\Windows\system32\DRIVERS\mfencrk.sys => Moved successfully.
C:\ProgramData\McAfee => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 79.9 MB temporary data.

The system needed a reboot.

==== End of Fixlog 15:36:56 ====

#12 Příspěvek od **Márty84** » 01 bře 2015 15:56

Zkontrolujte velikost adresare plochy C:\Users\vladimír\Plocha Nemela by prekracovat 200 - 300MB

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

ladic · #13 Příspěvek od **ladic** » 01 bře 2015 16:03

plocha má 7,4 GB

#14 Příspěvek od **Márty84** » 01 bře 2015 17:17

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

29.3. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu