Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Win32 Evo-Gen v souboru lynx.exe

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Win32 Evo-Gen v souboru lynx.exe

#1 Příspěvek od robert333 »

Dobrý den,
dnes se mi nečekaně zjevila tabulka avastu, že našel v souboru lynx.exe virus.
Lynx je textový prohlížeč a avast jej nikdy dříve nedetekoval.
V tabulce bylo napsáno, že se program spustil přes proces rundll32.exe (Lynx mám jako zástupce na ploše), přitom jsem program já sám nespustil. Nevíte co to má znamenat?
Lynx jsem z kontextového menu nechal avastem otestovat a nic nenašel, jenže po odkliknutí tabulky avast znovu zablokoval hrozbu.
Na Virustotalu nebyl v souboru lynx.exe žádný virus objeven, dokonce ani avast v něm nic nenašel.
Možná se jedná o planý poplach, ale i tak vám se dám log z RSIT. Nevíte však, proč to avast blokoval, když jsem to sám nespouštěl?

Logfile of random's system information tool 1.08 (written by random/random)
Run by Správce at 2014-12-29 13:05:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 319 GB (67%) free of 477 GB
Total RAM: 4061 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:06:02, on 29.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Správce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S3].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1808696115-1385625353-2641224543-1182\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1808696115-1385625353-2641224543-1182\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6865 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1888
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\ACER\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
taskhost.exe $(Arg0)
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-25 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-25 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S3].txt [2014-11-14 1170]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop]
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Classic Start Menu]
C:\Program Files\Classic Shell\ClassicStartMenu.exe [2013-06-29 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2013-02-27 1157640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2008-07-29 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18 224128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tresorit]
C:\Users\ACER\AppData\Local\Tresorit\v0.8\Tresorit.exe [2014-07-02 6618760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ACER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-05-25 27776968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-12 5227112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-12-18 16:12:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 16:12:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-11 22:10:26 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 22:10:26 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 22:10:26 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 22:10:25 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 22:10:25 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 22:10:24 ----A---- C:\Windows\system32\mf.dll
2014-12-11 13:41:27 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 13:41:26 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 13:41:25 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 13:41:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 13:41:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 13:41:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 13:41:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 13:41:18 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 13:41:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 13:41:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 13:41:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 13:41:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 13:41:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 13:41:15 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 13:41:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 13:41:13 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 13:41:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 13:41:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 13:41:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 13:41:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 13:41:05 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 13:41:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 13:41:04 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 13:39:04 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 13:39:03 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 13:39:00 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 13:39:00 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 13:38:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 13:38:55 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 17:46:32 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-12-29 13:06:01 ----D---- C:\Windows\Temp
2014-12-29 13:06:01 ----D---- C:\Program Files\trend micro
2014-12-29 13:05:57 ----D---- C:\Windows\Prefetch
2014-12-29 12:57:14 ----D---- C:\Program Files (x86)\Lynx
2014-12-28 23:53:48 ----D---- C:\Windows\system32\config
2014-12-26 16:03:06 ----SHD---- C:\System Volume Information
2014-12-23 23:25:09 ----SHD---- C:\Windows\Installer
2014-12-23 15:16:17 ----D---- C:\Windows\System32
2014-12-23 15:16:17 ----D---- C:\Windows\inf
2014-12-23 15:16:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-23 10:49:53 ----D---- C:\Windows\system32\catroot2
2014-12-21 22:18:47 ----D---- C:\Program Files (x86)\Steam
2014-12-18 16:32:55 ----D---- C:\Windows\winsxs
2014-12-18 16:32:41 ----D---- C:\Windows\SysWOW64
2014-12-18 16:11:08 ----D---- C:\Windows\system32\catroot
2014-12-13 17:49:18 ----D---- C:\Windows\rescache
2014-12-12 15:32:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 15:18:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 15:18:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 15:18:29 ----D---- C:\Windows\system32\drivers
2014-12-12 15:18:29 ----D---- C:\Program Files\Internet Explorer
2014-12-12 15:18:28 ----D---- C:\Windows\system32\en-US
2014-12-12 15:18:28 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 15:18:28 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 15:18:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 22:14:36 ----D---- C:\Windows\system32\MRT
2014-12-11 22:11:41 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 14:41:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 19:25:15 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-25 267632]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-25 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-25 436624]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-05-16 254240]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-05-16 128288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-25 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-25 116728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2013-02-27 25608]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-05-16 156448]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-15 44640]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 141600]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-25 50344]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-10 115312]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2014-04-30 87736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win32 Evo-Gen v souboru lynx.exe

