Potíže s notebookem

Zpráva

Rillana · #1 Příspěvek od **Rillana** » 15 črc 2015 17:01

Zdravím,

ze dne na den se mi strašným způsobem zpomalil notebook. Je to starší "pán", má šest let, takže nečekám závratnou rychlost, ale nyní jen otevření složky zabere pár minut, když mám otevřený prohlížeč, tak se jednotlivé záložky sekají, okno nelze shodit, zavřít. Navíc mám pocit (možný mylný), že mi mizí volné místo na disku. Průběžně vymazávám, co nepotřebuju, ale stejně mám pořád jen pár GB volných. Mohla bych vás požádat o kontrolu, co je špatně. Přikládám log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2015-07-15 17:27:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (7%) free of 100 GB
Total RAM: 2039 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:57, on 15.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DB3E14B-B630-46EF-85D9-71A05BF5BA6C}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{969B95E5-3466-4671-AC55-0512823A2715}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F30535-627E-4D35-86C2-A5575EFEEA0D}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7E49DC4-E29B-4236-B022-20CFA073B450}: NameServer =
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 8001 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3661077572-166141075-3028038341-1000Core.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3661077572-166141075-3028038341-1000UA.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.191 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_191.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-02 5515496]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2015-03-18 575328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26 107912]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-15 17:27:54 ----D---- C:\Program Files\trend micro
2015-07-15 17:27:41 ----D---- C:\rsit
2015-07-15 16:56:34 ----SHD---- C:\Config.Msi
2015-07-14 17:35:07 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-07-14 17:34:50 ----D---- C:\ProgramData\Malwarebytes
2015-07-14 17:34:50 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-07-02 08:46:33 ----D---- C:\Windows\system32\vbox
2015-07-01 21:22:19 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-01 21:21:53 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-07-15 17:27:54 ----D---- C:\Program Files
2015-07-15 17:27:06 ----D---- C:\Windows\Temp
2015-07-15 17:23:38 ----D---- C:\Windows\winsxs
2015-07-15 17:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-15 16:58:03 ----D---- C:\Windows\system32\config
2015-07-15 16:57:09 ----SHD---- C:\Windows\Installer
2015-07-15 16:35:41 ----D---- C:\Windows\system32\wdi
2015-07-15 16:29:48 ----A---- C:\Windows\system32\rpcnetp.exe
2015-07-15 16:29:45 ----A---- C:\Windows\system32\rpcnet.dll
2015-07-15 06:13:30 ----D---- C:\Windows\System32
2015-07-14 18:02:11 ----D---- C:\Windows\system32\drivers
2015-07-14 18:02:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-14 18:00:08 ----HD---- C:\ProgramData
2015-07-14 18:00:07 ----D---- C:\ProgramData\APN
2015-07-14 17:35:26 ----D---- C:\Windows\Prefetch
2015-07-11 08:18:50 ----SHD---- C:\System Volume Information
2015-07-10 07:55:23 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-10 07:04:38 ----D---- C:\Program Files\Google
2015-07-09 20:43:12 ----A---- C:\Windows\system32\identprv.dll
2015-07-08 21:03:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-08 21:03:09 ----D---- C:\Windows\inf
2015-07-08 20:58:32 ----D---- C:\Windows\system32\NDF
2015-07-02 12:50:33 ----D---- C:\Program Files\WinRAR
2015-07-02 08:40:59 ----D---- C:\Windows\system32\Tasks
2015-07-01 21:22:13 ----D---- C:\Windows
2015-06-23 13:27:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-01 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-01 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-01 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-01 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-02 428120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-01 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-01 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-01 106912]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-01 220752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-07-15 98520]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
S3 LVUVC;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 401800]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-01 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2015-04-23 78032]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2015-03-18 581984]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-03-04 428640]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10 268464]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-01 3207800]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Děkuji za pomoc

#2 Příspěvek od **Rudy** » 15 črc 2015 17:24

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Rillana · #3 Příspěvek od **Rillana** » 15 črc 2015 18:17

Dobrý večer,

udělala jsem výše uvedené a mám tenhle log:

