prosím o kontrolu logu

[Gig56]

Zdravím,
chtěl bych Vás poprosit o kontrolu, a jak odstraním Trojan:Win32/Carberp.BW!bit, u kterého mi Win hlásí nutný restart.
V současnosti mám spuštěný "jen" Malwarebytes, jak vidíte co tedy napravit pro bezpečný a plynulý chod?

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ivanka at 2016-11-11 00:02:22
Microsoft Windows 10 Pro
System drive C: has 136 GB (60%) free of 228 GB
Total RAM: 2814 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:03:16, on 11.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Ivanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Users\Ivanka\Downloads\RSIT.exe
C:\Windows.old\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ivanka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Youtube AdBlock - {95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B} - C:\Program Files\Youtube AdBlock\IEEF\hyW1Zt41.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Ivanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Windows.old\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: My Web Shield Sentinel (mweshield) - "My Web Shield" - C:\Program Files\My Web Shield\mweshield.exe
O23 - Service: My Web Shield Consolidator (mweshieldup) - "My Web Shield" - C:\Program Files\My Web Shield\mweshieldup.exe

--
End of file - 5063 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\CCleanerClean.job - C:\Windows.old\Program Files\CCleaner\CCleaner.exe /AUTO
C:\WINDOWS\tasks\Update Service for Youtube AdBlock.job - C:\Program Files\Youtube AdBlock\8ZEzCfP.exe
C:\WINDOWS\tasks\Update Service for Youtube AdBlock2.job - C:\Program Files\Youtube AdBlock\8ZEzCfP.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}]
Youtube AdBlock - C:\Program Files\Youtube AdBlock\IEEF\hyW1Zt41.dll [2016-11-08 310896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Ivanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-11-09 633024]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-10-06 3576512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-11 04:22:01 ----SHD---- C:\found.003
2016-11-11 00:02:40 ----D---- C:\Program Files\trend micro
2016-11-11 00:02:22 ----DC---- C:\rsit
2016-11-10 16:53:37 ----AC---- C:\AVScanner.ini
2016-11-10 16:49:53 ----D---- C:\ProgramData\McAfee
2016-11-10 16:44:57 ----D---- C:\WINDOWS\system32\appmgmt
2016-11-10 15:03:30 ----N---- C:\bootsqm.dat
2016-11-10 15:01:11 ----D---- C:\ProgramData\Razer
2016-11-10 14:59:11 ----D---- C:\Program Files\Razer
2016-11-09 19:40:32 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2016-11-09 18:30:03 ----HDC---- C:\OneDriveTemp
2016-11-09 16:44:26 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-11-09 16:43:35 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2016-11-09 16:43:35 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2016-11-09 16:43:35 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-11-09 16:43:34 ----D---- C:\ProgramData\Malwarebytes
2016-11-09 16:43:34 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-11-09 16:26:04 ----D---- C:\ProgramData\dbg
2016-11-09 15:26:45 ----D---- C:\Users\Ivanka\AppData\Roaming\Skype
2016-11-09 14:48:35 ----D---- C:\Program Files\Common Files\Adobe
2016-11-09 14:48:35 ----D---- C:\Program Files\Adobe