#2 Příspěvek od Rudy »

Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#3 Příspěvek od robert333 »

# AdwCleaner v4.106 - Report created 29/12/2014 at 17:42:42
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Správce - ACER-NTB
# Running from : C:\Users\ACER\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 cs)


*************************

AdwCleaner[R0].txt - [941 octets] - [11/03/2014 21:47:47]
AdwCleaner[R1].txt - [1215 octets] - [22/04/2014 20:37:36]
AdwCleaner[R2].txt - [6592 octets] - [21/10/2014 18:10:46]
AdwCleaner[R3].txt - [1108 octets] - [14/11/2014 19:54:12]
AdwCleaner[R4].txt - [1343 octets] - [29/12/2014 17:37:45]
AdwCleaner[R5].txt - [1404 octets] - [29/12/2014 17:40:21]
AdwCleaner[S0].txt - [1005 octets] - [11/03/2014 21:48:36]
AdwCleaner[S1].txt - [1284 octets] - [22/04/2014 20:39:22]
AdwCleaner[S2].txt - [6740 octets] - [21/10/2014 18:14:11]
AdwCleaner[S3].txt - [1170 octets] - [14/11/2014 20:07:54]
AdwCleaner[S4].txt - [1329 octets] - [29/12/2014 17:42:42]

########## EOF - \AdwCleaner\AdwCleaner[S4].txt - [1389 octets] ##########
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win32 Evo-Gen v souboru lynx.exe

#4 Příspěvek od Rudy »

Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#5 Příspěvek od robert333 »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Správce at 2014-12-29 19:55:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 320 GB (67%) free of 477 GB
Total RAM: 4061 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:06, on 29.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\Správce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S4].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1808696115-1385625353-2641224543-1182\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1808696115-1385625353-2641224543-1182\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6813 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1556
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
taskhost.exe $(Arg0)
taskeng.exe {A6BA915A-4709-4E37-B391-2CDC9E2CBB6C}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\ACER\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-25 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-25 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S4].txt [2014-12-29 1467]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop]
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Classic Start Menu]
C:\Program Files\Classic Shell\ClassicStartMenu.exe [2013-06-29 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2013-02-27 1157640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2008-07-29 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18 224128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tresorit]
C:\Users\ACER\AppData\Local\Tresorit\v0.8\Tresorit.exe [2014-07-02 6618760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ACER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-05-25 27776968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-12 5227112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-12-18 16:12:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 16:12:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-11 22:10:26 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 22:10:26 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 22:10:26 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 22:10:25 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 22:10:25 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 22:10:24 ----A---- C:\Windows\system32\mf.dll
2014-12-11 13:41:27 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 13:41:26 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 13:41:25 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 13:41:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 13:41:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 13:41:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 13:41:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 13:41:18 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 13:41:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 13:41:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 13:41:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 13:41:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 13:41:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 13:41:15 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 13:41:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 13:41:13 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 13:41:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 13:41:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 13:41:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 13:41:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 13:41:05 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 13:41:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 13:41:04 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 13:39:04 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 13:39:03 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 13:39:00 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 13:39:00 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 13:38:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 13:38:55 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 17:46:32 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-12-29 19:55:06 ----D---- C:\Windows\Prefetch
2014-12-29 19:55:04 ----D---- C:\Windows\Temp
2014-12-29 19:55:04 ----D---- C:\Program Files\trend micro
2014-12-29 19:54:23 ----D---- C:\Windows\system32\config
2014-12-29 17:42:43 ----D---- C:\AdwCleaner
2014-12-29 12:57:14 ----D---- C:\Program Files (x86)\Lynx
2014-12-26 16:03:06 ----SHD---- C:\System Volume Information
2014-12-23 23:25:09 ----SHD---- C:\Windows\Installer
2014-12-23 15:16:17 ----D---- C:\Windows\System32
2014-12-23 15:16:17 ----D---- C:\Windows\inf
2014-12-23 15:16:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-23 10:49:53 ----D---- C:\Windows\system32\catroot2
2014-12-21 22:18:47 ----D---- C:\Program Files (x86)\Steam
2014-12-18 16:32:55 ----D---- C:\Windows\winsxs
2014-12-18 16:32:41 ----D---- C:\Windows\SysWOW64
2014-12-18 16:11:08 ----D---- C:\Windows\system32\catroot
2014-12-13 17:49:18 ----D---- C:\Windows\rescache
2014-12-12 15:32:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 15:18:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 15:18:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 15:18:29 ----D---- C:\Windows\system32\drivers
2014-12-12 15:18:29 ----D---- C:\Program Files\Internet Explorer
2014-12-12 15:18:28 ----D---- C:\Windows\system32\en-US
2014-12-12 15:18:28 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 15:18:28 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 15:18:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 22:14:36 ----D---- C:\Windows\system32\MRT
2014-12-11 22:11:41 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 14:41:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 19:25:15 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-25 267632]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-25 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-25 436624]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-05-16 254240]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-05-16 128288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-25 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-25 116728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2013-02-27 25608]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-05-16 156448]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-15 44640]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 141600]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-25 50344]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-10 115312]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2014-04-30 87736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win32 Evo-Gen v souboru lynx.exe

#6 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#7 Příspěvek od robert333 »

Před chvílí se mi při brouzdání na facebooku stalo, že se systém zasekl, a nic nešlo dělat, takže jsem jej musel natvrdo vypnout. Něco podobného se mi stalo cca. před dvěma dny s tím rozdílem, že se to odseklo.
Občas se mi stane že se dole v liště (mám Win7) zobrazí ikona avastu, jenže když na ni kliknu tak se nic neděje.
V prohlížeči událostí se mi jako chyby, které se staly přibližně v době zaseknutí ukázaly jsou na obrázcích.
Nevíte, co to má znamenat?
Notebook mám přibližně od roku 2010, model Acer Extensa 5635ZG.
Myslíte, že je to stářím notebooku, nebo něčím jiným?
Log z OTM dodám zítra.
Přílohy
1v.jpg
1v.jpg (76.6 KiB) Zobrazeno 4523 x
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#8 Příspěvek od robert333 »

Druhý obrázek:
Přílohy
2v.jpg
2v.jpg (87.66 KiB) Zobrazeno 4523 x
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win32 Evo-Gen v souboru lynx.exe

#9 Příspěvek od Rudy »

Tipuji to na nějaký sw problém. Nyní bych prosil ten log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#10 Příspěvek od robert333 »

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: ACER
->Temp folder emptied: 228571 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 179578151 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 506 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Správce
->Temp folder emptied: 2111442 bytes
->Temporary Internet Files folder emptied: 2084919 bytes
->FireFox cache emptied: 29022576 bytes
->Flash cache emptied: 626 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25147038 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 227,00 mb


[EMPTYFLASH]

User: ACER
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

User: Správce
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 12302014_102217
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#11 Příspěvek od robert333 »