# AdwCleaner v4.208 - Log vytvořen 15/07/2015 v 19:08:12
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-15.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x86)
# Uživatelské jméno : PC - PC-PC
# Spuštěno z : C:\Users\PC\Downloads\adwcleaner_4.208.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\Users\PC\AppData\Local\Temp\apn
Složka Smazáno : C:\Users\PC\AppData\Local\VNT
Soubor Smazáno : C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
Soubor Smazáno : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor Smazáno : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\pc-mechanic
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95289393-33EA-4F8D-B952-483415B9C955}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{95289393-33EA-4F8D-B952-483415B9C955}]
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Mozilla Firefox v15.0.1 (cs)

[t1d9eo8i.default\prefs.js] - Řádek Smazáno : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002");

-\\ Google Chrome v

[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://www.search.ask.com/web?tpid=FF3-V7C&o=A ... earchTerms}

*************************

AdwCleaner[R0].txt - [3425 bytů] - [15/07/2015 19:06:36]
AdwCleaner[S0].txt - [3335 bytů] - [15/07/2015 19:08:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3393 bytů] ##########

#4 Příspěvek od **Rudy** » 15 črc 2015 19:08

Dejte nový log RSIT.

Rillana · #5 Příspěvek od **Rillana** » 15 črc 2015 19:24

Zde:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2015-07-15 20:22:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 5 GB (5%) free of 100 GB
Total RAM: 2039 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:23:04, on 15.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DB3E14B-B630-46EF-85D9-71A05BF5BA6C}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{969B95E5-3466-4671-AC55-0512823A2715}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F30535-627E-4D35-86C2-A5575EFEEA0D}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7E49DC4-E29B-4236-B022-20CFA073B450}: NameServer =
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 7334 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3661077572-166141075-3028038341-1000Core.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3661077572-166141075-3028038341-1000UA.job - C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-02 5515496]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2015-03-18 575328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26 107912]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-15 19:06:18 ----D---- C:\AdwCleaner
2015-07-15 17:27:54 ----D---- C:\Program Files\trend micro
2015-07-15 17:27:41 ----D---- C:\rsit
2015-07-15 16:56:34 ----SHD---- C:\Config.Msi
2015-07-14 17:35:07 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-07-14 17:34:50 ----D---- C:\ProgramData\Malwarebytes
2015-07-14 17:34:50 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-07-02 08:46:33 ----D---- C:\Windows\system32\vbox
2015-07-01 21:22:19 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-01 21:21:53 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-07-15 20:23:00 ----D---- C:\Windows\Temp
2015-07-15 19:30:35 ----D---- C:\Windows\system32\config
2015-07-15 19:10:45 ----A---- C:\Windows\system32\rpcnetp.exe
2015-07-15 19:10:42 ----A---- C:\Windows\system32\rpcnet.dll
2015-07-15 19:08:12 ----HD---- C:\ProgramData
2015-07-15 18:16:52 ----D---- C:\Windows\System32
2015-07-15 18:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-15 18:16:51 ----D---- C:\Windows\inf
2015-07-15 17:56:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 17:54:24 ----SHD---- C:\System Volume Information
2015-07-15 17:27:54 ----D---- C:\Program Files
2015-07-15 17:23:38 ----D---- C:\Windows\winsxs
2015-07-15 17:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-15 16:57:09 ----SHD---- C:\Windows\Installer
2015-07-15 16:35:41 ----D---- C:\Windows\system32\wdi
2015-07-14 18:02:11 ----D---- C:\Windows\system32\drivers
2015-07-14 18:02:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-14 17:35:26 ----D---- C:\Windows\Prefetch
2015-07-10 07:04:38 ----D---- C:\Program Files\Google
2015-07-09 20:43:12 ----A---- C:\Windows\system32\identprv.dll
2015-07-08 20:58:32 ----D---- C:\Windows\system32\NDF
2015-07-02 12:50:33 ----D---- C:\Program Files\WinRAR
2015-07-02 08:40:59 ----D---- C:\Windows\system32\Tasks
2015-07-01 21:22:13 ----D---- C:\Windows
2015-06-23 13:27:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-01 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-01 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-01 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-01 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-02 428120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-01 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-01 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-01 106912]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-01 220752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-07-15 98520]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
S3 LVUVC;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 401800]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-01 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2015-04-23 78032]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2015-03-18 581984]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-03-04 428640]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-01 3207800]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 15 črc 2015 20:34

