Prosím o kontrolu logu, zpomalený notebook a prohlížeč.

[Leeone]

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514
Run by Michael at 10:11:38 on 2016-05-27
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.1788.815 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
C:\Program Files\Elex-tech\YAC\iSafeSvc2.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k networkservice
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
c:\windows\system32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [DAEMON Tools Lite Automount] "c:\program files\daemon tools lite\DTAgent.exe" -autorun
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RtHDVBg] c:\program files\realtek\audio\hda\RtHDVBg.exe /FORPCEE3
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{BB1A613E-E81E-4089-8F2C-339D58DCBB13} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{BB1A613E-E81E-4089-8F2C-339D58DCBB13}\0556079676D275946494 : DHCPNameServer = 192.168.50.1 8.8.8.8 192.168.1.1
TCP: Interfaces\{BB1A613E-E81E-4089-8F2C-339D58DCBB13}\55053423533323931363 : DHCPNameServer = 213.46.172.37 213.46.172.36
TCP: Interfaces\{E6C531BA-D35C-48A1-805B-9325483A234D} : DHCPNameServer = 192.168.50.1 8.8.8.8 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\michael\appdata\roaming\mozilla\firefox\profiles\74mybyp3.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_21_0_0_213.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2016-3-27 58776]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2016-3-27 221240]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2016-3-27 35096]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-3-27 816304]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-3-27 447848]
R1 iSafeKrnl;YAC Mini-Filter Driver;c:\program files\elex-tech\yac\iSafeKrnl.sys [2016-4-18 227392]
R1 iSafeKrnlKit;YAC Kit Driver;c:\program files\elex-tech\yac\iSafeKrnlKit.sys [2016-4-18 97912]
R1 iSafeKrnlMon;YAC Monitor Driver;c:\program files\elex-tech\yac\iSafeKrnlMon.sys [2016-4-18 45032]
R1 iSafeKrnlR3;YAC Ring3 Driver;c:\program files\elex-tech\yac\iSafeKrnlR3.sys [2016-4-18 73232]
R1 iSafeNetFilter;YAC NDIS Driver;c:\windows\system32\drivers\iSafeNetFilter.sys [2016-4-18 59152]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-3-27 32792]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-3-27 91168]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-3-27 127432]
R2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2016-3-27 237096]
R2 iSafeService;YAC Service;c:\program files\elex-tech\yac\iSafeSvc.exe [2016-4-18 118048]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\daemon tools lite\DiscSoftBusService.exe [2016-3-1 1126080]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\drivers\dtlitescsibus.sys [2016-3-27 26168]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\drivers\dtliteusbbus.sys [2016-3-27 40504]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2016-3-27 275048]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\drivers\rtl8192ce.sys [2016-3-27 999016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 iSafeKrnlBoot;YAC Boot Driver;c:\windows\system32\drivers\iSafeKrnlBoot.sys [2016-4-18 50280]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2016-3-27 176128]
S4 WdMan;WFini WdMan Service;c:\programdata\ywinpy\wfini.exe -svr --> c:\programdata\ywinpy\WFini.exe -svr [?]
S4 Winsere;Winsere;c:\program files\winsere\winsere\Winsere.exe [2016-3-27 316984]
SUnknown TsUsbFlt;TsUsbFlt; [x]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== File Associations ===============
.
ShellExec: SZBrowser.exe: open="c:\program files\avast software\szbrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-05-27 07:36:13 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e5fd571e-f7b8-472b-837b-36f28d9348d1}\offreg.2228.dll
2016-04-27 09:12:19 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e5fd571e-f7b8-472b-837b-36f28d9348d1}\offreg.4656.dll
.
==================== Find3M ====================
.
2016-05-03 09:15:05 50280 ----a-w- c:\windows\system32\drivers\iSafeKrnlBoot.sys
2016-04-07 17:36:07 797376 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-04-07 17:36:07 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-03-30 02:56:18 59152 ----a-w- c:\windows\system32\drivers\iSafeNetFilter.sys
2016-03-27 13:59:44 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-27 13:06:00 0 ----a-w- c:\windows\ativpsrm.bin
2016-03-27 12:38:20 40504 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-03-27 12:36:35 26168 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-03-27 12:21:25 737280 ----a-w- c:\windows\iun6002.exe
2016-03-27 12:05:45 91168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-03-27 12:05:45 816304 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-03-27 12:05:40 221240 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-03-27 12:04:55 58776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-03-27 12:04:55 32792 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-03-27 12:04:55 127432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-03-27 12:04:54 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-03-27 12:04:52 52184 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 10:12:17,64 ===============









Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:39:06, on 27.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Elex-tech\YAC\iSafeTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Michael\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files\Elex-tech\YAC\iSafeSvc.exe

--
End of file - 4430 bytes

[JaRon]

- odinstaluj YAC C:\Program Files\Elex-tech\YAC
- nainstaluj MSIE 11 a stiahni aktualizacie OS