Logfile of random's system information tool 1.08 (written by random/random)
Run by Správce at 2014-12-30 10:33:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 320 GB (67%) free of 477 GB
Total RAM: 4061 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:47, on 30.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Správce.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\ACER\Desktop\OTM.exe"
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S4].txt
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1808696115-1385625353-2641224543-1182\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1808696115-1385625353-2641224543-1182\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6987 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1952
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {C95B6839-069F-49D4-A437-74E03022235D}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2832.1519ad00.1785245401 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2832 "\\.\pipe\gecko-crash-server-pipe.2832" tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\ACER\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-25 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-25 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S4].txt [2014-12-29 1467]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop]
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Classic Start Menu]
C:\Program Files\Classic Shell\ClassicStartMenu.exe [2013-06-29 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2013-02-27 1157640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]
C:\Windows\PLFSetI.exe [2008-07-29 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl]
C:\Program Files\Sandboxie\SbieCtrl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2013-10-30 1820584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-03-18 224128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tresorit]
C:\Users\ACER\AppData\Local\Tresorit\v0.8\Tresorit.exe [2014-07-02 6618760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ACER^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\ACER\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-05-25 27776968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-12 5227112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\ACER\Desktop\OTM.exe [2014-12-30 522240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-12-30 10:22:17 ----D---- C:\_OTM
2014-12-18 16:12:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 16:12:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-11 22:10:26 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-11 22:10:26 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-11 22:10:26 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-11 22:10:26 ----A---- C:\Windows\system32\mferror.dll
2014-12-11 22:10:25 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-11 22:10:25 ----A---- C:\Windows\system32\mfps.dll
2014-12-11 22:10:24 ----A---- C:\Windows\system32\mf.dll
2014-12-11 13:41:27 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-11 13:41:26 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 13:41:25 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 13:41:21 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\iernonce.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-11 13:41:21 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 13:41:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-11 13:41:20 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 13:41:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-11 13:41:18 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-11 13:41:18 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-11 13:41:18 ----A---- C:\Windows\system32\urlmon.dll
2014-12-11 13:41:18 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-11 13:41:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-11 13:41:17 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-11 13:41:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-11 13:41:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 13:41:16 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-11 13:41:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-11 13:41:15 ----A---- C:\Windows\system32\iesetup.dll
2014-12-11 13:41:15 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-11 13:41:13 ----A---- C:\Windows\system32\iertutil.dll
2014-12-11 13:41:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-11 13:41:11 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-11 13:41:10 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-11 13:41:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-11 13:41:09 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\ieui.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\ieframe.dll
2014-12-11 13:41:08 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-11 13:41:07 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\wininet.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\vbscript.dll
2014-12-11 13:41:06 ----A---- C:\Windows\system32\jscript9.dll
2014-12-11 13:41:05 ----A---- C:\Windows\system32\msrating.dll
2014-12-11 13:41:05 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-11 13:41:04 ----A---- C:\Windows\system32\mshtml.dll
2014-12-11 13:39:04 ----A---- C:\Windows\system32\charmap.exe
2014-12-11 13:39:03 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-11 13:39:00 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-11 13:39:00 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 13:38:59 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 13:38:58 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 13:38:55 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-11 13:38:55 ----A---- C:\Windows\system32\tzres.dll
2014-12-09 17:46:32 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-12-30 10:33:46 ----D---- C:\Program Files\trend micro
2014-12-30 10:33:45 ----D---- C:\Windows\Temp
2014-12-30 10:25:40 ----D---- C:\Windows\system32\config
2014-12-30 10:22:18 ----D---- C:\Windows\Tasks
2014-12-30 10:21:48 ----D---- C:\Windows\Prefetch
2014-12-29 17:42:43 ----D---- C:\AdwCleaner
2014-12-29 12:57:14 ----D---- C:\Program Files (x86)\Lynx
2014-12-26 16:03:06 ----SHD---- C:\System Volume Information
2014-12-23 23:25:09 ----SHD---- C:\Windows\Installer
2014-12-23 15:16:17 ----D---- C:\Windows\System32
2014-12-23 15:16:17 ----D---- C:\Windows\inf
2014-12-23 15:16:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-23 10:49:53 ----D---- C:\Windows\system32\catroot2
2014-12-21 22:18:47 ----D---- C:\Program Files (x86)\Steam
2014-12-18 16:32:55 ----D---- C:\Windows\winsxs
2014-12-18 16:32:41 ----D---- C:\Windows\SysWOW64
2014-12-18 16:11:08 ----D---- C:\Windows\system32\catroot
2014-12-13 17:49:18 ----D---- C:\Windows\rescache
2014-12-12 15:32:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-12 15:18:29 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-12 15:18:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-12 15:18:29 ----D---- C:\Windows\system32\drivers
2014-12-12 15:18:29 ----D---- C:\Program Files\Internet Explorer
2014-12-12 15:18:28 ----D---- C:\Windows\system32\en-US
2014-12-12 15:18:28 ----D---- C:\Windows\system32\cs-CZ
2014-12-12 15:18:28 ----D---- C:\Windows\PolicyDefinitions
2014-12-12 15:18:26 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-11 22:14:36 ----D---- C:\Windows\system32\MRT
2014-12-11 22:11:41 ----A---- C:\Windows\system32\MRT.exe
2014-12-10 14:41:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 19:25:15 ----RD---- C:\Program Files (x86)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-25 267632]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-25 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-25 436624]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-05-16 254240]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-05-16 128288]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-25 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-25 116728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2013-02-27 25608]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-05-16 156448]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\Windows\system32\DRIVERS\aswTap.sys [2014-07-15 44640]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 141600]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-25 50344]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-08-29 920864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-10 115312]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2014-04-30 87736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#12 Příspěvek od robert333 »

