Prosím o preventivku

Zpráva

Martinus · #1 Příspěvek od **Martinus** » 27 lis 2015 15:36

Dobrý den,

prosím o preventivku staršího netbooku, nechce mi načítat stránky přes https. Chci se jen ujistit, že tam není virus, pak budu pátrat dál.

Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2015-11-27 15:30:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (44%) free of 153 GB
Total RAM: 1015 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:32:31, on 27.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\admin\Downloads\RSIT.exe
C:\Program Files\trend micro\admin.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 3866 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5nnclyax.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17 559624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2002-01-01 6133520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-21 15:56:36 ----D---- C:\71fcaf367556be74870d
2015-11-21 15:25:24 ----A---- C:\Windows\system32\InkEd.dll
2015-11-21 15:25:22 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-21 15:25:16 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-21 15:25:16 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-21 15:25:04 ----A---- C:\Windows\system32\kerberos.dll
2015-11-21 15:25:02 ----A---- C:\Windows\system32\schannel.dll
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\ntdll.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-21 15:24:58 ----A---- C:\Windows\system32\srcore.dll
2015-11-21 15:24:58 ----A---- C:\Windows\system32\rstrui.exe
2015-11-21 15:24:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-21 15:24:57 ----A---- C:\Windows\system32\smss.exe
2015-11-21 15:24:57 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-21 15:24:57 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\wdigest.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\lsass.exe
2015-11-21 15:24:56 ----A---- C:\Windows\system32\auditpol.exe
2015-11-21 15:24:55 ----A---- C:\Windows\system32\sspicli.dll
2015-11-21 15:24:55 ----A---- C:\Windows\system32\srclient.dll
2015-11-21 15:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\credssp.dll
2015-11-21 15:24:53 ----A---- C:\Windows\system32\secur32.dll
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\msobjs.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\msaudite.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\adtschema.dll
2015-11-21 15:23:54 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-21 15:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-21 15:23:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-21 15:23:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-21 15:23:44 ----A---- C:\Windows\system32\iernonce.dll
2015-11-21 15:23:44 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-21 15:23:43 ----A---- C:\Windows\system32\occache.dll
2015-11-21 15:23:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-21 15:23:42 ----A---- C:\Windows\system32\urlmon.dll
2015-11-21 15:23:42 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-21 15:23:41 ----A---- C:\Windows\system32\vbscript.dll
2015-11-21 15:23:41 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-21 15:23:40 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-21 15:23:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-21 15:23:35 ----A---- C:\Windows\system32\webcheck.dll
2015-11-21 15:23:35 ----A---- C:\Windows\system32\msrating.dll
2015-11-21 15:23:34 ----A---- C:\Windows\system32\iesetup.dll
2015-11-21 15:23:33 ----A---- C:\Windows\system32\jscript.dll
2015-11-21 15:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-21 15:23:32 ----A---- C:\Windows\system32\wininet.dll
2015-11-21 15:23:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-21 15:23:28 ----A---- C:\Windows\system32\ieui.dll
2015-11-21 15:23:26 ----A---- C:\Windows\system32\ieframe.dll
2015-11-21 15:23:22 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-21 15:23:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-21 15:23:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-21 15:23:17 ----A---- C:\Windows\system32\jscript9.dll
2015-11-21 15:23:15 ----A---- C:\Windows\system32\mshtml.dll
2015-11-21 15:23:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-21 15:22:35 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-21 15:22:35 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-21 15:21:30 ----A---- C:\Windows\system32\wucltux.dll
2015-11-21 15:21:30 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\wuapi.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wups2.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wups.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wudriver.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wuapp.exe
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wu.upgrade.ps.dll

======List of files/folders modified in the last 1 month======

2015-11-27 15:32:31 ----D---- C:\Windows\Temp
2015-11-27 15:30:42 ----D---- C:\Program Files\trend micro
2015-11-27 15:25:07 ----D---- C:\Windows\Microsoft.NET
2015-11-27 15:23:28 ----D---- C:\Windows\system32\config
2015-11-23 14:45:50 ----RSD---- C:\Windows\assembly
2015-11-23 14:38:46 ----D---- C:\Windows\System32
2015-11-23 14:38:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-23 14:38:45 ----D---- C:\Windows\inf
2015-11-21 16:12:59 ----D---- C:\Windows\system32\MRT
2015-11-21 15:57:03 ----A---- C:\Windows\system32\MRT.exe
2015-11-21 15:39:16 ----SHD---- C:\System Volume Information
2015-11-21 15:13:19 ----D---- C:\Windows\system32\catroot2
2015-11-21 15:10:21 ----SHD---- C:\Windows\Installer
2015-11-15 11:45:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-09 14:41:50 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-04 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-04 208664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-04 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2002-01-01 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2002-01-01 435464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-04 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-04 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-04 115640]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-04 146600]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-15 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-30 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-10 148136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-28 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 28 lis 2015 16:51

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Martinus · #3 Příspěvek od **Martinus** » 29 lis 2015 15:27

Děkuji za pomoc

# AdwCleaner v5.022 - Logfile created 29/11/2015 at 15:20:20
# Updated 22/11/2015 by Xplode
# Database : 2015-11-22.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : admin - ADMIN-PC
# Running from : C:\Users\admin\Downloads\adwcleaner_5.022.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Users\admin\AppData\Local\Mobogenie

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\InstallCore
[-] Key Deleted : HKLM\SOFTWARE\PIP

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [866 bytes] ##########

#4 Příspěvek od **Rudy** » 29 lis 2015 17:22

Dejte nový log RSIT.

Martinus · #5 Příspěvek od **Martinus** » 01 pro 2015 09:00

Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2015-12-01 08:56:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (44%) free of 153 GB
Total RAM: 1015 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:57:40, on 1.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\admin\Downloads\RSIT (1).exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 3826 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5nnclyax.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17 559624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2002-01-01 6133520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-29 15:14:12 ----D---- C:\AdwCleaner
2015-11-21 15:56:36 ----D---- C:\71fcaf367556be74870d
2015-11-21 15:25:24 ----A---- C:\Windows\system32\InkEd.dll
2015-11-21 15:25:22 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-21 15:25:16 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-21 15:25:16 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-21 15:25:04 ----A---- C:\Windows\system32\kerberos.dll
2015-11-21 15:25:02 ----A---- C:\Windows\system32\schannel.dll
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\ntdll.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-21 15:24:58 ----A---- C:\Windows\system32\srcore.dll
2015-11-21 15:24:58 ----A---- C:\Windows\system32\rstrui.exe
2015-11-21 15:24:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-21 15:24:57 ----A---- C:\Windows\system32\smss.exe
2015-11-21 15:24:57 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-21 15:24:57 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\wdigest.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\lsass.exe
2015-11-21 15:24:56 ----A---- C:\Windows\system32\auditpol.exe
2015-11-21 15:24:55 ----A---- C:\Windows\system32\sspicli.dll
2015-11-21 15:24:55 ----A---- C:\Windows\system32\srclient.dll
2015-11-21 15:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\credssp.dll
2015-11-21 15:24:53 ----A---- C:\Windows\system32\secur32.dll
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\msobjs.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\msaudite.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\adtschema.dll
2015-11-21 15:23:54 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-21 15:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-21 15:23:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-21 15:23:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-21 15:23:44 ----A---- C:\Windows\system32\iernonce.dll
2015-11-21 15:23:44 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-21 15:23:43 ----A---- C:\Windows\system32\occache.dll
2015-11-21 15:23:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-21 15:23:42 ----A---- C:\Windows\system32\urlmon.dll
2015-11-21 15:23:42 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-21 15:23:41 ----A---- C:\Windows\system32\vbscript.dll
2015-11-21 15:23:41 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-21 15:23:40 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-21 15:23:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-21 15:23:35 ----A---- C:\Windows\system32\webcheck.dll
2015-11-21 15:23:35 ----A---- C:\Windows\system32\msrating.dll
2015-11-21 15:23:34 ----A---- C:\Windows\system32\iesetup.dll
2015-11-21 15:23:33 ----A---- C:\Windows\system32\jscript.dll
2015-11-21 15:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-21 15:23:32 ----A---- C:\Windows\system32\wininet.dll
2015-11-21 15:23:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-21 15:23:28 ----A---- C:\Windows\system32\ieui.dll
2015-11-21 15:23:26 ----A---- C:\Windows\system32\ieframe.dll
2015-11-21 15:23:22 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-21 15:23:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-21 15:23:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-21 15:23:17 ----A---- C:\Windows\system32\jscript9.dll
2015-11-21 15:23:15 ----A---- C:\Windows\system32\mshtml.dll
2015-11-21 15:23:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-21 15:22:35 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-21 15:22:35 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-21 15:21:30 ----A---- C:\Windows\system32\wucltux.dll
2015-11-21 15:21:30 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\wuapi.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wups2.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wups.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wudriver.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wuapp.exe
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wu.upgrade.ps.dll

======List of files/folders modified in the last 1 month======

2015-12-01 08:56:37 ----D---- C:\Program Files\trend micro
2015-12-01 08:55:55 ----D---- C:\Windows\Temp
2015-12-01 08:48:17 ----D---- C:\Windows\system32\config
2015-11-27 15:25:07 ----D---- C:\Windows\Microsoft.NET
2015-11-23 14:45:50 ----RSD---- C:\Windows\assembly
2015-11-23 14:38:46 ----D---- C:\Windows\System32
2015-11-23 14:38:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-23 14:38:45 ----D---- C:\Windows\inf
2015-11-21 16:12:59 ----D---- C:\Windows\system32\MRT
2015-11-21 15:57:03 ----A---- C:\Windows\system32\MRT.exe
2015-11-21 15:39:16 ----SHD---- C:\System Volume Information
2015-11-21 15:13:19 ----D---- C:\Windows\system32\catroot2
2015-11-21 15:10:21 ----SHD---- C:\Windows\Installer
2015-11-15 11:45:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-09 14:41:50 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-04 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-04 208664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-04 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2002-01-01 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2002-01-01 435464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-04 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-04 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-04 115640]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-04 146600]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-15 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-30 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-10 148136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-28 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 01 pro 2015 17:35

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Martinus · #7 Příspěvek od **Martinus** » 02 pro 2015 10:27

Provedeno, na konci je ještě log z OTM:

Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2015-12-02 10:21:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 68 GB (44%) free of 153 GB
Total RAM: 1015 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:23:29, on 2.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Download\RSIT (2).exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 3848 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5nnclyax.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-17 559624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2002-01-01 6133520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-02 09:57:40 ----D---- C:\_OTM
2015-11-29 15:14:12 ----D---- C:\AdwCleaner
2015-11-21 15:56:36 ----D---- C:\71fcaf367556be74870d
2015-11-21 15:25:24 ----A---- C:\Windows\system32\InkEd.dll
2015-11-21 15:25:22 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-21 15:25:16 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-21 15:25:16 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-21 15:25:04 ----A---- C:\Windows\system32\kerberos.dll
2015-11-21 15:25:02 ----A---- C:\Windows\system32\schannel.dll
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-11-21 15:25:01 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\ntdll.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-21 15:24:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-21 15:24:58 ----A---- C:\Windows\system32\srcore.dll
2015-11-21 15:24:58 ----A---- C:\Windows\system32\rstrui.exe
2015-11-21 15:24:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-21 15:24:57 ----A---- C:\Windows\system32\smss.exe
2015-11-21 15:24:57 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-21 15:24:57 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\wdigest.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-21 15:24:56 ----A---- C:\Windows\system32\lsass.exe
2015-11-21 15:24:56 ----A---- C:\Windows\system32\auditpol.exe
2015-11-21 15:24:55 ----A---- C:\Windows\system32\sspicli.dll
2015-11-21 15:24:55 ----A---- C:\Windows\system32\srclient.dll
2015-11-21 15:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-21 15:24:54 ----A---- C:\Windows\system32\credssp.dll
2015-11-21 15:24:53 ----A---- C:\Windows\system32\secur32.dll
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-21 15:24:53 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\msobjs.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\msaudite.dll
2015-11-21 15:24:52 ----A---- C:\Windows\system32\adtschema.dll
2015-11-21 15:23:54 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-21 15:23:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-21 15:23:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-21 15:23:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-21 15:23:44 ----A---- C:\Windows\system32\iernonce.dll
2015-11-21 15:23:44 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-21 15:23:43 ----A---- C:\Windows\system32\occache.dll
2015-11-21 15:23:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-21 15:23:42 ----A---- C:\Windows\system32\urlmon.dll
2015-11-21 15:23:42 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-21 15:23:41 ----A---- C:\Windows\system32\vbscript.dll
2015-11-21 15:23:41 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-21 15:23:40 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-21 15:23:40 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-21 15:23:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-21 15:23:35 ----A---- C:\Windows\system32\webcheck.dll
2015-11-21 15:23:35 ----A---- C:\Windows\system32\msrating.dll
2015-11-21 15:23:34 ----A---- C:\Windows\system32\iesetup.dll
2015-11-21 15:23:33 ----A---- C:\Windows\system32\jscript.dll
2015-11-21 15:23:33 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-21 15:23:32 ----A---- C:\Windows\system32\wininet.dll
2015-11-21 15:23:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-21 15:23:28 ----A---- C:\Windows\system32\ieui.dll
2015-11-21 15:23:26 ----A---- C:\Windows\system32\ieframe.dll
2015-11-21 15:23:22 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-21 15:23:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-21 15:23:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-21 15:23:17 ----A---- C:\Windows\system32\jscript9.dll
2015-11-21 15:23:15 ----A---- C:\Windows\system32\mshtml.dll
2015-11-21 15:23:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-21 15:22:35 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-21 15:22:35 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-21 15:21:30 ----A---- C:\Windows\system32\wucltux.dll
2015-11-21 15:21:30 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\wuapi.dll
2015-11-21 15:21:29 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wups2.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wups.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wudriver.dll
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wuapp.exe
2015-11-21 15:21:28 ----A---- C:\Windows\system32\wu.upgrade.ps.dll

