Zamrzajicí počítač

[Hellfik]

Zdravím, už pár dní mi zamrzá počítač (na 10 minut se sekne a pak se na 2 minuty odsekne)... SKenoval jsem počítač pomocí Malware bytes a Eset online scanner ale ani jeden nenašel žádný vir...
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vossik at 2015-04-08 00:49:08
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 135 GB (44%) free of 305 GB
Total RAM: 2046 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:49:20, on 8.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
G:\RSIT.exe
C:\Program Files\trend micro\Vossik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 65.112.87.186 master.gamespy.com
O1 - Hosts: http://www.sps-dopravni.cz/rozvrh/mot/supl/supl.htm www.seznam.cz
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: Download video on this page - res://C:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/301
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Download Video - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://C:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - res://C:\Program Files\Tomabo\MP4 Player\YTVD_IE.dll/300 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 6008 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-05-21 12013272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2014-12-12 5489944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]
C:\Program Files\AVG\AVG2015\avgui.exe /TRAYONLY []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files\BlueStacks\HD-Agent.exe [2014-05-21 832272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2014-12-12 5489944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap.dll [2014-04-30 1081112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-08-27 22041192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2014-05-21 1458176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-05-21 2307368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamePark klient 2.lnk]
C:\PROGRA~1\GAMEPA~1\gpcl.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe"="C:\Program Files\Tomabo\MP4 Player\YouTubeVideoDownloader.exe:*:Enabled:YouTube Video Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=serwvdrv.dll
"vidc.ffds"=ff_vfw.dll
"vidc.xvid"=xvidvfw.dll
"vidc.lags"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.divxa32"=DivXa32.acm
"msacm.lameacm"=LameACM.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-08 00:49:08 ----D---- C:\rsit
2015-04-08 00:49:08 ----D---- C:\Program Files\trend micro
2015-04-08 00:08:58 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-04-07 23:55:27 ----D---- C:\ProgramData\Malwarebytes
2015-04-07 23:55:27 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-04-07 23:55:27 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-04-07 23:55:27 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-04-07 23:55:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-04-06 07:27:33 ----A---- C:\Windows\system32\avgrep.txt
2015-04-05 23:43:16 ----D---- C:\Program Files\ESET
2015-04-05 09:04:18 ----A---- C:\Windows\ntbtlog.txt
2015-03-25 06:27:24 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 06:27:24 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 06:27:24 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 06:27:24 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 06:27:24 ----A---- C:\Windows\system32\acmigration.dll
2015-03-25 06:27:23 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 06:27:23 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 06:27:23 ----A---- C:\Windows\system32\aepdu.dll
2015-03-11 06:59:49 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 06:59:47 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 06:59:45 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 06:59:45 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 06:59:45 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-03-11 06:59:44 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 06:59:39 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 06:59:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 06:59:36 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 06:59:36 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 06:59:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 06:59:35 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 06:59:35 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 06:59:34 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 06:59:34 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 06:59:33 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 06:59:33 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 06:59:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 06:59:32 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 06:59:32 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 06:59:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 06:59:24 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 06:59:23 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 06:59:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 06:59:21 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 06:59:19 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 06:59:17 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 06:59:16 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 06:59:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 06:59:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 06:59:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 06:59:10 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 06:59:08 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 06:59:05 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 06:59:04 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 06:57:35 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 06:57:31 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 06:57:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 06:57:31 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 06:57:31 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 06:57:30 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 06:57:30 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 06:57:30 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 06:57:23 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 06:57:23 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 06:57:23 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 06:57:23 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 06:57:23 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 06:57:22 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 06:57:14 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 06:57:14 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 06:57:13 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 06:57:13 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 06:57:13 ----A---- C:\Windows\system32\mf.dll
2015-03-11 06:57:11 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 06:57:11 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 06:57:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 06:57:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 06:57:10 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 06:57:09 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 06:57:09 ----A---- C:\Windows\system32\evr.dll
2015-03-11 06:57:09 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 06:57:08 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 06:57:08 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 06:57:08 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 06:57:08 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 06:57:07 ----A---- C:\Windows\system32\winload.exe
2015-03-11 06:57:07 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 06:57:07 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 06:57:07 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 06:57:07 ----A---- C:\Windows\system32\ci.dll
2015-03-11 06:57:05 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 06:57:05 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 06:57:05 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 06:57:05 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 06:57:05 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 06:57:05 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 06:57:04 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 06:57:03 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 06:57:03 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 06:57:03 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 06:57:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 06:57:02 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 06:57:02 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 06:57:01 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 06:57:01 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 06:56:59 ----A---- C:\Windows\system32\smss.exe
2015-03-11 06:56:59 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 06:56:58 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 06:56:58 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 06:56:58 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 06:56:58 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 06:56:57 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 06:56:57 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 06:56:57 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 06:56:57 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 06:56:57 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 06:56:56 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 06:56:55 ----A---- C:\Windows\system32\mferror.dll