2016-11-09 14:46:20 ----D---- C:\ProgramData\Adobe
2016-11-08 20:05:31 ----D---- C:\Program Files\AVG
2016-11-08 19:56:33 ----D---- C:\Program Files\Synaptics
2016-11-08 19:53:38 ----D---- C:\Program Files\CONEXANT
2016-11-08 19:49:27 ----A---- C:\WINDOWS\system32\OpenCL.dll
2016-11-08 19:45:14 ----D---- C:\ProgramData\NVIDIA Corporation
2016-11-08 19:44:53 ----D---- C:\Program Files\NVIDIA Corporation
2016-11-08 19:30:41 ----HD---- C:\ProgramData\Common Files
2016-11-08 19:30:41 ----D---- C:\ProgramData\Avg
2016-11-08 19:17:04 ----D---- C:\Users\Ivanka\AppData\Roaming\Identities
2016-11-08 18:49:55 ----A---- C:\WINDOWS\system32\msonpmon.dll
2016-11-08 18:47:46 ----D---- C:\Program Files\Microsoft Works
2016-11-08 18:47:17 ----D---- C:\Program Files\Microsoft Visual Studio
2016-11-08 18:47:16 ----D---- C:\Program Files\Common Files\DESIGNER
2016-11-08 18:46:43 ----D---- C:\WINDOWS\PCHEALTH
2016-11-08 17:35:37 ----D---- C:\Program Files\Microsoft Office
2016-11-08 17:35:26 ----D---- C:\ProgramData\Microsoft Help
2016-11-08 17:23:50 ----D---- C:\Program Files\HP
2016-11-08 17:00:03 ----D---- C:\Users\Ivanka\AppData\Roaming\vlc
2016-11-08 16:57:23 ----D---- C:\Program Files\DAEMON Tools Lite
2016-11-08 16:05:46 ----D---- C:\Program Files\Youtube AdBlock
2016-11-08 16:05:19 ----D---- C:\Users\Ivanka\AppData\Roaming\VDI
2016-11-08 16:05:00 ----D---- C:\Program Files\My Web Shield
2016-11-08 16:05:00 ----A---- C:\WINDOWS\system32\drivers\mwescontroller.sys
2016-11-08 15:46:01 ----D---- C:\Users\Ivanka\AppData\Roaming\WinRAR
2016-11-08 15:41:03 ----D---- C:\Program Files\uTorrent
2016-11-08 15:40:07 ----D---- C:\Users\Ivanka\AppData\Roaming\uTorrent
2016-11-08 15:35:07 ----D---- C:\Users\Ivanka\AppData\Roaming\DAEMON Tools Lite
2016-11-08 15:35:06 ----D---- C:\ProgramData\DAEMON Tools Lite
2016-11-08 15:32:24 ----A---- C:\WINDOWS\system32\prm0009.dll
2016-11-08 15:32:22 ----A---- C:\WINDOWS\system32\NlsLexicons0009.dll
2016-11-08 15:32:21 ----A---- C:\WINDOWS\system32\NlsData0009.dll
2016-11-08 15:24:28 ----D---- C:\Users\Ivanka\AppData\Roaming\Foxit Software
2016-11-08 15:24:28 ----D---- C:\ProgramData\Foxit Software
2016-11-08 05:16:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-08 05:07:15 ----D---- C:\WINDOWS\Minidump
2016-11-07 22:45:17 ----SHDC---- C:\Recovery
2016-11-07 22:45:14 ----DC---- C:\WINDOWS\Panther
2016-11-07 22:42:15 ----DC---- C:\Windows.old
2016-11-07 22:32:55 ----D---- C:\Users\Ivanka\AppData\Roaming\Macromedia
2016-11-07 22:17:04 ----D---- C:\Users\Ivanka\AppData\Roaming\Adobe
2016-11-07 22:13:56 ----SHD---- C:\ProgramData\Šablony
2016-11-07 22:13:56 ----SHD---- C:\ProgramData\Plocha
2016-11-07 22:13:56 ----SHD---- C:\ProgramData\Oblíbené položky
2016-11-07 22:13:56 ----SHD---- C:\ProgramData\Nabídka Start
2016-11-07 22:13:56 ----SHD---- C:\ProgramData\Dokumenty
2016-11-07 22:13:56 ----SHD---- C:\ProgramData\Data aplikací
2016-11-07 22:10:11 ----D---- C:\WINDOWS\CSC
2016-11-07 22:09:22 ----SD---- C:\Users\Ivanka\AppData\Roaming\Microsoft
2016-11-07 21:56:16 ----HDC---- C:\$WINDOWS.~BT
2016-11-07 21:52:22 ----D---- C:\WINDOWS\SoftwareDistribution
2016-11-07 21:50:15 ----D---- C:\WINDOWS\Prefetch
2016-11-07 21:49:07 ----ASH---- C:\swapfile.sys

======List of files/folders modified in the last 1 month======

2016-11-11 03:33:56 ----D---- C:\WINDOWS\system32\LogFiles
2016-11-11 00:02:40 ----RD---- C:\Program Files
2016-11-10 23:49:02 ----D---- C:\WINDOWS\Temp
2016-11-10 23:43:54 ----SHD---- C:\System Volume Information
2016-11-10 23:34:13 ----D---- C:\WINDOWS\AppReadiness
2016-11-10 23:33:35 ----D---- C:\WINDOWS\System32
2016-11-10 23:33:34 ----D---- C:\WINDOWS\INF
2016-11-10 23:25:48 ----D---- C:\WINDOWS\system32\sru
2016-11-10 23:23:51 ----D---- C:\WINDOWS\system32\config
2016-11-10 16:58:14 ----D---- C:\WINDOWS\CbsTemp
2016-11-10 16:53:39 ----HD---- C:\ProgramData
2016-11-10 16:53:27 ----D---- C:\WINDOWS\system32\drivers\etc
2016-11-10 16:45:09 ----HD---- C:\Program Files\WindowsApps
2016-11-10 16:36:28 ----SHD---- C:\WINDOWS\Installer
2016-11-10 16:36:27 ----SHD---- C:\Config.Msi
2016-11-10 15:04:18 ----D---- C:\Windows
2016-11-10 14:59:05 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-10 14:52:01 ----D---- C:\WINDOWS\Microsoft.NET
2016-11-10 13:09:57 ----D---- C:\WINDOWS\Logs
2016-11-10 12:30:52 ----D---- C:\WINDOWS\system32\catroot2
2016-11-10 12:28:12 ----D---- C:\WINDOWS\WinSxS
2016-11-10 11:29:28 ----D---- C:\WINDOWS\system32\Tasks
2016-11-09 18:21:12 ----D---- C:\WINDOWS\system32\drivers
2016-11-09 16:27:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-11-09 16:06:59 ----D---- C:\WINDOWS\system32\restore
2016-11-09 15:55:02 ----D---- C:\WINDOWS\system32\Recovery
2016-11-09 14:48:35 ----D---- C:\Program Files\Common Files
2016-11-08 20:07:26 ----D---- C:\ProgramData\SoftwareDistribution
2016-11-08 19:51:35 ----D---- C:\Temp
2016-11-08 19:15:38 ----D---- C:\WINDOWS\system32\WDI
2016-11-08 18:50:26 ----RD---- C:\WINDOWS\assembly
2016-11-08 18:47:40 ----D---- C:\Program Files\Common Files\microsoft shared
2016-11-08 18:46:57 ----RSD---- C:\WINDOWS\Fonts
2016-11-08 18:46:43 ----SD---- C:\ProgramData\Microsoft
2016-11-08 17:37:46 ----D---- C:\WINDOWS\ShellNew
2016-11-08 17:37:19 ----A---- C:\WINDOWS\win.ini
2016-11-08 17:37:07 ----D---- C:\Program Files\Common Files\System
2016-11-08 17:32:10 ----D---- C:\WINDOWS\debug
2016-11-08 17:27:27 ----D---- C:\WINDOWS\Tasks
2016-11-08 16:03:42 ----D---- C:\WINDOWS\system32\GroupPolicy
2016-11-08 15:32:44 ----D---- C:\WINDOWS\OCR
2016-11-08 05:17:33 ----D---- C:\WINDOWS\AppCompat
2016-11-07 22:41:59 ----SD---- C:\WINDOWS\system32\Microsoft
2016-11-07 22:27:48 ----D---- C:\WINDOWS\rescache
2016-11-07 22:19:28 ----RASHC---- C:\BOOTSECT.BAK
2016-11-07 22:19:21 ----SHD---- C:\Boot
2016-11-07 22:18:29 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-11-07 22:16:26 ----D---- C:\WINDOWS\system32\wbem
2016-11-07 22:13:56 ----D---- C:\Program Files\Windows NT
2016-11-07 22:13:36 ----D---- C:\WINDOWS\system32\WinBioDatabase
2016-11-07 22:09:21 ----RD---- C:\Users
2016-11-07 21:54:44 ----D---- C:\WINDOWS\system32\Sysprep
2016-11-07 21:50:41 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-11-07 13:34:33 ----D---- C:\found.007
2016-11-07 13:34:33 ----D---- C:\found.005
2016-11-07 13:34:33 ----D---- C:\found.002
2016-11-07 13:34:33 ----D---- C:\found.001
2016-11-07 13:34:33 ----D---- C:\found.000

