zpomaleny notebook - pro Márty84

Zpráva

e_va · #1 Příspěvek od **e_va** » 05 črc 2015 20:41

Zdravim vas,

uz jste mi parkrat moc mile a trpelive pomohl, mohla bych vas poprosit o pomoc jeste jednou? Jestli se ale chystate na dovolenou ci nemate cas/chut/silu, tak me klidne preposunte nekomu dalsimu

Slibila jsem pomoc kamaradce tady s tim jejim pocitacem. Mne se zda vcelku ok, jenom trochu pomalejsi, ale problem je spis v tom, ze jsme v uplynulem asi tak mesici byly obe pripojene k routeru, ktery byl dle hlaseni antiviru (tusim) hacknuty, coz nebylo v nasich silach zmenit. Muj notebook pravdepodobne neco schytal, ale ten muze chvili pockat.

Podival byste se prosim na tento notas?

Dekuji mnohokrate!

Logfile of random's system information tool 1.10 (written by random/random)
Run by broucek at 2015-07-05 21:24:10
Microsoft Windows 8.1
System drive C: has 143 GB (75%) free of 191 GB
Total RAM: 1919 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:21, on 05/07/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files\trend micro\broucek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 7927 bytes

======Listing Processes======

wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {a931b5c5-e1ad-4c53-afbb51a0bed6f50f}
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k smphost

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot

"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
taskhostex.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskeng.exe {74FDDFCF-D52A-4942-92B2-9A6AAB5A3018}
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
C:\Windows\Explorer.EXE
KBFiltr.exe
taskhost.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4688.0.981194897\1315748609" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding

"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_19/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_09/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=4688 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="4688.7.1442950976\1595260253" /prefetch:673131151
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
/S
"C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSService.exe" MySyncFolder
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe202_ Global\UsGthrCtrlFltPipeMssGthrPipe202 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572

