Avast opakovaně blokuje URL

Zpráva

atena · #1 Příspěvek od **atena** » 08 črc 2014 19:53

Dobrý den, avast mi opakovaně bokuje : hxxp://utils.cdneurope.com/js/mo.js
předem děkuji

log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Olga at 2014-07-08 20:45:50
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 67 GB (14%) free of 466 GB
Total RAM: 3035 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:22, on 8.7.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16555)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\MyDrive Connect\MyDriveConnect.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Windows\system32\conime.exe
C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\explorer.exe
C:\Users\Olga\Desktop\adwcleaner_3.214.exe
C:\Windows.old\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Olga\Desktop\RSIT.exe
C:\Program Files\trend micro\Olga.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=476&a ... 90&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: KMP Media Toolbar BHO - {4B4D5056-3763-006A-76A7-7A786E7484D7} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {4B4D5056-3763-006A-76A7-7A786E7484D7} - (no file)
O3 - Toolbar: SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\MyDriveConnect.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Systemk Service (SystemkService) - Aztec Media Inc - C:\Program Files\Settings Manager\systemk\SystemkService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--
End of file - 7964 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.default-search.net/search?si ... &src=ds&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.125 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Windows.old\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{B13721C7-F507-4982-B2E5-502A71474FED}

C:\Windows.old\Program Files\Mozilla Firefox\components\
AskHPRFF.js
msservice.js
nsIQTScriptablePlugin.xpt

C:\Windows.old\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\extensions\
sitematchersite@sitematchersite.com
{16D8371D-180E-146E-C4AD-1DA80388AFBF}

C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\searchplugins\
bing-avast.xml
default-search.xml
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3763-006A-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-08 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B4D5056-3763-006A-76A7-7A786E7484D7}
{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - SiteFinder - C:\Program Files\SiteFinder\SiteFinder.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-17 186904]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-02-18 177720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-06 3890208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-12-11 1310720]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-01-16 3866624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Akamai NetSession Interface"=C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"MyDriveConnect.exe"=C:\Program Files\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-01-06 5625624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-08 20:45:50 ----D---- C:\rsit
2014-07-08 20:45:50 ----D---- C:\Program Files\trend micro
2014-07-08 19:56:48 ----D---- C:\Windows\ERUNT
2014-07-07 20:50:16 ----D---- C:\ProgramData\systemk
2014-07-06 21:00:57 ----D---- C:\Program Files\Common Files\Skype
2014-07-03 12:15:19 ----D---- C:\Program Files\Marvell
2014-07-03 12:07:24 ----D---- C:\Intel
2014-06-26 18:56:57 ----A---- C:\Windows\system32\authuitu.dll
2014-06-26 18:56:55 ----A---- C:\Windows\system32\uxtuneup.dll
2014-06-26 18:47:57 ----D---- C:\Program Files\SiteLookup
2014-06-26 18:47:51 ----A---- C:\Windows\system32\TURegOpt.exe
2014-06-26 18:46:38 ----D---- C:\Users\Olga\AppData\Roaming\AVG
2014-06-26 18:45:41 ----D---- C:\Program Files\AVG
2014-06-26 18:45:25 ----D---- C:\Users\Olga\AppData\Roaming\Settings Manager
2014-06-26 18:45:18 ----D---- C:\Program Files\Settings Manager
2014-06-26 18:45:00 ----D---- C:\ProgramData\AVG
2014-06-26 18:44:17 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-26 18:44:08 ----HD---- C:\ProgramData\Common Files
2014-06-17 16:57:23 ----D---- C:\Program Files\McAfee Security Scan
2014-06-11 16:31:48 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 16:31:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 16:31:45 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 16:31:45 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 16:31:43 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 16:31:43 ----A---- C:\Windows\system32\mshta.exe
2014-06-11 16:31:43 ----A---- C:\Windows\system32\msfeedssync.exe
2014-06-11 16:31:42 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 16:31:41 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\url.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\jscript.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 16:31:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 16:31:36 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 16:31:35 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 16:31:35 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 16:31:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 16:31:31 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2014-07-08 20:46:02 ----D---- C:\Windows\Prefetch
2014-07-08 20:45:56 ----D---- C:\Windows\Temp
2014-07-08 20:45:50 ----RD---- C:\Program Files
2014-07-08 20:36:23 ----D---- C:\Users\Olga\AppData\Roaming\Skype
2014-07-08 20:16:12 ----D---- C:\AdwCleaner
2014-07-08 20:06:46 ----D---- C:\Windows\System32
2014-07-08 20:06:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-08 20:06:45 ----D---- C:\Windows\inf
2014-07-08 19:56:48 ----D---- C:\Windows
2014-07-08 17:03:56 ----SHD---- C:\System Volume Information
2014-07-07 20:50:16 ----HD---- C:\ProgramData
2014-07-06 21:01:02 ----SHD---- C:\Windows\Installer
2014-07-06 21:01:02 ----D---- C:\ProgramData\Skype
2014-07-06 21:00:57 ----RD---- C:\Program Files\Skype
2014-07-06 21:00:57 ----D---- C:\Program Files\Common Files
2014-07-03 21:33:56 ----D---- C:\Windows\winsxs
2014-07-03 12:33:38 ----D---- C:\Windows\system32\WDI
2014-07-03 12:29:48 ----D---- C:\Windows\system32\catroot
2014-07-03 12:25:07 ----D---- C:\Users\Olga\AppData\Roaming\hpqLog
2014-07-03 12:19:12 ----D---- C:\Windows\system32\tr-TR
2014-07-03 12:19:12 ----D---- C:\Windows\system32\th-TH
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sv-SE
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sl-SI
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sk-SK
2014-07-03 12:19:12 ----D---- C:\Windows\system32\ru-RU
2014-07-03 12:19:12 ----D---- C:\Windows\system32\ro-RO
2014-07-03 12:19:11 ----D---- C:\Windows\system32\pl-PL
2014-07-03 12:19:11 ----D---- C:\Windows\system32\no-NO
2014-07-03 12:19:11 ----D---- C:\Windows\system32\nl-NL
2014-07-03 12:19:11 ----D---- C:\Windows\system32\lv-LV
2014-07-03 12:19:11 ----D---- C:\Windows\system32\lt-LT
2014-07-03 12:19:11 ----D---- C:\Windows\system32\ko-KR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\ja-JP
2014-07-03 12:19:11 ----D---- C:\Windows\system32\it-IT
2014-07-03 12:19:11 ----D---- C:\Windows\system32\hu-HU
2014-07-03 12:19:11 ----D---- C:\Windows\system32\hr-HR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\fr-FR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\fi-FI
2014-07-03 12:19:11 ----D---- C:\Windows\system32\et-EE
2014-07-03 12:19:11 ----D---- C:\Windows\system32\en-US
2014-07-03 12:19:11 ----D---- C:\Windows\system32\el-GR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\de-DE
2014-07-03 12:19:11 ----D---- C:\Windows\system32\da-DK
2014-07-03 12:19:11 ----D---- C:\Windows\system32\cs-CZ
2014-07-03 12:19:11 ----D---- C:\Windows\system32\bg-BG
2014-07-03 12:18:53 ----A---- C:\Windows\system32\bcmwlrc.dll
2014-07-03 12:17:25 ----D---- C:\Windows\system32\drivers
2014-07-03 12:09:53 ----D---- C:\Program Files\Analog Devices
2014-07-03 12:09:43 ----D---- C:\ProgramData\SonicFocus
2014-07-03 12:08:36 ----HD---- C:\System.Sav
2014-07-03 12:04:56 ----SD---- C:\Users\Olga\AppData\Roaming\Microsoft
2014-07-03 12:01:20 ----D---- C:\Program Files\Common Files\SNP2UVC
2014-07-01 20:46:21 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-06-29 21:10:08 ----D---- C:\Windows\system32\Tasks
2014-06-26 20:33:42 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2014-06-25 18:20:59 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-06-17 16:57:27 ----D---- C:\ProgramData\McAfee Security Scan
2014-06-15 22:12:20 ----D---- C:\OLGA
2014-06-12 19:31:01 ----D---- C:\Windows\system32\migration
2014-06-12 19:31:01 ----D---- C:\Program Files\Internet Explorer
2014-06-11 22:11:18 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 22:10:05 ----D---- C:\Windows\system32\MRT
2014-06-11 22:08:05 ----A---- C:\Windows\system32\mrt.exe
2014-06-11 16:31:19 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-07-17 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2014-05-08 252464]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-08 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-08 180632]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-08-27 25392]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-12-04 328728]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-03-24 26136]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-05-15 54832]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 411680]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-05-08 57672]
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc2.cfg [2014-07-06 34192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-08 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-08 67824]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-08-27 34608]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-01-17 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-10-30 1204128]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-03 4303360]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-09-14 1665016]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2014-02-10 12320]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-11-24 310272]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 84248]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 181912]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-27 14336]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-03 729088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-08 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-05-08 109048]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-08-27 24880]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-17 354840]
R2 SystemkService;Systemk Service; C:\Program Files\Settings Manager\systemk\SystemkService.exe [2014-07-06 3572240]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2014-06-19 1857336]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-25 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-27 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 08 črc 2014 20:17

Zdravím!
Mně také. Nemyslíte, že má pro to důvod? Pokud stránku zablokoval, vir se do PC nedostal.

atena · #3 Příspěvek od **atena** » 08 črc 2014 20:29

No to jo, já jsem si jen myslela, jestli to není příznakem zavirování, když mě na to upozorňuje 10x za minutu

#4 Příspěvek od **Rudy** » 08 črc 2014 20:31

Něco se tam snaží připojit a Avast to blokne. Děje se to jen při surfování na internetu, že?

atena · #5 Příspěvek od **atena** » 08 črc 2014 20:33

Přesně, takže s tím nic nenadělám
díky

#6 Příspěvek od **Rudy** » 08 črc 2014 20:42

Ale naděláte. Nechoďte na weby, na nichž je ukryto něco, co se snaží vám do PC něco stáhnout. Předpokládám, že to nebode ani seznam, ani google.

atena · #7 Příspěvek od **atena** » 08 črc 2014 20:53

No právě že jo - seznam taky, většina stránek, kam běžně chodim, google jsem teď vyzkoušela a ten ne.
Dokonce i tady.

#8 Příspěvek od **Rudy** » 08 črc 2014 21:40

Zkusíme to vyčistit. Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

atena · #9 Příspěvek od **atena** » 09 črc 2014 15:39

# AdwCleaner v3.215 - Report created 09/07/2014 at 16:31:15
# Updated 09/07/2014 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Olga - OLGA-PC
# Running from : C:\Users\Olga\Desktop\adwcleaner_3.215.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : SystemkService

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\systemk
[!] Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Users\Olga\AppData\Local\Linkey
Folder Deleted : C:\Users\Olga\AppData\Roaming\Settings Manager
Folder Deleted : C:\Users\Olga\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
File Deleted : C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\searchplugins\default-search.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKLM\Software\SystemK
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16555

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "default-search.net");
Line Deleted : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=476&a ... &src=ds&p=");

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Olga\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.default-search.net/search?sid=476&a ... earchTerms}
Deleted [Startup_urls] : hxxp://www.default-search.net?sid=476&aid=114& ... 90&src=hmp
Deleted [Homepage] : hxxp://www.default-search.net?sid=476&aid=114& ... 90&src=hmp

*************************

AdwCleaner[R0].txt - [25630 octets] - [24/05/2014 20:12:18]
AdwCleaner[R1].txt - [6471 octets] - [08/07/2014 20:14:45]
AdwCleaner[R2].txt - [6531 octets] - [09/07/2014 16:26:45]
AdwCleaner[S0].txt - [24019 octets] - [24/05/2014 20:20:56]
AdwCleaner[S1].txt - [5883 octets] - [09/07/2014 16:31:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5943 octets] ##########

#10 Příspěvek od **Rudy** » 09 črc 2014 16:24

Dejte nový log RSIT.

atena · #11 Příspěvek od **atena** » 09 črc 2014 16:30

Logfile of random's system information tool 1.10 (written by random/random)
Run by Olga at 2014-07-09 17:25:39
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 66 GB (14%) free of 466 GB
Total RAM: 3035 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:10, on 9.7.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16555)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\MyDrive Connect\MyDriveConnect.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Olga\Desktop\RSIT.exe
C:\Program Files\trend micro\Olga.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: KMP Media Toolbar BHO - {4B4D5056-3763-006A-76A7-7A786E7484D7} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {4B4D5056-3763-006A-76A7-7A786E7484D7} - (no file)
O3 - Toolbar: SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\MyDriveConnect.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--
End of file - 7588 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Windows.old\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{B13721C7-F507-4982-B2E5-502A71474FED}