======List of files/folders modified in the last 1 month======

2015-04-08 00:49:08 ----D---- C:\Program Files
2015-04-08 00:08:58 ----D---- C:\Windows\system32\drivers
2015-04-07 23:55:27 ----HD---- C:\ProgramData
2015-04-07 23:55:25 ----D---- C:\Windows\Prefetch
2015-04-07 23:14:40 ----D---- C:\Windows\system32\config
2015-04-07 23:00:17 ----D---- C:\Windows\winsxs
2015-04-07 23:00:10 ----D---- C:\Windows\Temp
2015-04-07 22:26:31 ----D---- C:\Windows\System32
2015-04-07 22:26:31 ----D---- C:\Windows\inf
2015-04-07 22:26:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-07 22:26:12 ----SHD---- C:\Windows\Installer
2015-04-07 07:01:12 ----D---- C:\Program Files\Steam
2015-04-07 06:56:36 ----D---- C:\Users\Vossik\AppData\Roaming\TS3Client
2015-04-07 06:56:31 ----D---- C:\Program Files\TeamSpeak 3 Client
2015-04-07 01:04:29 ----D---- C:\Windows\system32\Tasks
2015-04-07 00:16:28 ----D---- C:\Program Files\Opera
2015-04-06 09:34:14 ----D---- C:\Windows\Minidump
2015-04-06 09:33:58 ----D---- C:\Windows
2015-04-05 20:41:01 ----SHD---- C:\System Volume Information
2015-04-05 07:09:59 ----D---- C:\Windows\Logs
2015-03-31 21:06:21 ----D---- C:\Program Files\Jiřík
2015-03-25 21:01:16 ----SD---- C:\Windows\system32\CompatTel
2015-03-25 21:01:14 ----D---- C:\Windows\system32\wbem
2015-03-25 21:01:14 ----D---- C:\Windows\system32\appraiser
2015-03-25 21:01:12 ----D---- C:\Windows\AppPatch
2015-03-13 23:46:38 ----D---- C:\Windows\rescache
2015-03-13 23:30:20 ----D---- C:\Windows\system32\catroot2
2015-03-11 17:11:12 ----D---- C:\Windows\system32\en-US
2015-03-11 17:11:09 ----D---- C:\Program Files\Internet Explorer
2015-03-11 17:11:07 ----D---- C:\Windows\system32\de-DE
2015-03-11 17:11:07 ----D---- C:\Windows\system32\cs-CZ
2015-03-11 17:11:02 ----D---- C:\Windows\system32\Dism
2015-03-11 17:11:02 ----D---- C:\Program Files\Windows Media Player
2015-03-11 17:10:54 ----D---- C:\Windows\system32\Boot
2015-03-11 17:10:53 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 16:37:06 ----D---- C:\Windows\system32\MRT
2015-03-11 16:29:43 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2014-05-21 354840]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-29 243128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2014-05-21 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2014-05-21 44544]
R2 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2014-05-21 46592]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2014-05-21 38400]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwLv32.sys [2014-05-21 6639616]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-05-21 679128]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-05-21 301744]
S2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [2014-05-21 113424]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 bcbtums;Bluetooth USB LD Filter; C:\Windows\system32\drivers\bcbtums.sys [2014-05-21 174936]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwampfl;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2014-05-21 144600]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2014-05-21 175144]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-05-21 2876760]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 23256]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-08 119512]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 51928]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 17240]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-31 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2014-05-21 1095936]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-13 116648]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-03-17 1871160]
S2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
S2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2015-02-09 5249808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-13 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-08 1343400]
S4 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01 267440]
S4 ADUServiceNSRT;ADU Service (Nokia Software Recovery Tool); C:\Program Files\Common Files\Microsoft\Care Suite\ADUService\ADUService.exe [2014-11-06 82568]
S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 BcmBtRSupport;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2014-05-21 1678040]
S4 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files\BlueStacks\HD-Service.exe [2014-05-21 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [2014-05-21 385808]
S4 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files\BlueStacks\HD-UpdaterService.exe [2014-05-21 774928]
S4 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-11-27 2370240]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
S4 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 19702048]
S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-03-13 76888]
S4 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [2014-05-21 250072]
S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-05-29 543424]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Hellfik]

Ahoj, když to spustím tak to chvíli běží a pak se to zasekne (program) na souboru https_twitter.co který se nachází ve C:\Userfs\Vossik\AppData\Local\Google Chrome\User Data\Default\Local Storage

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Hellfik]

Jdu ještě zkusit to OTL
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 8.4.2015
Čas skenování: 19:28:07
Protokol: malware.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.07.06
Databáze rootkitů: v2015.03.31.01
Licence: Zkušební verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Vossik

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 527307
Uplynulý čas: 10 hod, 56 min, 24 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [4a78b1b8f595f244e11d1b85af5660a0],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Ten system asi moc legalni nebude, ze?

[Hellfik]

No mám tu koupený originální klíč ale nezjistil jsem jak se ten loader maže tak jsem se na to vykašlal
Jinak s OTL to nevypadá dobře... Nějakou dobu běží a pak se mi vypne sám od sebe počítač

[Márty84]

ale nezjistil jsem jak se ten loader

Idealne preinstalaci.


Pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

[Hellfik]

Ok, tak loader jsem smazal a zaktivoval systém pomocí klíče

[Márty84]

To je sice hezky pribeh, ale podobnych pohadek tu uz bylo... Bez preinstalace to kontrolovat nebudu



1.5. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975