"C:\Users\broucek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-19 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-19 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-19 771568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28787840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-12-12 3216032]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [2014-08-19 63296]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-27 5515496]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-16 624640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-05 21:24:10 ----D---- C:\rsit
2015-07-05 21:24:10 ----D---- C:\Program Files\trend micro
2015-06-23 09:41:26 ----A---- C:\Windows\system32\mssrch.dll
2015-06-23 09:41:25 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-06-23 09:41:25 ----A---- C:\Windows\system32\tquery.dll
2015-06-23 09:41:25 ----A---- C:\Windows\system32\mssph.dll
2015-06-23 09:41:24 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-06-23 09:41:24 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-06-23 09:41:24 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-06-23 09:41:24 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-06-23 09:41:24 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-06-23 09:41:24 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-06-23 09:41:24 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-06-23 09:41:24 ----A---- C:\Windows\system32\mssvp.dll
2015-06-23 09:41:24 ----A---- C:\Windows\system32\mssphtb.dll
2015-06-11 20:10:59 ----A---- C:\Windows\system32\mshtml.dll
2015-06-11 20:10:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-11 20:10:49 ----A---- C:\Windows\system32\wininet.dll
2015-06-11 20:10:49 ----A---- C:\Windows\system32\jscript9.dll
2015-06-11 20:10:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-11 20:10:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-11 20:10:47 ----A---- C:\Windows\system32\ieframe.dll
2015-06-11 20:10:46 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-11 20:10:46 ----A---- C:\Windows\system32\urlmon.dll
2015-06-11 20:10:46 ----A---- C:\Windows\system32\iertutil.dll
2015-06-11 20:10:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-11 20:10:45 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-11 20:10:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-11 20:10:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-11 20:10:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-11 20:10:44 ----A---- C:\Windows\system32\vbscript.dll
2015-06-11 20:10:44 ----A---- C:\Windows\system32\actxprxy.dll
2015-06-11 20:10:43 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-11 20:10:43 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-11 20:10:43 ----A---- C:\Windows\system32\jscript.dll
2015-06-11 20:10:43 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-11 20:10:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-11 20:10:41 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-11 20:10:39 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-11 20:10:39 ----A---- C:\Windows\system32\webcheck.dll
2015-06-11 20:10:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-11 20:10:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-11 20:10:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-11 20:10:37 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-06-11 20:10:37 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-06-11 20:10:37 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-06-11 20:10:37 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-11 20:10:37 ----A---- C:\Windows\system32\inetcomm.dll
2015-06-11 20:10:37 ----A---- C:\Windows\system32\ieui.dll
2015-06-11 20:10:37 ----A---- C:\Windows\system32\iepeers.dll
2015-06-11 20:10:37 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 10:11:13 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 10:11:13 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 10:06:08 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2015-07-05 21:24:10 ----RD---- C:\Program Files
2015-07-05 21:23:11 ----D---- C:\Windows\Prefetch
2015-07-05 21:23:04 ----D---- C:\Windows\system32\Tasks
2015-07-05 21:22:13 ----D---- C:\Users\broucek\AppData\Roaming\WebStorage
2015-07-05 21:21:49 ----AD---- C:\Windows\Temp
2015-07-05 21:20:09 ----HD---- C:\Program Files\WindowsApps
2015-07-05 21:18:59 ----D---- C:\Windows\system32\config
2015-07-05 21:18:26 ----D---- C:\Windows\system32\sru
2015-07-05 21:17:19 ----D---- C:\Users\broucek\AppData\Roaming\Skype
2015-07-04 11:20:14 ----RD---- C:\Windows\System32
2015-07-04 11:20:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-04 11:20:13 ----D---- C:\Windows\Inf
2015-07-04 11:16:11 ----D---- C:\Windows\CbsTemp
2015-07-02 14:39:57 ----D---- C:\Windows\Microsoft.NET
2015-07-02 14:31:37 ----SHD---- C:\System Volume Information
2015-06-30 16:29:38 ----D---- C:\Windows\system32\drivers
2015-06-28 15:30:39 ----D---- C:\Windows\AppReadiness
2015-06-25 10:50:13 ----D---- C:\Windows\WinSxS
2015-06-25 10:21:26 ----D---- C:\Windows\SysWOW64
2015-06-24 21:43:48 ----SHD---- C:\Windows\Installer
2015-06-24 09:20:26 ----D---- C:\Windows\system32\MRT
2015-06-24 09:11:40 ----A---- C:\Windows\system32\MRT.exe
2015-06-20 05:02:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-16 15:38:24 ----D---- C:\Windows\system32\NDF
2015-06-12 19:10:25 ----D---- C:\Windows\rescache
2015-06-12 01:49:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-12 01:49:45 ----D---- C:\Windows\SYSWOW64\en-GB
2015-06-12 01:49:45 ----D---- C:\Program Files\Internet Explorer
2015-06-12 01:49:44 ----D---- C:\Windows\system32\en-GB
2015-06-12 01:49:44 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 09:52:24 ----D---- C:\Windows\system32\catroot2
2015-06-08 19:11:08 ----D---- C:\Windows\system32\DriverStore
2015-06-08 19:06:08 ----SD---- C:\Windows\system32\CompatTel
2015-06-08 19:06:08 ----D---- C:\Windows\system32\appraiser
2015-06-08 19:06:08 ----D---- C:\Windows\apppatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;@oem43.inf,%AfwDescriptionFree%;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-06-04 449896]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-27 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-27 272248]
R0 BTATH_BUS;@oem17.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 MBI;@oem7.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2013-10-28 29464]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-06-04 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-27 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-27 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-30 442264]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-27 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-27 89944]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2013-04-17 17152]
R3 AthBTPort;@oem20.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem3.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-01-06 3881984]
R3 ATP;@oem15.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2014-02-13 70928]
R3 BTATH_A2DP;@oem19.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem19.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem22.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem24.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem26.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 HIDSwitch;@oem21.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-12-24 3791320]
R3 IntcDAud;@oem9.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem12.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 kbfiltr;@oem23.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSBASTOR;@oem14.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2013-07-12 309976]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 TXEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-09 644968]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-27 137288]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem11.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-09-09 111416]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [2013-08-16 71680]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-25 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-27 343336]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-06-04 107448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-11-09 227936]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-19 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 05 črc 2015 21:56

Dobry vecer

Mam cas, chut i silu a dovolena je v nedohlednu, takze si vas rad necham jen pro sebe

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

e_va · #3 Příspěvek od **e_va** » 06 črc 2015 01:41

dekuji

k cemu dovolena, kdyz tu mame vlastni tropy, ze

tady jsou logy (je/bylo tam neco?):

AdwCleaner:

# AdwCleaner v4.207 - Logfile created 05/07/2015 at 23:20:49
# Updated 21/06/2015 by Xplode
# Database : 2015-07-05.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : broucek - EVA
# Running from : C:\Users\broucek\Desktop\adwcleaner_4.207.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Google Chrome v43.0.2357.130

[C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [1179 bytes] - [05/07/2015 23:19:12]
AdwCleaner[S0].txt - [1108 bytes] - [05/07/2015 23:20:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1167 bytes] ##########

Mbam:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 05/07/2015
Cas skenování: 23:33
Protokol: mbam.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.05.05
Databáze rootkitu: v2015.07.05.03
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: broucek

Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 511065
Uplynulý cas: 2 hod, 59 min, 6 sek

Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíce registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#4 Příspěvek od **Márty84** » 06 črc 2015 08:57

Na dovolene opravdu nejezdim, cestovani nemam rad, ale jinak volno by uz bodlo

Logy neukazuji nic zvlastniho, ale zadny neukaze vsechno, takze udelame zakladni ocistu a podle chovani pc uvidime, zda to bude stacit, nebo se koukneme hloubeji.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

e_va · #5 Příspěvek od **e_va** » 06 črc 2015 14:45

hm teda antivir me potrapil radne, je nejaky dukladny. Doufam, ze je to takto spravne

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by broucek (administrator) on EVA on 06-07-2015 15:37:30
Running from C:\Users\broucek\Desktop
Loaded Profiles: broucek (Available Profiles: broucek)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSPanel.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\AsusWSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\broucek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-12] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-27] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-85956738-206997255-3856328861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-27] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-19] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-19] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{97BE587A-F6FF-4359-A76C-FBFF6DD8FFCC}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{DA071C52-A580-46D3-8695-118EB868AC63}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]

Chrome:
=======
CHR Profile: C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-19]
CHR Extension: (Google Docs) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-19]
CHR Extension: (Google Drive) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-19]
CHR Extension: (YouTube) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-19]
CHR Extension: (Google Search) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-19]
CHR Extension: (Google Sheets) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-19]
CHR Extension: (Avast Online Security) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-19]
CHR Extension: (Gmail) - C:\Users\broucek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-27] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-04] (Avast Software s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-27] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-04] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-27] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-27] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-27] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-30] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-27] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-27] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881984 2014-01-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2014-02-13] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 15:37 - 2015-07-06 15:38 - 00013796 _____ C:\Users\broucek\Desktop\FRST.txt
2015-07-06 15:37 - 2015-07-06 15:37 - 00000000 ____D C:\FRST
2015-07-06 15:36 - 2015-07-06 15:36 - 00112640 _____ (forum.viry.cz) C:\Users\broucek\Desktop\FRSTLauncher.exe
2015-07-06 15:23 - 2015-07-06 15:23 - 02112512 _____ (Farbar) C:\Users\broucek\Desktop\FRST64.exe
2015-07-06 02:35 - 2015-07-06 02:35 - 00001146 _____ C:\Users\broucek\Desktop\mbam.txt
2015-07-05 23:31 - 2015-07-05 23:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-05 23:30 - 2015-07-05 23:30 - 00001112 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-05 23:30 - 2015-07-05 23:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-05 23:30 - 2015-07-05 23:30 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-05 23:30 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-05 23:30 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-05 23:30 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-05 23:26 - 2015-07-05 23:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\broucek\Desktop\mbam-setup-2.1.8.1057.exe
2015-07-05 23:24 - 2015-07-05 23:24 - 00001251 _____ C:\Users\broucek\Desktop\AdwCleaner[S0].txt
2015-07-05 23:19 - 2015-07-05 23:20 - 00000000 ____D C:\AdwCleaner
2015-07-05 23:18 - 2015-07-05 23:18 - 02244096 _____ C:\Users\broucek\Desktop\adwcleaner_4.207.exe
2015-07-05 23:18 - 2015-07-05 23:18 - 00000687 _____ C:\Users\broucek\Documents\Desktop - Shortcut.lnk
2015-07-05 21:24 - 2015-07-05 21:24 - 00000000 ____D C:\rsit
2015-07-05 21:24 - 2015-07-05 21:24 - 00000000 ____D C:\Program Files\trend micro
2015-07-05 21:22 - 2015-07-05 21:22 - 01222144 _____ C:\Users\broucek\Downloads\RSITx64.exe
2015-06-23 09:41 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-23 09:41 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-23 09:41 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-23 09:41 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-23 09:41 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-23 09:41 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-23 09:41 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-23 09:41 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-23 09:41 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-23 09:41 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-23 09:41 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-23 09:41 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-23 09:41 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-17 22:38 - 2015-06-18 05:01 - 00000000 ____D C:\Users\broucek\Documents\Camp Zuasti Pack
2015-06-16 17:37 - 2015-06-18 03:29 - 00034062 _____ C:\Users\broucek\Desktop\Camp Pack Ideas.odt
2015-06-16 12:01 - 2015-07-02 22:49 - 00015518 _____ C:\Users\broucek\Desktop\Games for Liceo Monjardin.odt
2015-06-11 20:10 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 20:10 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 20:10 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 20:10 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 20:10 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 20:10 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 20:10 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 20:10 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 20:10 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 20:10 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 20:10 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-11 20:10 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-11 20:10 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 20:10 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 20:10 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 20:10 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 20:10 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-11 20:10 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 20:10 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 20:10 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 20:10 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 20:10 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 20:10 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 20:10 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 20:10 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 20:10 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 20:10 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 20:10 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 20:10 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-11 20:10 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 20:10 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-11 20:10 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-11 20:10 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 20:10 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 20:10 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 20:10 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 20:10 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 20:10 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-11 20:10 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 20:10 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 23:08 - 2015-07-02 22:37 - 00020268 _____ C:\Users\broucek\Desktop\Knizky na precteni.odt
2015-06-10 10:11 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 10:11 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 10:06 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 15:26 - 2014-09-19 21:58 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 15:24 - 2014-08-25 03:40 - 00000000 ____D C:\Users\broucek\AppData\Roaming\WebStorage
2015-07-06 15:21 - 2015-05-12 10:25 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-07-06 15:21 - 2015-05-12 10:25 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-07-06 15:20 - 2014-08-25 03:37 - 00000074 _____ C:\Users\broucek\AppData\Roaming\sp_data.sys
2015-07-06 15:19 - 2014-09-19 21:58 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-06 15:19 - 2014-08-25 04:09 - 00000000 ____D C:\Users\broucek\AppData\Roaming\Skype
2015-07-06 15:18 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-05 23:22 - 2013-08-22 16:46 - 00031828 _____ C:\Windows\setupact.log
2015-07-05 23:22 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-05 23:21 - 2014-08-25 03:29 - 01709118 _____ C:\Windows\WindowsUpdate.log
2015-07-05 23:21 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-05 22:07 - 2014-08-25 03:41 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-85956738-206997255-3856328861-1001
2015-07-05 21:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-04 11:20 - 2013-12-12 23:01 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-04 11:16 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-02 00:02 - 2014-08-25 03:52 - 00000000 ____D C:\Users\broucek\AppData\Local\CrashDumps
2015-06-30 16:29 - 2014-08-25 04:04 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 10:20 - 2013-12-12 22:47 - 00039784 _____ C:\Windows\PFRO.log
2015-06-24 21:43 - 2014-12-25 21:36 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 09:20 - 2014-09-09 12:17 - 00000000 ____D C:\Windows\system32\MRT
2015-06-24 09:11 - 2014-09-09 12:17 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-23 09:34 - 2014-09-19 22:00 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-16 15:38 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-12 23:34 - 2015-03-26 23:12 - 00000000 ____D C:\Users\broucek\Documents\Mock FCE 2015 Results
2015-06-12 19:10 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-12 18:50 - 2015-05-15 01:15 - 00029606 _____ C:\Users\broucek\Desktop\New reports.odt
2015-06-12 12:22 - 2014-11-12 02:28 - 00000000 __SHD C:\Users\broucek\AppData\Local\EmieBrowserModeList
2015-06-12 12:22 - 2014-09-20 11:48 - 00000000 __SHD C:\Users\broucek\AppData\Local\EmieUserList
2015-06-12 12:22 - 2014-09-20 11:48 - 00000000 __SHD C:\Users\broucek\AppData\Local\EmieSiteList
2015-06-12 01:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-06-12 01:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-06-12 01:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 20:19 - 2013-08-22 16:44 - 00362544 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 00:40 - 2015-05-15 00:50 - 00024039 _____ C:\Users\broucek\Desktop\Manchester.odt
2015-06-08 22:10 - 2015-02-28 03:51 - 00016859 _____ C:\Users\broucek\Documents\Vylety na leto.odt
2015-06-08 19:06 - 2015-04-15 02:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-08 19:06 - 2015-03-12 14:32 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-06 23:43 - 2014-08-25 04:04 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