C:\Windows.old\Program Files\Mozilla Firefox\components\
AskHPRFF.js
msservice.js
nsIQTScriptablePlugin.xpt

C:\Windows.old\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\extensions\
sitematchersite@sitematchersite.com
{16D8371D-180E-146E-C4AD-1DA80388AFBF}

C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\searchplugins\
bing-avast.xml
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3763-006A-76A7-7A786E7484D7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-08 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B4D5056-3763-006A-76A7-7A786E7484D7}
{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - SiteFinder - C:\Program Files\SiteFinder\SiteFinder.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-17 186904]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-02-18 177720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-06 3890208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-12-11 1310720]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-01-16 3866624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Akamai NetSession Interface"=C:\Users\Olga\AppData\Local\Akamai\netsession_win.exe [2014-04-17 4672920]
"MyDriveConnect.exe"=C:\Program Files\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-01-06 5625624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-08 20:45:50 ----D---- C:\rsit
2014-07-08 20:45:50 ----D---- C:\Program Files\trend micro
2014-07-08 19:56:48 ----D---- C:\Windows\ERUNT
2014-07-06 21:00:57 ----D---- C:\Program Files\Common Files\Skype
2014-07-03 12:15:19 ----D---- C:\Program Files\Marvell
2014-07-03 12:07:24 ----D---- C:\Intel
2014-06-26 18:56:57 ----A---- C:\Windows\system32\authuitu.dll
2014-06-26 18:56:55 ----A---- C:\Windows\system32\uxtuneup.dll
2014-06-26 18:47:57 ----D---- C:\Program Files\SiteLookup
2014-06-26 18:47:51 ----A---- C:\Windows\system32\TURegOpt.exe
2014-06-26 18:46:38 ----D---- C:\Users\Olga\AppData\Roaming\AVG
2014-06-26 18:45:41 ----D---- C:\Program Files\AVG
2014-06-26 18:45:00 ----D---- C:\ProgramData\AVG
2014-06-26 18:44:17 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-26 18:44:08 ----HD---- C:\ProgramData\Common Files
2014-06-17 16:57:23 ----D---- C:\Program Files\McAfee Security Scan
2014-06-11 16:31:48 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 16:31:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 16:31:45 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 16:31:45 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 16:31:43 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 16:31:43 ----A---- C:\Windows\system32\mshta.exe
2014-06-11 16:31:43 ----A---- C:\Windows\system32\msfeedssync.exe
2014-06-11 16:31:42 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 16:31:41 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\url.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\jscript.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 16:31:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 16:31:36 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 16:31:35 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 16:31:35 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 16:31:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 16:31:31 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2014-07-09 17:25:52 ----D---- C:\Windows\Temp
2014-07-09 17:15:49 ----D---- C:\Users\Olga\AppData\Roaming\Skype
2014-07-09 16:56:06 ----D---- C:\Windows\system32\catroot
2014-07-09 16:56:03 ----D---- C:\Windows\winsxs
2014-07-09 16:51:02 ----D---- C:\Windows\system32\catroot2
2014-07-09 16:44:34 ----D---- C:\Windows\Prefetch
2014-07-09 16:40:08 ----D---- C:\Windows\System32
2014-07-09 16:40:08 ----D---- C:\Windows\inf
2014-07-09 16:40:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-09 16:32:58 ----RD---- C:\Program Files
2014-07-09 16:32:58 ----HD---- C:\ProgramData
2014-07-09 16:31:23 ----D---- C:\AdwCleaner
2014-07-09 16:21:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-07-08 19:56:48 ----D---- C:\Windows
2014-07-08 17:03:56 ----SHD---- C:\System Volume Information
2014-07-06 21:01:02 ----SHD---- C:\Windows\Installer
2014-07-06 21:01:02 ----D---- C:\ProgramData\Skype
2014-07-06 21:00:57 ----RD---- C:\Program Files\Skype
2014-07-06 21:00:57 ----D---- C:\Program Files\Common Files
2014-07-03 12:33:38 ----D---- C:\Windows\system32\WDI
2014-07-03 12:25:07 ----D---- C:\Users\Olga\AppData\Roaming\hpqLog
2014-07-03 12:19:12 ----D---- C:\Windows\system32\tr-TR
2014-07-03 12:19:12 ----D---- C:\Windows\system32\th-TH
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sv-SE
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sl-SI
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sk-SK
2014-07-03 12:19:12 ----D---- C:\Windows\system32\ru-RU
2014-07-03 12:19:12 ----D---- C:\Windows\system32\ro-RO
2014-07-03 12:19:11 ----D---- C:\Windows\system32\pl-PL
2014-07-03 12:19:11 ----D---- C:\Windows\system32\no-NO
2014-07-03 12:19:11 ----D---- C:\Windows\system32\nl-NL
2014-07-03 12:19:11 ----D---- C:\Windows\system32\lv-LV
2014-07-03 12:19:11 ----D---- C:\Windows\system32\lt-LT
2014-07-03 12:19:11 ----D---- C:\Windows\system32\ko-KR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\ja-JP
2014-07-03 12:19:11 ----D---- C:\Windows\system32\it-IT
2014-07-03 12:19:11 ----D---- C:\Windows\system32\hu-HU
2014-07-03 12:19:11 ----D---- C:\Windows\system32\hr-HR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\fr-FR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\fi-FI
2014-07-03 12:19:11 ----D---- C:\Windows\system32\et-EE
2014-07-03 12:19:11 ----D---- C:\Windows\system32\en-US
2014-07-03 12:19:11 ----D---- C:\Windows\system32\el-GR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\de-DE
2014-07-03 12:19:11 ----D---- C:\Windows\system32\da-DK
2014-07-03 12:19:11 ----D---- C:\Windows\system32\cs-CZ
2014-07-03 12:19:11 ----D---- C:\Windows\system32\bg-BG
2014-07-03 12:18:53 ----A---- C:\Windows\system32\bcmwlrc.dll
2014-07-03 12:17:25 ----D---- C:\Windows\system32\drivers
2014-07-03 12:09:53 ----D---- C:\Program Files\Analog Devices
2014-07-03 12:09:43 ----D---- C:\ProgramData\SonicFocus
2014-07-03 12:08:36 ----HD---- C:\System.Sav
2014-07-03 12:04:56 ----SD---- C:\Users\Olga\AppData\Roaming\Microsoft
2014-07-03 12:01:20 ----D---- C:\Program Files\Common Files\SNP2UVC
2014-07-01 20:46:21 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-06-29 21:10:08 ----D---- C:\Windows\system32\Tasks
2014-06-26 20:33:42 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2014-06-17 16:57:27 ----D---- C:\ProgramData\McAfee Security Scan
2014-06-15 22:12:20 ----D---- C:\OLGA
2014-06-12 19:31:01 ----D---- C:\Windows\system32\migration
2014-06-12 19:31:01 ----D---- C:\Program Files\Internet Explorer
2014-06-11 22:11:18 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 22:10:05 ----D---- C:\Windows\system32\MRT
2014-06-11 22:08:05 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-07-17 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2014-05-08 252464]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-08 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-08 180632]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-08-27 25392]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-12-04 328728]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-03-24 26136]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-05-15 54832]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 411680]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-05-08 57672]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-08 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-08 67824]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-08-27 34608]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-01-17 381440]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-10-30 1204128]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-03 4303360]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-09-14 1665016]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2014-02-10 12320]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-11-24 310272]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 84248]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 181912]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-27 14336]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-03 729088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-08 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-05-08 109048]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-08-27 24880]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-17 354840]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2014-06-19 1857336]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-27 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#12 Příspěvek od **Rudy** » 09 črc 2014 16:49

