prosím o pomoc

Zpráva

skalda88 · #1 Příspěvek od **skalda88** » 08 led 2016 20:19

zdravím, prosím o pomoc. přítelkyně chtěla stáhnou zkušební verzu noda ale stáhla kdoví co. nešel internet tak jsem stáhnu na jiném pc adwcleaner a použil. log v dalším příspěvku. internet už funguje ale pořád se objevují čínské reklamy atd.

děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina at 2016-01-08 20:07:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 194 GB (32%) free of 610 GB
Total RAM: 4094 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:07:28, on 8.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\t_201601080825\201601080825\lsas.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\Martina\AppData\Local\Temp\setup_info.exe
C:\Program Files (x86)\t_201601080825\201601080825\auds.exe
C:\Program Files (x86)\t_201601080825\201601080825\tslog.exe
C:\Program Files (x86)\t_201601080825\201601080825\auds.exe
C:\Users\Martina\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Martina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [setup_info] C:\Users\Martina\AppData\Local\Temp\setup_info.exe /start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [lsas] C:\Program Files (x86)\t_201601080825\201601080825\lsas.exe -mini
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: cmdidx - Unknown owner - C:\Program Files\cmdidx\cmdidx.exe
O23 - Service: Unotone (dowuloadupnzwupdxtep) - Unknown owner - C:\Users\Martina\AppData\Local\Techitrax.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8805 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default

prefs.js - "browser.startup.homepage" - "C:\ProgramData\Medlights\ff.HP"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"setup_info"=C:\Users\Martina\AppData\Local\Temp\setup_info.exe [2016-01-08 881664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]
"lsas"=C:\Program Files (x86)\t_201601080825\201601080825\lsas.exe [2016-01-08 556160]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-01-08 20:07:23 ----D---- C:\Program Files (x86)\trend micro
2016-01-08 20:07:22 ----D---- C:\rsit
2016-01-08 19:57:11 ----D---- C:\AdwCleaner
2016-01-08 18:58:23 ----D---- C:\Users\Martina\AppData\Roaming\wps
2016-01-08 18:56:18 ----D---- C:\Program Files (x86)\Microsoft Office
2016-01-08 10:22:23 ----D---- C:\Users\Martina\AppData\Roaming\360nav
2016-01-08 10:16:00 ----D---- C:\Users\Martina\AppData\Roaming\kingsoft
2016-01-08 09:36:20 ----D---- C:\ProgramData\ESET
2016-01-08 08:25:58 ----D---- C:\Program Files (x86)\t_201601080825
2016-01-08 08:25:40 ----D---- C:\Program Files (x86)\ExploreTech
2016-01-08 08:25:29 ----D---- C:\Program Files (x86)\MTV20151125
2016-01-08 08:23:42 ----D---- C:\ProgramData\kingsoft
2016-01-08 08:23:31 ----D---- C:\Program Files (x86)\ppt
2016-01-08 08:23:23 ----D---- C:\Users\Martina\AppData\Roaming\Opera Software
2016-01-08 08:21:59 ----D---- C:\Program Files (x86)\Common Files\Open-Plus
2015-12-23 17:36:02 ----D---- C:\Users\Martina\AppData\Roaming\OpenOffice
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\nlsbres.dll
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-12 12:26:59 ----D---- C:\Program Files (x86)\OpenOffice 4
2015-12-12 10:20:45 ----A---- C:\Windows\SysWOW64\tzres.dll
2015-12-12 10:20:29 ----A---- C:\Windows\SysWOW64\usp10.dll
2015-12-12 10:20:12 ----A---- C:\Windows\SysWOW64\wuapi.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wups.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wudriver.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wuapp.exe
2015-12-12 10:19:56 ----A---- C:\Windows\SysWOW64\DWrite.dll
2015-12-12 10:19:54 ----A---- C:\Windows\SysWOW64\user32.dll
2015-12-12 10:19:48 ----A---- C:\Windows\SysWOW64\wshrm.dll
2015-12-12 10:19:45 ----A---- C:\Windows\SysWOW64\comsvcs.dll
2015-12-12 10:19:45 ----A---- C:\Windows\SysWOW64\catsrvut.dll
2015-12-12 10:19:24 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2015-12-12 10:19:24 ----A---- C:\Windows\SysWOW64\iernonce.dll
2015-12-12 10:19:24 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-12 10:19:23 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-12 10:19:22 ----A---- C:\Windows\SysWOW64\iertutil.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\vbscript.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\urlmon.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\occache.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2015-12-12 10:19:20 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-12 10:19:20 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2015-12-12 10:19:19 ----A---- C:\Windows\SysWOW64\mshtml.dll
2015-12-12 10:19:19 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2015-12-12 10:19:15 ----A---- C:\Windows\SysWOW64\iesetup.dll
2015-12-12 10:19:15 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2015-12-12 10:19:13 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2015-12-12 10:19:13 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2015-12-12 10:19:13 ----A---- C:\Windows\SysWOW64\jscript.dll
2015-12-12 10:19:12 ----A---- C:\Windows\SysWOW64\ieui.dll
2015-12-12 10:19:12 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2015-12-12 10:19:11 ----A---- C:\Windows\SysWOW64\ieframe.dll
2015-12-12 10:19:05 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-12 10:19:04 ----A---- C:\Windows\SysWOW64\webcheck.dll
2015-12-12 10:19:04 ----A---- C:\Windows\SysWOW64\jscript9.dll
2015-12-12 10:19:04 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2015-12-12 10:19:03 ----A---- C:\Windows\SysWOW64\wininet.dll
2015-12-12 10:19:03 ----A---- C:\Windows\SysWOW64\msrating.dll
2015-12-12 10:18:02 ----A---- C:\Windows\SysWOW64\els.dll

======List of files/folders modified in the last 1 month======

2016-01-08 20:07:23 ----RD---- C:\Program Files (x86)
2016-01-08 20:06:52 ----D---- C:\Windows\temp
2016-01-08 20:02:20 ----D---- C:\ProgramData
2016-01-08 19:59:49 ----D---- C:\Windows\System32
2016-01-08 19:59:49 ----D---- C:\Windows\inf
2016-01-08 19:57:11 ----D---- C:\Windows\Prefetch
2016-01-08 19:39:42 ----D---- C:\Windows
2016-01-08 19:30:29 ----D---- C:\Windows\Tasks
2016-01-08 19:29:09 ----D---- C:\Users\Martina\AppData\Roaming\Seznam.cz
2016-01-08 19:29:05 ----D---- C:\Program Files (x86)\Seznam.cz
2016-01-08 19:27:53 ----D---- C:\Program Files (x86)\Driver Identifier
2016-01-08 19:26:25 ----D---- C:\Users\Martina\AppData\Roaming\Foxit Software
2016-01-08 19:25:01 ----D---- C:\Windows\SoftwareDistribution
2016-01-08 19:24:02 ----D---- C:\Windows\debug
2016-01-08 18:59:43 ----SHD---- C:\System Volume Information
2016-01-08 14:19:34 ----D---- C:\Windows\rescache
2016-01-08 12:57:13 ----D---- C:\Windows\Microsoft.NET
2016-01-08 09:37:39 ----SHD---- C:\Windows\Installer
2016-01-08 09:37:25 ----D---- C:\Config.Msi
2016-01-08 09:36:10 ----RD---- C:\Program Files
2016-01-08 08:21:59 ----D---- C:\Program Files (x86)\Common Files
2015-12-23 19:18:15 ----D---- C:\Windows\SysWOW64
2015-12-23 19:18:15 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-23 17:34:17 ----D---- C:\Windows\winsxs
2015-12-22 20:04:33 ----RSD---- C:\Windows\Fonts
2015-12-22 20:04:33 ----D---- C:\Windows\SysWOW64\cs-CZ
2015-12-22 17:57:16 ----SD---- C:\Windows\SysWOW64\GWX
2015-12-17 16:24:30 ----RSD---- C:\Windows\assembly
2015-12-15 18:55:04 ----D---- C:\Users\Martina\AppData\Roaming\HpUpdate
2015-12-15 18:47:21 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-13 18:28:31 ----D---- C:\Windows\ehome
2015-12-13 18:28:29 ----D---- C:\Windows\SysWOW64\en-US
2015-12-13 18:28:28 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 864032]
R2 cmdidx;cmdidx; C:\Program Files\cmdidx\cmdidx.exe [2016-01-08 383488]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dowuloadupnzwupdxtep;Unotone; C:\Users\Martina\AppData\Local\Techitrax.exe [2016-01-08 28160]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-01-08 2522616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-04 114288]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]

-----------------EOF-----------------

# AdwCleaner v5.028 - Logfile created 08/01/2016 at 20:02:19
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Martina - MARTINA-PC
# Running from : C:\Users\Martina\Desktop\adwcleaner_5.028.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\ApplicationHosting
[-] Folder Deleted : C:\ProgramData\Medlight
[-] Folder Deleted : C:\ProgramData\Medlights
[-] Folder Deleted : C:\Users\Martina\AppData\Roaming\tencent

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\findit.xml
[-] File Deleted : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage
[-] File Deleted : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.snapdo.com_0.localstorage-journal
[-] File Deleted : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default\searchplugins\findit.xml

***** [ DLLs ] *****

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : DNSARCHBOLD

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [WindoWeather.exe]
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\WindoWeather
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Data Restored : HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BFB875C4-C43C-42BE-BD26-8E1E0E263427} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{BFB875C4-C43C-42BE-BD26-8E1E0E263427} [NameServer]
[-] Data Restored : HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{BFB875C4-C43C-42BE-BD26-8E1E0E263427} [NameServer]

***** [ Web browsers ] *****

[-] [C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcgnigmofekcllgbiejhmigggmgehkip