Před chvílí jsem zapnul počítač a ten se nechtěl spustit. Natvrdo jsem jej vypnul a při dalším spuštění mi naskočil nástroj pro opravu systému. Ten obnovil systém do nějakého data, kdy vše fungovalo a nyní již systém znovu funguje.
Já však chci najít příčinu toho všeho, před týdnem se mi nic takového nestávalo.
Psal jste, že by to zasekávání mohlo být způsobeno softwarovou závadou. Počítač se zasekl vždy při používání Firefoxu.
I po obnově oním nástrojem se počítač občas cca na 2 sekundy zasekne.
Začínám mít obavy, že by se mohlo jednat o něco podobného, jako jsme tu řešili na začátku roku 2013 ( http://forum.viry.cz/viewtopic.php?f=54&t=127854 ).
Mám si raději zazálohovat data, nebo si myslíte, že to není zas tak vážné?
Nevíte, co může být příčinou toho všeho?
Děkuji.
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win32 Evo-Gen v souboru lynx.exe

#13 Příspěvek od Rudy »

Zálohovat data byste měl průběžně. Jedině tím předejdete ztrátě dat, neboť hw závada může nastat zcela bez varování. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Uživatelský avatar
robert333
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 312
Registrován: 26 úno 2012 09:11

Re: Win32 Evo-Gen v souboru lynx.exe

#14 Příspěvek od robert333 »

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2014/12/30 20:15:05

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E 2 port Serial ATA Storage Controller 2 - 292D [ATA]
+ ATA Channel 0 (0)
- WDC WD5000BPKT-08PK4T0 ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7585H ATA Device
+ Intel(R) ICH9M/M-E 2 port Serial ATA Storage Controller 1 - 2928 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BPKT-08PK4T0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000BPKT-08PK4T0
----------------------------------------------------------------------------
Model : WDC WD5000BPKT-08PK4T0
Firmware : 01.01A01
Serial Number : WD-WX21AA2P6942
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/300
Power On Hours : 2223 hod.
Power On Count : 1857 krát
Temperature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 195 191 _21 0000000004B8 Čas na roztočení ploten
04 _99 _99 __0 000000000748 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _97 _97 __0 0000000008AF Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 000000000741 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000006 Počet vypnutí disku
C1 186 186 __0 00000000A576 Počet cyklů načítání/vymazání
C2 123 100 __0 000000000018 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
F0 _98 _98 __0 0000000007D4 Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3231 4141 3250 3639 3432
020: 0000 8000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4250 4B54 2D30 3850 4B34 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0004 004C 0040
080: 01FE 0000 346B 7D09 6123 3469 BC09 6123 407F 002F
090: 002F 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 586F 013F 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 16FE 013E 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7037 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 97A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 C3 BF B8 04 00 00 00 00 00 04 32 00 63 63 48
020: 07 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 61 61 AF 08 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 41 07 00 00 00 00 00 C0 32
070: 00 C8 C8 06 00 00 00 00 00 00 C1 32 00 BA BA 76
080: A5 00 00 00 00 00 C2 22 00 7B 64 18 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 F0 32
0D0: 00 62 62 D4 07 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 54 24 01 7B
170: 03 00 01 00 02 5E 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 03 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 F0 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 EA
Lenovo ThinkPad T440p
Intel Core i7 4700MQ 3,4 GHz, 16 GB RAM
openSUSE Leap 15.1 KDE
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Win32 Evo-Gen v souboru lynx.exe

#15 Příspěvek od Rudy »

Disk je v pořádku. Co jste instaloval před tím, než se problém objevil?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Sekce pouze pro Vzorné návštěvníky“