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3661077572-166141075-3028038341-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3661077572-166141075-3028038341-1000UA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Rillana · #7 Příspěvek od **Rillana** » 15 črc 2015 22:31

Nedařilo se mi provést sken, ale nakonec jsem zvítězila:) Nový log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2015-07-15 23:28:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (8%) free of 100 GB
Total RAM: 2039 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:29:03, on 15.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DB3E14B-B630-46EF-85D9-71A05BF5BA6C}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{969B95E5-3466-4671-AC55-0512823A2715}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F30535-627E-4D35-86C2-A5575EFEEA0D}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7E49DC4-E29B-4236-B022-20CFA073B450}: NameServer =
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 7467 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-02 5515496]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2015-03-18 575328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26 107912]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-15 21:58:03 ----D---- C:\_OTM
2015-07-15 19:06:18 ----D---- C:\AdwCleaner
2015-07-15 17:27:54 ----D---- C:\Program Files\trend micro
2015-07-15 17:27:41 ----D---- C:\rsit
2015-07-14 17:35:07 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-07-14 17:34:50 ----D---- C:\ProgramData\Malwarebytes
2015-07-14 17:34:50 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-07-02 08:46:33 ----D---- C:\Windows\system32\vbox
2015-07-01 21:22:19 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-01 21:21:53 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-07-15 23:27:26 ----D---- C:\Windows\Temp
2015-07-15 23:25:24 ----D---- C:\Windows\system32\config
2015-07-15 23:25:15 ----A---- C:\Windows\system32\rpcnetp.exe
2015-07-15 23:25:13 ----A---- C:\Windows\system32\rpcnet.dll
2015-07-15 23:23:13 ----D---- C:\Windows
2015-07-15 23:12:20 ----SHD---- C:\Windows\Installer
2015-07-15 23:11:35 ----D---- C:\Windows\Prefetch
2015-07-15 23:10:39 ----SHD---- C:\System Volume Information
2015-07-15 22:15:01 ----D---- C:\Windows\Tasks
2015-07-15 22:14:00 ----D---- C:\Program Files
2015-07-15 19:08:12 ----HD---- C:\ProgramData
2015-07-15 18:16:52 ----D---- C:\Windows\System32
2015-07-15 18:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-15 18:16:51 ----D---- C:\Windows\inf
2015-07-15 17:56:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 17:23:38 ----D---- C:\Windows\winsxs
2015-07-15 17:06:53 ----D---- C:\Windows\system32\catroot2
2015-07-15 16:35:41 ----D---- C:\Windows\system32\wdi
2015-07-14 18:02:11 ----D---- C:\Windows\system32\drivers
2015-07-14 18:02:11 ----D---- C:\Windows\PolicyDefinitions
2015-07-10 07:04:38 ----D---- C:\Program Files\Google
2015-07-09 20:43:12 ----A---- C:\Windows\system32\identprv.dll
2015-07-08 20:58:32 ----D---- C:\Windows\system32\NDF
2015-07-02 12:50:33 ----D---- C:\Program Files\WinRAR
2015-07-02 08:40:59 ----D---- C:\Windows\system32\Tasks
2015-06-23 13:27:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-01 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-01 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-01 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-01 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-02 428120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-01 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-01 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-01 106912]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-01 220752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-07-15 98520]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
S3 LVUVC;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 401800]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-01 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2015-04-23 78032]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2015-03-18 581984]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-03-04 428640]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-01 3207800]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-23 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 16 črc 2015 16:17

Dvouklikem na soubor C:\Program Files\trend micro\PC.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Rillana · #9 Příspěvek od **Rillana** » 16 črc 2015 19:33

Provedeno. Počítač je podstatně rychlejší, ale stále mi podivným způsobem mizí místo na disku C. Mám zase vložit log?

#10 Příspěvek od **Rudy** » 16 črc 2015 20:27

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Rillana · #11 Příspěvek od **Rillana** » 16 črc 2015 21:15

Sken jsem dělala asi před dvěma dny a tehdy jsem nalezené hrozby smazala:/ Dneska jsem ho udělala znovu a tady je log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2015-07-16 22:05:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (7%) free of 100 GB
Total RAM: 2039 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:05:31, on 16.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17909)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exea
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Logitech\Vid HD\Vid.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1DB3E14B-B630-46EF-85D9-71A05BF5BA6C}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{969B95E5-3466-4671-AC55-0512823A2715}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F30535-627E-4D35-86C2-A5575EFEEA0D}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7E49DC4-E29B-4236-B022-20CFA073B450}: NameServer =
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Samsung Link Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

--
End of file - 7708 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default\searchplugins\
seznam-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1045800]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2011-11-11 205336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-02 5515496]
"Samsung Link"=C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [2015-03-18 575328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files\Logitech\Vid HD\Vid.exe [2011-01-13 6129496]
"T-Mobile CManager"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]
"Google Update"=C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26 107912]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-16 22:05:13 ----D---- C:\rsit
2015-07-15 19:06:18 ----D---- C:\AdwCleaner
2015-07-15 17:28:46 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 17:28:40 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 17:28:40 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 17:28:40 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 17:28:40 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 17:28:40 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 17:28:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 17:28:40 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 17:28:39 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 17:28:39 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 17:28:39 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 17:28:16 ----A---- C:\Windows\system32\msi.dll
2015-07-15 17:28:16 ----A---- C:\Windows\system32\authui.dll
2015-07-15 17:28:15 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 17:28:15 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 17:28:15 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 17:28:15 ----A---- C:\Windows\system32\consent.exe
2015-07-15 17:28:15 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 17:27:54 ----D---- C:\Program Files\trend micro
2015-07-15 17:27:20 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 17:27:17 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 17:27:17 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 17:27:16 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 17:27:16 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 17:27:16 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 17:27:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 17:27:16 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 17:27:16 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 17:27:13 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 17:27:10 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 17:27:09 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 17:27:09 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 17:27:09 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wups.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 17:26:52 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 17:26:31 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 17:26:27 ----A---- C:\Windows\system32\lpk.dll
2015-07-15 17:26:27 ----A---- C:\Windows\system32\dciman32.dll
2015-07-15 17:26:27 ----A---- C:\Windows\system32\atmlib.dll
2015-07-15 17:26:27 ----A---- C:\Windows\system32\atmfd.dll
2015-07-15 17:26:26 ----A---- C:\Windows\system32\fontsub.dll
2015-07-15 17:26:22 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 17:26:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 17:26:17 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 17:26:16 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 17:26:15 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 17:26:13 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 17:26:10 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 17:25:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 17:25:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 17:25:56 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 17:25:55 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 17:25:55 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 17:25:55 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 17:25:54 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 17:25:54 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 17:25:53 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 17:25:53 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 17:25:53 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 17:25:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 17:25:51 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 17:25:50 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 17:25:49 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 17:25:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 17:25:48 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 17:25:43 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 17:25:42 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 17:25:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 17:25:32 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 17:25:30 ----A---- C:\Windows\system32\vbscript.dll
2015-07-14 17:35:07 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-07-14 17:34:50 ----D---- C:\ProgramData\Malwarebytes
2015-07-14 17:34:50 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-07-14 17:34:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-07-02 08:46:33 ----D---- C:\Windows\system32\vbox
2015-07-01 21:22:19 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-01 21:21:53 ----A---- C:\Windows\avastSS.scr
2015-06-17 01:01:52 ----A---- C:\Windows\system32\FM20.DLL