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R1 mwescontroller;mwescontroller; \??\C:\WINDOWS\system32\drivers\mwescontroller.sys [2016-08-31 48464]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 athr;@netathr.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwn.sys [2015-10-30 3205632]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT32.sys [2008-10-03 222208]
R3 dtlitescsibus;@oem5.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-07-22 26168]
R3 dtliteusbbus;@oem6.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-11-08 40504]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2016-03-10 24448]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-11-10 170200]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2016-03-10 53120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-11-19 10715832]
R3 NVNET;@netnvm32.inf,%NVENETFD.Service.DispName%;NVIDIA nForce Ethernet Driver; C:\WINDOWS\System32\drivers\nvmf6232.sys [2015-10-30 291456]
R3 SrvHsfHDA;SrvHsfHDA; C:\WINDOWS\system32\DRIVERS\VSTAZL3.SYS [2015-10-30 207360]
R3 SrvHsfV92;SrvHsfV92; C:\WINDOWS\system32\DRIVERS\VSTDPV3.SYS [2015-10-30 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\WINDOWS\system32\DRIVERS\VSTCNXT3.SYS [2015-10-30 661504]
R3 SynTP;@oem12.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 27992]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-04-27 96768]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 45056]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-10-30 200032]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 104800]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 21856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 FoxitReaderService;Foxit Reader Service; C:\Windows.old\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-10-13 1659592]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 mweshield;My Web Shield Sentinel; C:\Program Files\My Web Shield\mweshield.exe [2016-08-31 803640]
R2 mweshieldup;My Web Shield Consolidator; C:\Program Files\My Web Shield\mweshieldup.exe [2016-08-31 314168]
R2 OneSyncSvc_4359d;Hostitel synchronizace_4359d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-10-06 1135808]
R3 PimIndexMaintenanceSvc_4359d;Data kontaktů_4359d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 UnistoreSvc_4359d;Úložiště uživatelských dat_4359d; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_21c74;Hostitel synchronizace_21c74; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_22549;Hostitel synchronizace_22549; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_31229;Hostitel synchronizace_31229; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_3a2fba;Hostitel synchronizace_3a2fba; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_3e11d;Hostitel synchronizace_3e11d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_4241e;Hostitel synchronizace_4241e; C:\Windows\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_60c91;Hostitel synchronizace_60c91; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_70177;Hostitel synchronizace_70177; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 OneSyncSvc_98689;Hostitel synchronizace_98689; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_21c74;Služba zasílání zpráv_21c74; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_22549;Služba zasílání zpráv_22549; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_31229;Služba zasílání zpráv_31229; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3a2fba;Služba zasílání zpráv_3a2fba; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_3e11d;Služba zasílání zpráv_3e11d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_4359d;Služba zasílání zpráv_4359d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_60c91;Služba zasílání zpráv_60c91; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_70177;Služba zasílání zpráv_70177; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_98689;Služba zasílání zpráv_98689; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_21c74;Data kontaktů_21c74; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_22549;Data kontaktů_22549; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_31229;Data kontaktů_31229; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_3a2fba;Data kontaktů_3a2fba; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_3e11d;Data kontaktů_3e11d; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_60c91;Data kontaktů_60c91; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_70177;Data kontaktů_70177; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc_98689;Data kontaktů_98689; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_21c74;Úložiště uživatelských dat_21c74; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_22549;Úložiště uživatelských dat_22549; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_31229;Úložiště uživatelských dat_31229; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_3a2fba;Úložiště uživatelských dat_3a2fba; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_3e11d;Úložiště uživatelských dat_3e11d; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_60c91;Úložiště uživatelských dat_60c91; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_70177;Úložiště uživatelských dat_70177; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 UnistoreSvc_98689;Úložiště uživatelských dat_98689; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]

-----------------EOF-----------------

[JaRon]

ahoj
na zaciatok vycisti s ADWCleanerom

[Gig56]

ahoj
na zaciatok vycisti s ADWCleanerom

Ahoj,

s tímhle programem mi to nejde, počítač zamrzne, program při čištění neodpovídá
a tak sem dám jen log ze scanu, co našel

# AdwCleaner v6.030 - Logfile created 11/11/2016 at 11:55:37
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-11-10.1 [Server]
# Operating System : Windows 10 Pro (X86)
# Username : Ivanka - IVANKA-PC
# Running from : C:\Users\Ivanka\Downloads\adwcleaner_6.030.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found: C:\Users\Ivanka\Documents\Tongbu


***** [ Files ] *****

File Found: C:\user.js


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\AppID\{3E0DB45B-9FCC-4064-B48C-080BD03A99A4}
Key Found: HKLM\SOFTWARE\Classes\AppID\{C81BED3B-31BD-491F-813D-78EFC2638CE1}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{35F4BB37-03C5-41DE-85AF-7C301390C7EC}
Key Found: HKU\S-1-5-21-161029707-913088356-1805958877-1000\Software\VDI
Key Found: HKCU\Software\VDI
Key Found: HKLM\SOFTWARE\mweshield
Value Found: HKU\S-1-5-21-161029707-913088356-1805958877-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [produpd]


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2015 Bytes] - [11/11/2016 10:50:46]
C:\AdwCleaner\AdwCleaner[S1].txt - [1956 Bytes] - [11/11/2016 10:56:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [2030 Bytes] - [11/11/2016 11:49:18]
C:\AdwCleaner\AdwCleaner[S3].txt - [1721 Bytes] - [11/11/2016 11:55:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1794 Bytes] ##########

[JaRon]

nevadi aspon mame prehlad
myslim, ze mas skor problem s diskom
spust s príkazového riadku chkdsk /r
odsuhlas naplanovanie pri starte a restartuj PC