==================== Files in the root of some directories =======

2014-08-25 03:37 - 2015-07-06 15:20 - 0000074 _____ () C:\Users\broucek\AppData\Roaming\sp_data.sys
2014-04-17 02:39 - 2014-04-17 02:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-12 23:00 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-12 23:00 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-12 23:00 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
C:\Users\broucek\AppData\Local\Temp\Quarantine.exe
C:\Users\broucek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\broucek\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\broucek\Desktop" je 75 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by broucek at 2015-07-06 15:39:46
Running from C:\Users\broucek\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-85956738-206997255-3856328861-500 - Administrator - Disabled)
broucek (S-1-5-21-85956738-206997255-3856328861-1001 - Administrator - Enabled) => C:\Users\broucek
Guest (S-1-5-21-85956738-206997255-3856328861-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ASUS Backtracker (HKLM-x32\...\{C15C060C-ED1C-49EB-83B3-F7C0FD1CD661}) (Version: 3.0.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.10 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.8 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7121 - Realtek Semiconductor Corp.)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.10.398 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.25 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse (01/07/2014 1.0.0.197) (HKLM\...\2BEE838DC3D664A0CAB23AEA0332BB3877ED0685) (Version: 01/07/2014 1.0.0.197 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

17-06-2015 19:37:06 Scheduled Checkpoint
24-06-2015 09:06:54 Windows Update
02-07-2015 14:30:47 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DB9ADE3-E306-4E92-AFEB-1961E7582F94} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.)
Task: {42FE7826-8FE2-410C-8328-1197F5C4C771} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {5C01A767-8EFD-4B6E-9419-05A457B2E867} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-12-20] (Realtek Semiconductor)
Task: {64536461-384B-400B-AAAB-303872827004} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-24] (Microsoft Corporation)
Task: {6A0672B2-5FFD-453B-8DFF-65CB30EB4C54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19] (Google Inc.)
Task: {957B186C-C157-443D-92B7-74F2C7B8FE80} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-19] (Avast Software s.r.o.)
Task: {9D504674-BF3C-42C7-BD04-0ADC9950AE98} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {A0C87FA7-9587-4D9E-820B-8E2CAF95F8B2} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-04] ()
Task: {BFA42CC3-CB22-4609-BDC6-BEE788583F86} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {D30F6C34-7DDD-4122-89CC-623316DF6985} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-02-13] (AsusTek)
Task: {DD1972CF-FE9D-4EF1-98A9-588428EB0133} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.)
Task: {E78C650B-7345-45B4-9E8E-F0E7B971D5B2} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-01-16] (ASUSTek Computer Inc.)
Task: {ED4AD316-952E-4A27-89A3-C04165306FB5} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] ()
Task: {F2A5581E-6266-4F98-9DB6-68991BE741AF} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {F5ADAF08-1375-4FF6-B285-80D2E2FD6623} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-11-13] (Realtek Semiconductor)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

#6 Příspěvek od **Márty84** » 06 črc 2015 14:55

mozna vas potrapil, ale zvladla jste to na jednicku

MBAM muzete odinstalovat.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-85956738-206997255-3856328861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)

HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19 116648]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

e_va · #7 Příspěvek od **e_va** » 06 črc 2015 15:10

zde je cerstve upeceny log

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by broucek at 2015-07-06 16:03:37 Run:1
Running from C:\Users\broucek\Desktop
Loaded Profiles: broucek (Available Profiles: broucek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-85956738-206997255-3856328861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)

HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-19 116648]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-85956738-206997255-3856328861-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
AdobeARMservice => Service removed successfully
gupdate => Service removed successfully
SkypeUpdate => Service removed successfully
gupdatem => Service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 2.1 GB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 16:05:20 ====

#8 Příspěvek od **Márty84** » 06 črc 2015 15:44

Super, je upeceny velmi dobre

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc a bud to uzavrem, nebo se podivame hlobeji

e_va · #9 Příspěvek od **e_va** » 06 črc 2015 18:51

uff, temer vse hotovo, akorat si budem jeste chvili defragmentovat.