======List of files/folders modified in the last 1 month======

2015-07-16 22:05:26 ----D---- C:\Windows\Temp
2015-07-16 21:33:27 ----D---- C:\Windows\system32\drivers
2015-07-16 20:26:45 ----D---- C:\Windows\system32\config
2015-07-16 20:26:35 ----A---- C:\Windows\system32\rpcnetp.exe
2015-07-16 20:26:33 ----A---- C:\Windows\system32\rpcnet.dll
2015-07-16 20:15:33 ----SHD---- C:\System Volume Information
2015-07-16 06:14:12 ----D---- C:\Windows\system32\NDF
2015-07-16 05:53:14 ----SHD---- C:\Windows\Installer
2015-07-16 05:52:08 ----D---- C:\Windows\System32
2015-07-16 05:50:23 ----D---- C:\Windows\system32\Tasks
2015-07-16 05:34:40 ----D---- C:\Windows\winsxs
2015-07-16 05:34:07 ----A---- C:\Windows\system32\rpcnetp.dll
2015-07-16 05:31:08 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 05:31:04 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 05:31:03 ----D---- C:\Windows\system32\wbem
2015-07-16 05:31:03 ----D---- C:\Windows\system32\appraiser
2015-07-16 05:31:03 ----D---- C:\Windows\AppPatch
2015-07-16 05:31:01 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 05:31:00 ----D---- C:\Windows\system32\en-US
2015-07-16 05:31:00 ----D---- C:\Program Files\Internet Explorer
2015-07-15 23:45:23 ----D---- C:\Windows\system32\MRT
2015-07-15 23:43:28 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 23:36:59 ----D---- C:\Windows\system32\catroot2
2015-07-15 23:23:13 ----D---- C:\Windows
2015-07-15 23:11:35 ----D---- C:\Windows\Prefetch
2015-07-15 22:15:01 ----D---- C:\Windows\Tasks
2015-07-15 22:14:00 ----D---- C:\Program Files
2015-07-15 19:08:12 ----HD---- C:\ProgramData
2015-07-15 18:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-15 18:16:51 ----D---- C:\Windows\inf
2015-07-15 17:56:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 16:35:41 ----D---- C:\Windows\system32\wdi
2015-07-10 07:04:38 ----D---- C:\Program Files\Google
2015-07-09 20:43:12 ----A---- C:\Windows\system32\identprv.dll
2015-07-03 08:49:12 ----A---- C:\Windows\system32\MRT.exe
2015-07-02 12:50:33 ----D---- C:\Program Files\WinRAR
2015-06-23 13:27:10 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-01 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-01 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-01 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-01 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-02 428120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-01 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-01 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-01 106912]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-01 220752]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-25 15544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-07-16 98520]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-27 199472]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 202752]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-01-18 312096]
S3 LVUVC;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-01-18 4332960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AllShare Framework DMS;AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 401800]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-01 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2015-04-23 78032]
R2 Samsung Link Service;Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2015-03-18 581984]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-03-04 428640]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-01 3207800]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#12 Příspěvek od **Rudy** » 16 črc 2015 21:32

Potřeboval bych vidět přímo log MBAM. Byly nějaké hrozby? Kdyby ten problém byl viditelný v RSIT, MBAM bych nežádal.

Rillana · #13 Příspěvek od **Rillana** » 17 črc 2015 04:58

V historii skenů jsem našla tenhle zápis, měl by to být úplně první sken, který jsem dělala:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14.7.2015
Čas skenování: 17:36
Protokol: hrozby.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.14.04
Databáze rootkitů: v2015.07.14.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: PC

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 311515
Uplynulý čas: 22 min, 16 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 8
PUP.Optional.SweetPacks.A, HKU\S-1-5-21-3661077572-166141075-3028038341-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, Do karantény, [4864cb16147687afa5942897e919f010],
PUP.Optional.SweetPacks.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}, Do karantény, [4864cb16147687afa5942897e919f010],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\AskPartnerNetwork, Do karantény, [bfed479a0f7b81b52d133ac919eaa35d],
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\MPIKFGFOPLCDLJPJENIJBLIJNCNKBGGC, Do karantény, [2e7ebc25b4d6a98dab75593891738e72],
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-5637-4300-76A7-A758B70C1D00}, Do karantény, [fbb16879e2a88babd42c4eb41be87b85],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Do karantény, [fcb033ae266441f5eb5450b3bc47f60a],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3661077572-166141075-3028038341-1000\SOFTWARE\AskPartnerNetwork, Do karantény, [e9c30ed338520d2996a9ec1711f2a759],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3661077572-166141075-3028038341-1000\SOFTWARE\SweetIM, Do karantény, [cce0974a59316fc71448ac6b7e8532ce],