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\McAfee Security Scan
C:\Users\Olga\AppData\Local\Akamai
C:\Program Files\SiteFinder
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\ProgramData\McAfee Security Scan

:services
McComponentHostService

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3763-006A-76A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

atena · #13 Příspěvek od **atena** » 09 črc 2014 21:00

Logfile of random's system information tool 1.10 (written by random/random)
Run by Olga at 2014-07-09 21:57:40
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 81 GB (17%) free of 466 GB
Total RAM: 3035 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:51, on 9.7.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16555)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\Windows\notepad.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MyDrive Connect\MyDriveConnect.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Olga\Desktop\RSIT.exe
C:\Program Files\trend micro\Olga.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\soundmax.exe /tray
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\MyDriveConnect.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--
End of file - 6601 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Windows.old\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{B13721C7-F507-4982-B2E5-502A71474FED}

C:\Windows.old\Program Files\Mozilla Firefox\components\
AskHPRFF.js
msservice.js
nsIQTScriptablePlugin.xpt

C:\Windows.old\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFFICE.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\extensions\
sitematchersite@sitematchersite.com
{16D8371D-180E-146E-C4AD-1DA80388AFBF}

C:\Users\Olga\AppData\Roaming\Mozilla\Firefox\Profiles\qpl4a1pp.default\searchplugins\
bing-avast.xml
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-08 436600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-02-03 61440]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-12-17 186904]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-02-18 177720]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-06 3890208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-12-11 1310720]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [2009-01-16 3866624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"MyDriveConnect.exe"=C:\Program Files\MyDrive Connect\MyDriveConnect.exe [2013-11-29 473496]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-05-08 21444224]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-01-06 5625624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-08 115440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-09 21:49:15 ----D---- C:\_OTM
2014-07-08 20:45:50 ----D---- C:\rsit
2014-07-08 20:45:50 ----D---- C:\Program Files\trend micro
2014-07-08 19:56:48 ----D---- C:\Windows\ERUNT
2014-07-06 21:00:57 ----D---- C:\Program Files\Common Files\Skype
2014-07-03 12:15:19 ----D---- C:\Program Files\Marvell
2014-07-03 12:07:24 ----D---- C:\Intel
2014-06-26 18:56:57 ----A---- C:\Windows\system32\authuitu.dll
2014-06-26 18:56:55 ----A---- C:\Windows\system32\uxtuneup.dll
2014-06-26 18:47:57 ----D---- C:\Program Files\SiteLookup
2014-06-26 18:47:51 ----A---- C:\Windows\system32\TURegOpt.exe
2014-06-26 18:46:38 ----D---- C:\Users\Olga\AppData\Roaming\AVG
2014-06-26 18:45:41 ----D---- C:\Program Files\AVG
2014-06-26 18:45:00 ----D---- C:\ProgramData\AVG
2014-06-26 18:44:17 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-26 18:44:08 ----HD---- C:\ProgramData\Common Files
2014-06-11 16:31:48 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 16:31:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 16:31:45 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 16:31:45 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 16:31:43 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 16:31:43 ----A---- C:\Windows\system32\mshta.exe
2014-06-11 16:31:43 ----A---- C:\Windows\system32\msfeedssync.exe
2014-06-11 16:31:42 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 16:31:41 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\url.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 16:31:41 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\jscript.dll
2014-06-11 16:31:39 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 16:31:38 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 16:31:36 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 16:31:35 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 16:31:35 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 16:31:34 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 16:31:31 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2014-07-09 21:57:48 ----D---- C:\Windows\Temp
2014-07-09 21:57:37 ----D---- C:\Users\Olga\AppData\Roaming\Skype
2014-07-09 21:53:07 ----D---- C:\Windows\Prefetch
2014-07-09 21:49:20 ----HD---- C:\ProgramData
2014-07-09 21:49:20 ----D---- C:\Windows\Tasks
2014-07-09 21:49:19 ----RD---- C:\Program Files
2014-07-09 21:47:36 ----D---- C:\Windows\System32
2014-07-09 21:47:36 ----D---- C:\Windows\inf
2014-07-09 21:47:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-09 18:11:36 ----SHD---- C:\System Volume Information
2014-07-09 16:56:06 ----D---- C:\Windows\system32\catroot
2014-07-09 16:56:03 ----D---- C:\Windows\winsxs
2014-07-09 16:51:02 ----D---- C:\Windows\system32\catroot2
2014-07-09 16:31:23 ----D---- C:\AdwCleaner