Notas se zda byt v pohode, akorat me porad trochu strasi ten router, ke kteremu byly nase stroje pripojeny. Avast kricel tyhle me desici zpravy: "your router is infected" a pak kdyby mi to nahodou nestacilo "your router has been compromised and your network connections are being routed throught a malicious remote server". Hadam, ze to falesna detekce asi nebude, ze... takze se tazi, co se mohlo stat, kdyz jsme byly pres tenhle zazrak pripojeny k netu vic nez mesic?

(na svou obranu muzu rict, ze jsem se pokousela jednak prinutit pana domaciho o napravu (ten se tomu jen zasmal a tim to bylo evidentne vyreseno) a druhak me vlastni pokusy o opravu tez selhaly, neb anglicke rozhrani routeru vubec neoplyvalo zpusobem, jak to spravit, a v jazyku domorodeho jizanskeho kmene to bylo nad me moznosti a sily:) ... no proste

)

#10 Příspěvek od **Márty84** » 06 črc 2015 19:53

Router bych uz neresil. V pc byla ochrana, antivir, firewall a pokud se pc chova normalne, nemel by byt zadny problem

PC je tedy v pohode, nebo je porad pomalejsi?

e_va · #11 Příspěvek od **e_va** » 06 črc 2015 20:10

ok

Uz je i dofragmentovano. Mne se tenhle pc zda byt v pohode, neni to sice zadny superrychlik, ale nepripada mi, ze by neco extra blblo.

#12 Příspěvek od **Márty84** » 06 črc 2015 20:16

No ono jde o to, jestli je ta rychlost normalni, nebo byval rychlejsi. To ja samozrejme na dalku nemuzu posudit

e_va · #13 Příspěvek od **e_va** » 06 črc 2015 20:26

to je jasny, ja jsem taky spatny jasnovidec

Myslim, ze je lepsi. Zavirovany neni, je cerstve vypulirovany, tudiz bych ho prohlasila za zdravy a praceschopny

#14 Příspěvek od **Márty84** » 06 črc 2015 20:28

Havet tam neni urcite, ale jestli chcete, muzeme ho jeste zkusit trosku zrychlit. Ucinek to mit uz nemusi, ale ani to neuskodi

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

e_va · #15 Příspěvek od **e_va** » 06 črc 2015 20:35

ha, tohle jsem jeste nezkousela

Tak doufam, ze to ma byt tohle. Jdu na OTheLa

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/07/06 21:33:12

-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- HGST HTS545050A7E680
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) HGST HTS545050A7E680 : 500.1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HGST HTS545050A7E680
----------------------------------------------------------------------------
Model : HGST HTS545050A7E680
Firmware : GG2OAF10
Serial Number : TMA55DGL1XDR0P
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600
Power On Hours : 1122 hours
Power On Count : 821 count
Temparature : 42 C (107 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4001h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Read Error Rate
02 100 100 _40 000000000000 Throughput Performance
03 241 241 _33 000E00000001 Spin-Up Time
04 _99 _99 __0 000000000A78 Start/Stop Count
05 100 100 __5 000000000000 Reallocated Sectors Count
07 100 100 _67 000000000000 Seek Error Rate
08 100 100 _40 000000000000 Seek Time Performance
09 _98 _98 __0 000000000462 Power-On Hours
0A 100 100 _60 000000000000 Spin Retry Count
0C 100 100 __0 000000000335 Power Cycle Count
BF 100 100 __0 000000000000 G-Sense Error Rate
C0 100 100 __0 000000000000 Power-off Retract Count
C1 _97 _97 __0 0000000083BF Load/Unload Cycle Count
C2 142 142 __0 0031000D002A Temperature
C4 100 100 __0 000000000000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
DF 100 100 __0 000000000000 Load/Unload Retry Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 544D 4135 474C 474C 3158 4452 3050
020: 0003 4000 0004 4747 324F 3130 3130 4847 5354 2048
030: 5453 3534 3530 3530 4137 3830 3830 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F0E 1F0E 0004 005E 0040
080: 01FC 0028 746B 7D69 6163 BC49 BC49 6163 207F 0039
090: 003A 4001 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 826C 5000 CCA7
110: CEDB 019B 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 4000 4000 0400 0003 0000
140: 0000 0504 0505 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3232 4246 0000 0000 0000 5DBD 2388 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 60A5

VIRY.CZ

zpomaleny notebook - pro Márty84

zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84

Re: zpomaleny notebook - pro Márty84