Hodnoty registru: 4
PUP.Optional.AskPartnerNetwork.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\mpikfgfoplcdljpjenijblijncnkbggc|path, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\CRX\ToolbarCR.crx, Do karantény, [2e7ebc25b4d6a98dab75593891738e72]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|URL, http://search.sweetim.com/search.asp?sr ... 0000.10002, Do karantény, [6f3d9e437d0d2511bd0408fb51b248b8]
PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4646332D-5637-4300-76A7-A758B70C1D00}|InstallSource, C:\ProgramData\APN\APN-Stub\FF3-V7C\, Do karantény, [fbb16879e2a88babd42c4eb41be87b85]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3661077572-166141075-3028038341-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{EEE6C360-6118-11DC-9C72-001320C79847}|URL, http://search.sweetim.com/search.asp?sr ... 0000.10002, Do karantény, [f8b4df0266244de9a71944bf0af913ed]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 22
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\270834733D6D4786AD6C01F69E0A7483, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\27D0E842E4984EECA195914C681CD4EC, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\4E7674B2D1804783A6A649B581A63DDB, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\5B9EBBF41CBE415FADD5B5A9ECDE327A, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\B95A10F0F1F14D82BFC547993A147160, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\BB40D0CD0AF44D1694A365CACCED9CC0, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\OpenCandy_5B9EBBF41CBE415FADD5B5A9ECDE327A, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Do karantény, [b8f44f922a60e74fc73e946cc3408a76],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\CRX, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Response, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork\Toolbar, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork\Toolbar\Updater, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork, Do karantény, [3973f0f1ec9e2d09709810f029da1ee2],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\ChromeUtils, Do karantény, [3973f0f1ec9e2d09709810f029da1ee2],

Soubory: 37
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Local\Temp\GrLauncherTempSetup.exe, Do karantény, [59538061c2c8989e514b5203bc493ec2],
PUP.Optional.OpenCandy, C:\Users\PC\Downloads\GOMPLAYERENSETUP (1).EXE, Do karantény, [456712cf2466aa8c4359e47115f040c0],
PUP.Optional.OpenCandy, C:\Users\PC\Downloads\GOMPLAYERENSETUP.EXE, Do karantény, [575549989cee5ed81f7d61f4e02553ad],
PUP.Optional.MediaDrug.C, C:\Users\PC\Downloads\Manegarm - Vargstenen.exe, Do karantény, [c5e76f722565d75fdfd74a3a16eb28d8],
PUP.Optional.SweetIM.C, C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\t1d9eo8i.default\searchplugins\sweetim.xml, Do karantény, [b3f9875a8802c27496eee22a9f64738d],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\270834733D6D4786AD6C01F69E0A7483\pcmechanicpmROW_p1v2.exe, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\27D0E842E4984EECA195914C681CD4EC\AVG-PC-TuneUp2014-cz-CZ-p4v1.exe, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\4E7674B2D1804783A6A649B581A63DDB\AVG-PC-TuneUp2014-cz-CZ-p4v1.exe, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\5B9EBBF41CBE415FADD5B5A9ECDE327A\nitro_pdf_reader2_x86_EN_p3v1.exe, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\B95A10F0F1F14D82BFC547993A147160\avg_tuht_stf_cs_2014_206_CZ.exe, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.OpenCandy, C:\Users\PC\AppData\Roaming\OpenCandy\BB40D0CD0AF44D1694A365CACCED9CC0\AVG-PC-TuneUp2014.exe, Do karantény, [baf22fb214762a0c516001cfc73b9c64],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\CRX\ToolbarCR.crx, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.18.0.0-4.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.10.1.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.10.2.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.10.3.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.14.0.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.15.1.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.18.0.0-5.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.19.1.0-5.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.20.0.0-5.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.4.2.0-4.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.6.0.0-4.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.6.2.0-4.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.6.4.0-2.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.6.4.0-4.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.6.6.0-4.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.9.0.0-2.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.9.0.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Config\Config.31.9.3.0-3.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Response\Response.31.20.0.0-15.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\FF3-V7C\Updater\Response\Response.31.20.0.0-16.xml, Do karantény, [6e3e04ddb5d510267393ba4609fab54b],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Users\PC\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, Do karantény, [4a62e4fd5c2ede589f683cc4996a6a96],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, Do karantény, [3973f0f1ec9e2d09709810f029da1ee2],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\ChromeUtils\com.apn.native_messaging_host_mpikfgfoplcdljpjenijblijncnkbggc.json, Do karantény, [3973f0f1ec9e2d09709810f029da1ee2],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#14 Příspěvek od **Rudy** » 17 črc 2015 16:13

Pokud to tam ještě máte, smažte vše.

Rillana · #15 Příspěvek od **Rillana** » 18 črc 2015 08:24

Po skenu jsem všechny hrozby přesunula do karantény a teď jsem vymazala i odtud.

VIRY.CZ

Potíže s notebookem

Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem

Re: Potíže s notebookem