2014-07-09 16:21:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-07-08 19:56:48 ----D---- C:\Windows
2014-07-06 21:01:02 ----SHD---- C:\Windows\Installer
2014-07-06 21:01:02 ----D---- C:\ProgramData\Skype
2014-07-06 21:00:57 ----RD---- C:\Program Files\Skype
2014-07-06 21:00:57 ----D---- C:\Program Files\Common Files
2014-07-03 12:33:38 ----D---- C:\Windows\system32\WDI
2014-07-03 12:25:07 ----D---- C:\Users\Olga\AppData\Roaming\hpqLog
2014-07-03 12:19:12 ----D---- C:\Windows\system32\tr-TR
2014-07-03 12:19:12 ----D---- C:\Windows\system32\th-TH
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sv-SE
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sl-SI
2014-07-03 12:19:12 ----D---- C:\Windows\system32\sk-SK
2014-07-03 12:19:12 ----D---- C:\Windows\system32\ru-RU
2014-07-03 12:19:12 ----D---- C:\Windows\system32\ro-RO
2014-07-03 12:19:11 ----D---- C:\Windows\system32\pl-PL
2014-07-03 12:19:11 ----D---- C:\Windows\system32\no-NO
2014-07-03 12:19:11 ----D---- C:\Windows\system32\nl-NL
2014-07-03 12:19:11 ----D---- C:\Windows\system32\lv-LV
2014-07-03 12:19:11 ----D---- C:\Windows\system32\lt-LT
2014-07-03 12:19:11 ----D---- C:\Windows\system32\ko-KR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\ja-JP
2014-07-03 12:19:11 ----D---- C:\Windows\system32\it-IT
2014-07-03 12:19:11 ----D---- C:\Windows\system32\hu-HU
2014-07-03 12:19:11 ----D---- C:\Windows\system32\hr-HR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\fr-FR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\fi-FI
2014-07-03 12:19:11 ----D---- C:\Windows\system32\et-EE
2014-07-03 12:19:11 ----D---- C:\Windows\system32\en-US
2014-07-03 12:19:11 ----D---- C:\Windows\system32\el-GR
2014-07-03 12:19:11 ----D---- C:\Windows\system32\de-DE
2014-07-03 12:19:11 ----D---- C:\Windows\system32\da-DK
2014-07-03 12:19:11 ----D---- C:\Windows\system32\cs-CZ
2014-07-03 12:19:11 ----D---- C:\Windows\system32\bg-BG
2014-07-03 12:18:53 ----A---- C:\Windows\system32\bcmwlrc.dll
2014-07-03 12:17:25 ----D---- C:\Windows\system32\drivers
2014-07-03 12:09:53 ----D---- C:\Program Files\Analog Devices
2014-07-03 12:09:43 ----D---- C:\ProgramData\SonicFocus
2014-07-03 12:08:36 ----HD---- C:\System.Sav
2014-07-03 12:04:56 ----SD---- C:\Users\Olga\AppData\Roaming\Microsoft
2014-07-03 12:01:20 ----D---- C:\Program Files\Common Files\SNP2UVC
2014-07-01 20:46:21 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-06-29 21:10:08 ----D---- C:\Windows\system32\Tasks
2014-06-26 20:33:42 ----D---- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
2014-06-15 22:12:20 ----D---- C:\OLGA
2014-06-12 19:31:01 ----D---- C:\Windows\system32\migration
2014-06-12 19:31:01 ----D---- C:\Program Files\Internet Explorer
2014-06-11 22:11:18 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 22:10:05 ----D---- C:\Windows\system32\MRT
2014-06-11 22:08:05 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-07-17 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2014-05-08 252464]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-08 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-08 180632]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2008-08-27 25392]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-12-04 328728]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2014-03-24 26136]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-05-15 54832]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 411680]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-05-08 57672]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-08 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-08 67824]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2008-08-27 34608]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-01-17 381440]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-03 4303360]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-09-14 1665016]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2014-02-10 12320]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-11-24 310272]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-10-30 1204128]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 84248]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-06-04 181912]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-11 120088]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-27 14336]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-03 729088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-08 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-05-08 109048]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2008-08-27 24880]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-12-17 354840]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2014-06-19 1857336]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-12-04 222512]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-27 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#14 Příspěvek od **Rudy** » 09 črc 2014 21:05

Dvouklikem na soubor C:\Program Files\trend micro\Olga.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files\SiteFinder\SiteFinder.dll (file missing)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

atena · #15 Příspěvek od **atena** » 09 črc 2014 21:48

Tak hotovo, problém sice pořád trvá, ale zjistila jsem, že jenom na Mozille, na Google chrome v pořádku.

VIRY.CZ

Avast opakovaně blokuje URL

Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL

Re: Avast opakovaně blokuje URL