======List of files/folders modified in the last 1 month======

2015-12-02 10:22:02 ----D---- C:\Program Files\trend micro
2015-12-02 10:21:51 ----D---- C:\Windows\Temp
2015-12-02 10:19:54 ----D---- C:\Download
2015-12-02 10:05:26 ----D---- C:\Windows\system32\config
2015-12-02 09:57:43 ----D---- C:\Windows\Tasks
2015-11-27 15:25:07 ----D---- C:\Windows\Microsoft.NET
2015-11-23 14:45:50 ----RSD---- C:\Windows\assembly
2015-11-23 14:38:46 ----D---- C:\Windows\System32
2015-11-23 14:38:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-23 14:38:45 ----D---- C:\Windows\inf
2015-11-21 16:12:59 ----D---- C:\Windows\system32\MRT
2015-11-21 15:57:03 ----A---- C:\Windows\system32\MRT.exe
2015-11-21 15:39:16 ----SHD---- C:\System Volume Information
2015-11-21 15:13:19 ----D---- C:\Windows\system32\catroot2
2015-11-21 15:10:21 ----SHD---- C:\Windows\Installer
2015-11-15 11:45:07 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-09 14:41:50 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-04 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-04 208664]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-04 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2002-01-01 794952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2002-01-01 435464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-04 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-04 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-04 115640]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-13 50688]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-10-04 146600]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-15 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-23 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-30 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-10 148136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-28 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Log z OTM:
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: admin
->Temp folder emptied: 58821681 bytes
->Temporary Internet Files folder emptied: 7446209 bytes
->Java cache emptied: 111570 bytes
->FireFox cache emptied: 19001007 bytes
->Google Chrome cache emptied: 150278397 bytes
->Flash cache emptied: 707 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 424365442 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 21056103 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 650,00 mb

[EMPTYFLASH]

User: admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 12022015_095740

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\DismCorePS.dll moved successfully.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\DismHost.exe moved successfully.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\DismProv.dll moved successfully.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\DmiProvider.dll moved successfully.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\LogProvider.dll moved successfully.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\OSProvider.dll moved successfully.
C:\Windows\temp\509B1A65-9C68-480C-9CB0-27E341092458\wdscore.dll moved successfully.
C:\Windows\temp\TMP00000001B0D615A4D4A8CF95 moved successfully.
File move failed. C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#8 Příspěvek od **Rudy** » 02 pro 2015 18:57

Vše smazáno. Log je již OK.

Martinus · #9 Příspěvek od **Martinus** » 02 pro 2015 23:04

Díky za pomoc

Možno zamknout.

#10 Příspěvek od **Rudy** » 03 pro 2015 18:16

Nemáte zač!

VIRY.CZ

Prosím o preventivku

Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku