Zdravím,
poslední dobou se mi počítač samovolně restartuje při práci a dnes mi začal blbnout avast. Je na něm ten bílý křížek jakože služba avast neběží, ani nejde spustit. Avast jsem odinstalovala a znovu nainstalovala a je to pořád stejné. Prosím o kontrolu logu.
Díky moc
Logfile of random's system information tool 1.10 (written by random/random)
Run by pocitac at 2016-07-30 10:54:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (17%) free of 116 GB
Total RAM: 2046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:54:41, on 30.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing)
O23 - Service: NewServiceInstall1 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\system32\SecUPDUtilSvc.exe
O23 - Service: SDL FLEXlm License Server - Macrovision Corporation - C:\Program Files\SDL International\License Server\Lmgrd.exe
--
End of file - 5808 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30 716632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 351968]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-07-30 8922624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 382976]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-07-13 6851288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-30 10:50:08 ----D---- C:\rsit
2016-07-30 10:39:14 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-07-30 10:38:46 ----D---- C:\Users\pocitac\AppData\Roaming\AVAST Software
2016-07-30 10:38:25 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-07-30 10:38:23 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-07-30 10:38:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-07-30 10:38:22 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-07-30 10:38:20 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-07-30 10:38:06 ----A---- C:\Windows\system32\aswBoot.exe
2016-07-30 10:37:55 ----A---- C:\Windows\avastSS.scr
2016-07-20 09:20:36 ----D---- C:\Windows\EOONotify
2016-07-13 09:54:18 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32k.sys
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 09:54:17 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 09:54:16 ----A---- C:\Windows\system32\centel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\occache.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 09:54:08 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 09:54:05 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 09:54:02 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\jscript.dll
======List of files/folders modified in the last 1 month======
2016-07-30 10:54:40 ----D---- C:\Program Files\trend micro
2016-07-30 10:50:47 ----D---- C:\Windows\system32\drivers
2016-07-30 10:40:07 ----D---- C:\Windows\Temp
2016-07-30 10:40:05 ----D---- C:\Windows\system32\config
2016-07-30 10:39:59 ----D---- C:\Windows\system32\Tasks
2016-07-30 10:39:14 ----D---- C:\ProgramData\AVAST Software
2016-07-30 10:39:13 ----D---- C:\Program Files\AVAST Software
2016-07-30 10:38:06 ----D---- C:\Windows\System32
2016-07-30 10:38:04 ----D---- C:\Windows
2016-07-30 10:32:43 ----SD---- C:\Windows\system32\Microsoft
2016-07-30 10:21:19 ----D---- C:\Windows\inf
2016-07-30 10:16:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-07-30 10:04:19 ----SHD---- C:\System Volume Information
2016-07-30 00:23:04 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2016-07-29 22:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-29 11:16:40 ----D---- C:\Users\pocitac\AppData\Roaming\MediaMonkey
2016-07-29 09:40:05 ----SHD---- C:\Windows\Installer
2016-07-29 09:40:05 ----HD---- C:\Config.Msi
2016-07-29 09:35:54 ----RD---- C:\Program Files
2016-07-29 09:35:48 ----D---- C:\Windows\Tasks
2016-07-29 09:21:27 ----D---- C:\Windows\winsxs
2016-07-29 01:21:34 ----D---- C:\Windows\Minidump
2016-07-28 11:18:47 ----HD---- C:\ProgramData
2016-07-25 08:52:47 ----D---- C:\Windows\Prefetch
2016-07-20 09:20:51 ----SD---- C:\Windows\system32\GWX
2016-07-14 11:12:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-07-13 23:32:13 ----D---- C:\Windows\debug
2016-07-13 10:59:47 ----D---- C:\Windows\Microsoft.NET
2016-07-13 10:57:49 ----RSD---- C:\Windows\assembly
2016-07-13 10:39:19 ----D---- C:\Windows\system32\en-US
2016-07-13 10:39:19 ----D---- C:\Windows\system32\cs-CZ
2016-07-13 10:39:19 ----D---- C:\Windows\system32\appraiser
2016-07-13 10:39:19 ----D---- C:\Windows\AppPatch
2016-07-13 10:39:19 ----D---- C:\Program Files\Windows Journal
2016-07-13 10:39:18 ----D---- C:\Program Files\Internet Explorer
2016-07-13 10:27:55 ----D---- C:\Windows\system32\MRT
2016-07-13 09:58:12 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 09:52:02 ----D---- C:\Windows\system32\catroot2
2016-07-12 22:12:04 ----D---- C:\Windows\system32\Macromed
2016-07-08 09:45:52 ----D---- C:\Users\pocitac\AppData\Roaming\Ancestry
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-07-30 224616]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-07-30 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-07-30 734840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-07-30 434144]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-07-30 34008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-07-30 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-07-30 118664]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2015-01-05 5120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2012-06-05 204432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2014-12-10 584920]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-07-30 60424]
S1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-07-30 35096]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-12-30 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL []
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\system32\SecUPDUtilSvc.exe [2016-01-04 143664]
R2 SDL FLEXlm License Server;SDL FLEXlm License Server; C:\Program Files\SDL International\License Server\Lmgrd.exe [2007-02-22 1339392]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-04 658432]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-30 197640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S2 NewServiceInstall1;NewServiceInstall1; C:\Program Files\SDL International\T2007\TT\Lng\Dialogs1031.lng [2007-04-23 11264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 102912]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
opakované restarty a problémy s avastem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: opakované restarty a problémy s avastem
Zdravím!
Zkusíme se podívat, co tam běží. Spusťte tuto utilitu:
Zkusíme se podívat, co tam běží. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: opakované restarty a problémy s avastem
# AdwCleaner v5.033 - Logfile created 12/02/2016 at 20:08:19
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : pocitac - INTEL
# Running from : C:\Users\pocitac\Desktop\adwcleaner_5.033.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yessearches
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [800 bytes] ##########
# AdwCleaner v5.201 - Logfile created 30/07/2016 at 11:23:09
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-29.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X86)
# Username : pocitac - INTEL
# Running from : C:\Users\pocitac\Desktop\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [9367 bytes] - [07/01/2016 22:46:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [1688 bytes] - [12/02/2016 21:08:19]
C:\AdwCleaner\AdwCleaner[S1].txt - [7649 bytes] - [07/01/2016 22:43:46]
C:\AdwCleaner\AdwCleaner[S2].txt - [2500 bytes] - [07/02/2016 19:54:23]
C:\AdwCleaner\AdwCleaner[S3].txt - [2390 bytes] - [12/02/2016 20:09:31]
C:\AdwCleaner\AdwCleaner[S4].txt - [4903 bytes] - [12/02/2016 20:22:26]
C:\AdwCleaner\AdwCleaner[S5].txt - [2161 bytes] - [12/02/2016 21:07:07]
C:\AdwCleaner\AdwCleaner[S6].txt - [2049 bytes] - [12/02/2016 21:13:59]
C:\AdwCleaner\AdwCleaner[S7].txt - [667 bytes] - [13/02/2016 16:58:05]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2271 bytes] ##########
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : pocitac - INTEL
# Running from : C:\Users\pocitac\Desktop\adwcleaner_5.033.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
[-] [C:\Users\pocitac\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : yessearches
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [800 bytes] ##########
# AdwCleaner v5.201 - Logfile created 30/07/2016 at 11:23:09
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-29.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X86)
# Username : pocitac - INTEL
# Running from : C:\Users\pocitac\Desktop\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [9367 bytes] - [07/01/2016 22:46:35]
C:\AdwCleaner\AdwCleaner[C2].txt - [1688 bytes] - [12/02/2016 21:08:19]
C:\AdwCleaner\AdwCleaner[S1].txt - [7649 bytes] - [07/01/2016 22:43:46]
C:\AdwCleaner\AdwCleaner[S2].txt - [2500 bytes] - [07/02/2016 19:54:23]
C:\AdwCleaner\AdwCleaner[S3].txt - [2390 bytes] - [12/02/2016 20:09:31]
C:\AdwCleaner\AdwCleaner[S4].txt - [4903 bytes] - [12/02/2016 20:22:26]
C:\AdwCleaner\AdwCleaner[S5].txt - [2161 bytes] - [12/02/2016 21:07:07]
C:\AdwCleaner\AdwCleaner[S6].txt - [2049 bytes] - [12/02/2016 21:13:59]
C:\AdwCleaner\AdwCleaner[S7].txt - [667 bytes] - [13/02/2016 16:58:05]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2271 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: opakované restarty a problémy s avastem
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: opakované restarty a problémy s avastem
Logfile of random's system information tool 1.10 (written by random/random)
Run by pocitac at 2016-07-30 12:17:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (16%) free of 116 GB
Total RAM: 2046 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:34, on 30.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing)
O23 - Service: NewServiceInstall1 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\system32\SecUPDUtilSvc.exe
O23 - Service: SDL FLEXlm License Server - Macrovision Corporation - C:\Program Files\SDL International\License Server\Lmgrd.exe
--
End of file - 5863 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30 716632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 351968]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-07-30 8922624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 382976]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-07-13 6851288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-30 12:16:00 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswBA4E.tmp
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswB9D0.tmp
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswB8C6.tmp
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswB7BC.tmp
2016-07-30 12:15:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-07-30 12:14:54 ----A---- C:\Windows\system32\aswBoot.exe
2016-07-30 12:09:08 ----A---- C:\Windows\ntbtlog.txt
2016-07-30 10:50:08 ----D---- C:\rsit
2016-07-30 10:38:46 ----D---- C:\Users\pocitac\AppData\Roaming\AVAST Software
2016-07-30 10:38:25 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-07-30 10:38:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-07-30 10:37:55 ----A---- C:\Windows\avastSS.scr
2016-07-20 09:20:36 ----D---- C:\Windows\EOONotify
2016-07-13 09:54:18 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32k.sys
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 09:54:17 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 09:54:16 ----A---- C:\Windows\system32\centel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\occache.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 09:54:08 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 09:54:05 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 09:54:02 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\jscript.dll
======List of files/folders modified in the last 1 month======
2016-07-30 12:17:29 ----D---- C:\Program Files\trend micro
2016-07-30 12:16:41 ----D---- C:\Windows\Temp
2016-07-30 12:16:36 ----D---- C:\Windows\system32\Tasks
2016-07-30 12:16:00 ----D---- C:\Windows\system32\drivers
2016-07-30 12:14:54 ----D---- C:\Windows\System32
2016-07-30 12:14:47 ----D---- C:\Windows
2016-07-30 12:14:25 ----D---- C:\Program Files\AVAST Software
2016-07-30 12:14:12 ----D---- C:\ProgramData\AVAST Software
2016-07-30 11:27:55 ----D---- C:\Windows\system32\config
2016-07-30 10:32:43 ----SD---- C:\Windows\system32\Microsoft
2016-07-30 10:21:19 ----D---- C:\Windows\inf
2016-07-30 10:16:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-07-30 10:04:19 ----SHD---- C:\System Volume Information
2016-07-30 00:23:04 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2016-07-29 22:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-29 11:16:40 ----D---- C:\Users\pocitac\AppData\Roaming\MediaMonkey
2016-07-29 09:40:05 ----SHD---- C:\Windows\Installer
2016-07-29 09:40:05 ----HD---- C:\Config.Msi
2016-07-29 09:35:54 ----RD---- C:\Program Files
2016-07-29 09:35:48 ----D---- C:\Windows\Tasks
2016-07-29 09:21:27 ----D---- C:\Windows\winsxs
2016-07-29 01:21:34 ----D---- C:\Windows\Minidump
2016-07-28 11:18:47 ----HD---- C:\ProgramData
2016-07-25 08:52:47 ----D---- C:\Windows\Prefetch
2016-07-20 09:20:51 ----SD---- C:\Windows\system32\GWX
2016-07-14 11:12:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-07-13 23:32:13 ----D---- C:\Windows\debug
2016-07-13 10:59:47 ----D---- C:\Windows\Microsoft.NET
2016-07-13 10:57:49 ----RSD---- C:\Windows\assembly
2016-07-13 10:39:19 ----D---- C:\Windows\system32\en-US
2016-07-13 10:39:19 ----D---- C:\Windows\system32\cs-CZ
2016-07-13 10:39:19 ----D---- C:\Windows\system32\appraiser
2016-07-13 10:39:19 ----D---- C:\Windows\AppPatch
2016-07-13 10:39:19 ----D---- C:\Program Files\Windows Journal
2016-07-13 10:39:18 ----D---- C:\Program Files\Internet Explorer
2016-07-13 10:27:55 ----D---- C:\Windows\system32\MRT
2016-07-13 09:58:12 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 09:52:02 ----D---- C:\Windows\system32\catroot2
2016-07-12 22:12:04 ----D---- C:\Windows\system32\Macromed
2016-07-08 09:45:52 ----D---- C:\Users\pocitac\AppData\Roaming\Ancestry
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-07-30 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-07-30 224616]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-07-30 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-07-30 734840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-07-30 434144]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-07-30 34008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-07-30 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-07-30 118664]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2015-01-05 5120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2012-06-05 204432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2014-12-10 584920]
S1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-07-30 35096]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-12-30 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-30 197640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL []
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\system32\SecUPDUtilSvc.exe [2016-01-04 143664]
R2 SDL FLEXlm License Server;SDL FLEXlm License Server; C:\Program Files\SDL International\License Server\Lmgrd.exe [2007-02-22 1339392]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-04 658432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S2 NewServiceInstall1;NewServiceInstall1; C:\Program Files\SDL International\T2007\TT\Lng\Dialogs1031.lng [2007-04-23 11264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 102912]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by pocitac at 2016-07-30 12:17:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (16%) free of 116 GB
Total RAM: 2046 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:34, on 30.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\AVAST Software\Avast\avastUi.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing)
O23 - Service: NewServiceInstall1 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\system32\SecUPDUtilSvc.exe
O23 - Service: SDL FLEXlm License Server - Macrovision Corporation - C:\Program Files\SDL International\License Server\Lmgrd.exe
--
End of file - 5863 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30 716632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 351968]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-07-30 8922624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 382976]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-07-13 6851288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-30 12:16:00 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswBA4E.tmp
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswB9D0.tmp
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswB8C6.tmp
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswB7BC.tmp
2016-07-30 12:15:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-07-30 12:14:54 ----A---- C:\Windows\system32\aswBoot.exe
2016-07-30 12:09:08 ----A---- C:\Windows\ntbtlog.txt
2016-07-30 10:50:08 ----D---- C:\rsit
2016-07-30 10:38:46 ----D---- C:\Users\pocitac\AppData\Roaming\AVAST Software
2016-07-30 10:38:25 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-07-30 10:38:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-07-30 10:37:55 ----A---- C:\Windows\avastSS.scr
2016-07-20 09:20:36 ----D---- C:\Windows\EOONotify
2016-07-13 09:54:18 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32k.sys
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 09:54:17 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 09:54:16 ----A---- C:\Windows\system32\centel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\occache.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 09:54:08 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 09:54:05 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 09:54:02 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\jscript.dll
======List of files/folders modified in the last 1 month======
2016-07-30 12:17:29 ----D---- C:\Program Files\trend micro
2016-07-30 12:16:41 ----D---- C:\Windows\Temp
2016-07-30 12:16:36 ----D---- C:\Windows\system32\Tasks
2016-07-30 12:16:00 ----D---- C:\Windows\system32\drivers
2016-07-30 12:14:54 ----D---- C:\Windows\System32
2016-07-30 12:14:47 ----D---- C:\Windows
2016-07-30 12:14:25 ----D---- C:\Program Files\AVAST Software
2016-07-30 12:14:12 ----D---- C:\ProgramData\AVAST Software
2016-07-30 11:27:55 ----D---- C:\Windows\system32\config
2016-07-30 10:32:43 ----SD---- C:\Windows\system32\Microsoft
2016-07-30 10:21:19 ----D---- C:\Windows\inf
2016-07-30 10:16:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-07-30 10:04:19 ----SHD---- C:\System Volume Information
2016-07-30 00:23:04 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2016-07-29 22:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-29 11:16:40 ----D---- C:\Users\pocitac\AppData\Roaming\MediaMonkey
2016-07-29 09:40:05 ----SHD---- C:\Windows\Installer
2016-07-29 09:40:05 ----HD---- C:\Config.Msi
2016-07-29 09:35:54 ----RD---- C:\Program Files
2016-07-29 09:35:48 ----D---- C:\Windows\Tasks
2016-07-29 09:21:27 ----D---- C:\Windows\winsxs
2016-07-29 01:21:34 ----D---- C:\Windows\Minidump
2016-07-28 11:18:47 ----HD---- C:\ProgramData
2016-07-25 08:52:47 ----D---- C:\Windows\Prefetch
2016-07-20 09:20:51 ----SD---- C:\Windows\system32\GWX
2016-07-14 11:12:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-07-13 23:32:13 ----D---- C:\Windows\debug
2016-07-13 10:59:47 ----D---- C:\Windows\Microsoft.NET
2016-07-13 10:57:49 ----RSD---- C:\Windows\assembly
2016-07-13 10:39:19 ----D---- C:\Windows\system32\en-US
2016-07-13 10:39:19 ----D---- C:\Windows\system32\cs-CZ
2016-07-13 10:39:19 ----D---- C:\Windows\system32\appraiser
2016-07-13 10:39:19 ----D---- C:\Windows\AppPatch
2016-07-13 10:39:19 ----D---- C:\Program Files\Windows Journal
2016-07-13 10:39:18 ----D---- C:\Program Files\Internet Explorer
2016-07-13 10:27:55 ----D---- C:\Windows\system32\MRT
2016-07-13 09:58:12 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 09:52:02 ----D---- C:\Windows\system32\catroot2
2016-07-12 22:12:04 ----D---- C:\Windows\system32\Macromed
2016-07-08 09:45:52 ----D---- C:\Users\pocitac\AppData\Roaming\Ancestry
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-07-30 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-07-30 224616]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-07-30 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-07-30 734840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-07-30 434144]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-07-30 34008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-07-30 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-07-30 118664]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2015-01-05 5120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2012-06-05 204432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2014-12-10 584920]
S1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-07-30 35096]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-12-30 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-30 197640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL []
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\system32\SecUPDUtilSvc.exe [2016-01-04 143664]
R2 SDL FLEXlm License Server;SDL FLEXlm License Server; C:\Program Files\SDL International\License Server\Lmgrd.exe [2007-02-22 1339392]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-04 658432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S2 NewServiceInstall1;NewServiceInstall1; C:\Program Files\SDL International\T2007\TT\Lng\Dialogs1031.lng [2007-04-23 11264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 102912]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: opakované restarty a problémy s avastem
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Obávám se, že ty restarty mají jinou příčinu, než je malware.
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\drivers\asw*.tmp
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Obávám se, že ty restarty mají jinou příčinu, než je malware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: opakované restarty a problémy s avastem
Logfile of random's system information tool 1.10 (written by random/random)
Run by pocitac at 2016-07-30 12:34:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (16%) free of 116 GB
Total RAM: 2046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:00, on 30.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Windows\notepad.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing)
O23 - Service: NewServiceInstall1 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\system32\SecUPDUtilSvc.exe
O23 - Service: SDL FLEXlm License Server - Macrovision Corporation - C:\Program Files\SDL International\License Server\Lmgrd.exe
--
End of file - 5887 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30 716632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 351968]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-07-30 8922624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 382976]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-07-13 6851288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-30 12:28:40 ----D---- C:\_OTM
2016-07-30 12:16:00 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-07-30 12:15:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-07-30 12:14:54 ----A---- C:\Windows\system32\aswBoot.exe
2016-07-30 12:09:08 ----A---- C:\Windows\ntbtlog.txt
2016-07-30 10:50:08 ----D---- C:\rsit
2016-07-30 10:38:46 ----D---- C:\Users\pocitac\AppData\Roaming\AVAST Software
2016-07-30 10:38:25 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-07-30 10:38:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-07-30 10:37:55 ----A---- C:\Windows\avastSS.scr
2016-07-20 09:20:36 ----D---- C:\Windows\EOONotify
2016-07-13 09:54:18 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32k.sys
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 09:54:17 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 09:54:16 ----A---- C:\Windows\system32\centel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\occache.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 09:54:08 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 09:54:05 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 09:54:02 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\jscript.dll
======List of files/folders modified in the last 1 month======
2016-07-30 12:34:54 ----D---- C:\Program Files\trend micro
2016-07-30 12:33:11 ----D---- C:\Windows\system32\config
2016-07-30 12:31:00 ----D---- C:\Windows\Temp
2016-07-30 12:28:42 ----D---- C:\Windows\system32\drivers
2016-07-30 12:28:41 ----D---- C:\Windows\Tasks
2016-07-30 12:16:36 ----D---- C:\Windows\system32\Tasks
2016-07-30 12:14:54 ----D---- C:\Windows\System32
2016-07-30 12:14:47 ----D---- C:\Windows
2016-07-30 12:14:25 ----D---- C:\Program Files\AVAST Software
2016-07-30 12:14:12 ----D---- C:\ProgramData\AVAST Software
2016-07-30 10:32:43 ----SD---- C:\Windows\system32\Microsoft
2016-07-30 10:21:19 ----D---- C:\Windows\inf
2016-07-30 10:16:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-07-30 10:04:19 ----SHD---- C:\System Volume Information
2016-07-30 00:23:04 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2016-07-29 22:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-29 11:16:40 ----D---- C:\Users\pocitac\AppData\Roaming\MediaMonkey
2016-07-29 09:40:05 ----SHD---- C:\Windows\Installer
2016-07-29 09:40:05 ----HD---- C:\Config.Msi
2016-07-29 09:35:54 ----RD---- C:\Program Files
2016-07-29 09:21:27 ----D---- C:\Windows\winsxs
2016-07-29 01:21:34 ----D---- C:\Windows\Minidump
2016-07-28 11:18:47 ----HD---- C:\ProgramData
2016-07-25 08:52:47 ----D---- C:\Windows\Prefetch
2016-07-20 09:20:51 ----SD---- C:\Windows\system32\GWX
2016-07-14 11:12:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-07-13 23:32:13 ----D---- C:\Windows\debug
2016-07-13 10:59:47 ----D---- C:\Windows\Microsoft.NET
2016-07-13 10:57:49 ----RSD---- C:\Windows\assembly
2016-07-13 10:39:19 ----D---- C:\Windows\system32\en-US
2016-07-13 10:39:19 ----D---- C:\Windows\system32\cs-CZ
2016-07-13 10:39:19 ----D---- C:\Windows\system32\appraiser
2016-07-13 10:39:19 ----D---- C:\Windows\AppPatch
2016-07-13 10:39:19 ----D---- C:\Program Files\Windows Journal
2016-07-13 10:39:18 ----D---- C:\Program Files\Internet Explorer
2016-07-13 10:27:55 ----D---- C:\Windows\system32\MRT
2016-07-13 09:58:12 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 09:52:02 ----D---- C:\Windows\system32\catroot2
2016-07-12 22:12:04 ----D---- C:\Windows\system32\Macromed
2016-07-08 09:45:52 ----D---- C:\Users\pocitac\AppData\Roaming\Ancestry
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-07-30 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-07-30 224616]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-07-30 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-07-30 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-07-30 734840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-07-30 434144]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-07-30 34008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-07-30 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-07-30 118664]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2015-01-05 5120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2012-06-05 204432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2014-12-10 584920]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-12-30 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-30 197640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL []
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\system32\SecUPDUtilSvc.exe [2016-01-04 143664]
R2 SDL FLEXlm License Server;SDL FLEXlm License Server; C:\Program Files\SDL International\License Server\Lmgrd.exe [2007-02-22 1339392]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-04 658432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S2 NewServiceInstall1;NewServiceInstall1; C:\Program Files\SDL International\T2007\TT\Lng\Dialogs1031.lng [2007-04-23 11264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 102912]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by pocitac at 2016-07-30 12:34:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (16%) free of 116 GB
Total RAM: 2046 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:00, on 30.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Windows\notepad.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [STUISpeedLauncher] "C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe" -speedlauncher -minVer:6.6.58.0
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{8057FC62-6EF9-4298-BABE-2990A89D5D8A}: NameServer = 46.33.112.42,46.33.96.2
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\MySQL\bin\mysqld (file missing)
O23 - Service: NewServiceInstall1 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\system32\SecUPDUtilSvc.exe
O23 - Service: SDL FLEXlm License Server - Macrovision Corporation - C:\Program Files\SDL International\License Server\Lmgrd.exe
--
End of file - 5887 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2016-01-04 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-30 716632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-04 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files\AMD AVT\bin\kdbsync.exe aml []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 351968]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-07-30 8922624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"STUISpeedLauncher"=C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [2015-02-09 382976]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-07-13 6851288]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-30 12:28:40 ----D---- C:\_OTM
2016-07-30 12:16:00 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2016-07-30 12:15:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-07-30 12:15:04 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-07-30 12:15:03 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-07-30 12:14:54 ----A---- C:\Windows\system32\aswBoot.exe
2016-07-30 12:09:08 ----A---- C:\Windows\ntbtlog.txt
2016-07-30 10:50:08 ----D---- C:\rsit
2016-07-30 10:38:46 ----D---- C:\Users\pocitac\AppData\Roaming\AVAST Software
2016-07-30 10:38:25 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-07-30 10:38:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-07-30 10:38:23 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-07-30 10:37:55 ----A---- C:\Windows\avastSS.scr
2016-07-20 09:20:36 ----D---- C:\Windows\EOONotify
2016-07-13 09:54:18 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\win32k.sys
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 09:54:18 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 09:54:18 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 09:54:17 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 09:54:16 ----A---- C:\Windows\system32\centel.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 09:54:16 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 09:54:13 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\occache.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 09:54:12 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 09:54:12 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 09:54:11 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 09:54:10 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 09:54:09 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 09:54:08 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 09:54:07 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 09:54:06 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 09:54:05 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 09:54:02 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 09:54:00 ----A---- C:\Windows\system32\jscript.dll
======List of files/folders modified in the last 1 month======
2016-07-30 12:34:54 ----D---- C:\Program Files\trend micro
2016-07-30 12:33:11 ----D---- C:\Windows\system32\config
2016-07-30 12:31:00 ----D---- C:\Windows\Temp
2016-07-30 12:28:42 ----D---- C:\Windows\system32\drivers
2016-07-30 12:28:41 ----D---- C:\Windows\Tasks
2016-07-30 12:16:36 ----D---- C:\Windows\system32\Tasks
2016-07-30 12:14:54 ----D---- C:\Windows\System32
2016-07-30 12:14:47 ----D---- C:\Windows
2016-07-30 12:14:25 ----D---- C:\Program Files\AVAST Software
2016-07-30 12:14:12 ----D---- C:\ProgramData\AVAST Software
2016-07-30 10:32:43 ----SD---- C:\Windows\system32\Microsoft
2016-07-30 10:21:19 ----D---- C:\Windows\inf
2016-07-30 10:16:18 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-07-30 10:04:19 ----SHD---- C:\System Volume Information
2016-07-30 00:23:04 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2016-07-29 22:13:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-29 11:16:40 ----D---- C:\Users\pocitac\AppData\Roaming\MediaMonkey
2016-07-29 09:40:05 ----SHD---- C:\Windows\Installer
2016-07-29 09:40:05 ----HD---- C:\Config.Msi
2016-07-29 09:35:54 ----RD---- C:\Program Files
2016-07-29 09:21:27 ----D---- C:\Windows\winsxs
2016-07-29 01:21:34 ----D---- C:\Windows\Minidump
2016-07-28 11:18:47 ----HD---- C:\ProgramData
2016-07-25 08:52:47 ----D---- C:\Windows\Prefetch
2016-07-20 09:20:51 ----SD---- C:\Windows\system32\GWX
2016-07-14 11:12:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-07-13 23:32:13 ----D---- C:\Windows\debug
2016-07-13 10:59:47 ----D---- C:\Windows\Microsoft.NET
2016-07-13 10:57:49 ----RSD---- C:\Windows\assembly
2016-07-13 10:39:19 ----D---- C:\Windows\system32\en-US
2016-07-13 10:39:19 ----D---- C:\Windows\system32\cs-CZ
2016-07-13 10:39:19 ----D---- C:\Windows\system32\appraiser
2016-07-13 10:39:19 ----D---- C:\Windows\AppPatch
2016-07-13 10:39:19 ----D---- C:\Program Files\Windows Journal
2016-07-13 10:39:18 ----D---- C:\Program Files\Internet Explorer
2016-07-13 10:27:55 ----D---- C:\Windows\system32\MRT
2016-07-13 09:58:12 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 09:52:02 ----D---- C:\Windows\system32\catroot2
2016-07-12 22:12:04 ----D---- C:\Windows\system32\Macromed
2016-07-08 09:45:52 ----D---- C:\Users\pocitac\AppData\Roaming\Ancestry
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-07-30 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-07-30 224616]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-07-30 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-07-30 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-07-30 734840]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-07-30 434144]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-07-30 34008]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-07-30 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-07-30 118664]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2015-01-05 5120]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 290304]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2012-06-05 204432]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2014-12-10 584920]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 10070016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-06-17 718552]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-12-30 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 217088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-30 197640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL;MySQL; C:\MySQL\bin\mysqld --defaults-file=C:\MySQL\my.ini MySQL []
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\system32\SecUPDUtilSvc.exe [2016-01-04 143664]
R2 SDL FLEXlm License Server;SDL FLEXlm License Server; C:\Program Files\SDL International\License Server\Lmgrd.exe [2007-02-22 1339392]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-04 658432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S2 NewServiceInstall1;NewServiceInstall1; C:\Program Files\SDL International\T2007\TT\Lng\Dialogs1031.lng [2007-04-23 11264]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-01-04 144200]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 102912]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: opakované restarty a problémy s avastem
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: opakované restarty a problémy s avastem
u avastu ne, pořád je tam jste nechráněni, zkoušela jsem ho znovu odinstalovat pomocí aswclear a zase nainstalovat, po restartu se zapne, ale okamžitě se vypne, jakoby ho něco blokovalo
Re: opakované restarty a problémy s avastem
Tak už asi dobrý. Po třetí reinstalaci se konečně chytil. Díky moc za ochotu a pomoc.
Zdravím
Zdravím
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: opakované restarty a problémy s avastem
Zdravím též a kdyby byl problém s těmi restarty, ozvěte se. nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?