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [3608 bytes] ##########

#2 Příspěvek od **Rudy** » 08 led 2016 21:22

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\t_201601080825
C:\Program Files (x86)\ExploreTech
C:\Program Files (x86)\MTV20151125
C:\ProgramData\kingsoft
C:\Program Files (x86)\ppt

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"setup_info"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"lsas"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

skalda88 · #3 Příspěvek od **skalda88** » 08 led 2016 21:48

All processes killed
========== FILES ==========
C:\Program Files (x86)\t_201601080825\201601080825\data folder moved successfully.
C:\Program Files (x86)\t_201601080825\201601080825 folder moved successfully.
C:\Program Files (x86)\t_201601080825 folder moved successfully.
C:\Program Files (x86)\ExploreTech folder moved successfully.
C:\Program Files (x86)\MTV20151125 folder moved successfully.
C:\ProgramData\kingsoft\pptassist folder moved successfully.
C:\ProgramData\kingsoft\office6\mtfont folder moved successfully.
C:\ProgramData\kingsoft\office6 folder moved successfully.
C:\ProgramData\kingsoft\20160108_82342 folder moved successfully.
C:\ProgramData\kingsoft\20160108_185313 folder moved successfully.
C:\ProgramData\kingsoft folder moved successfully.
C:\Program Files (x86)\ppt folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\setup_info deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\lsas deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martina
->Temp folder emptied: 124374318 bytes
->Temporary Internet Files folder emptied: 15789942 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 41200924 bytes
->Flash cache emptied: 419 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 582515 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 174,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Martina
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.21.0 log created on 01082016_214440

Files moved on Reboot...
C:\Users\Martina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martina at 2016-01-08 21:48:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 194 GB (32%) free of 610 GB
Total RAM: 4094 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:48:34, on 8.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Martina\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Martina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2ZcN3knEQ17f385fjzNmZi23e2OsHnuhXkcM1qMOs4b5SU95Sw25ag9MfKB-mQecJtWjnWGa46JWAWWSkx4HuDVr--z_hVKptVGR_Ea2LLWrvTEezWYSrOGSXACM9lljkNlpumvH6bo7HMCRZq6zG2t&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: cmdidx - Unknown owner - C:\Program Files\cmdidx\cmdidx.exe
O23 - Service: Unotone (dowuloadupnzwupdxtep) - Unknown owner - C:\Users\Martina\AppData\Local\Techitrax.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8570 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8uxp2nhd.default

prefs.js - "browser.startup.homepage" - "C:\ProgramData\Medlights\ff.HP"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-09-16 8461224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-01-08 21:44:40 ----D---- C:\_OTM
2016-01-08 20:07:23 ----D---- C:\Program Files (x86)\trend micro
2016-01-08 20:07:22 ----D---- C:\rsit
2016-01-08 19:57:11 ----D---- C:\AdwCleaner
2016-01-08 18:58:23 ----D---- C:\Users\Martina\AppData\Roaming\wps
2016-01-08 18:56:18 ----D---- C:\Program Files (x86)\Microsoft Office
2016-01-08 10:22:23 ----D---- C:\Users\Martina\AppData\Roaming\360nav
2016-01-08 10:16:00 ----D---- C:\Users\Martina\AppData\Roaming\kingsoft
2016-01-08 09:36:20 ----D---- C:\ProgramData\ESET
2016-01-08 08:23:23 ----D---- C:\Users\Martina\AppData\Roaming\Opera Software
2016-01-08 08:21:59 ----D---- C:\Program Files (x86)\Common Files\Open-Plus
2015-12-23 17:36:02 ----D---- C:\Users\Martina\AppData\Roaming\OpenOffice
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\nlsbres.dll
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-21 11:42:06 ----A---- C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-12 12:26:59 ----D---- C:\Program Files (x86)\OpenOffice 4
2015-12-12 10:20:45 ----A---- C:\Windows\SysWOW64\tzres.dll
2015-12-12 10:20:29 ----A---- C:\Windows\SysWOW64\usp10.dll
2015-12-12 10:20:12 ----A---- C:\Windows\SysWOW64\wuapi.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wuwebv.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wups.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wudriver.dll
2015-12-12 10:20:11 ----A---- C:\Windows\SysWOW64\wuapp.exe
2015-12-12 10:19:56 ----A---- C:\Windows\SysWOW64\DWrite.dll
2015-12-12 10:19:54 ----A---- C:\Windows\SysWOW64\user32.dll
2015-12-12 10:19:48 ----A---- C:\Windows\SysWOW64\wshrm.dll
2015-12-12 10:19:45 ----A---- C:\Windows\SysWOW64\comsvcs.dll
2015-12-12 10:19:45 ----A---- C:\Windows\SysWOW64\catsrvut.dll
2015-12-12 10:19:24 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2015-12-12 10:19:24 ----A---- C:\Windows\SysWOW64\iernonce.dll
2015-12-12 10:19:24 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-12 10:19:23 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-12 10:19:22 ----A---- C:\Windows\SysWOW64\iertutil.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\vbscript.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\urlmon.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\occache.dll
2015-12-12 10:19:21 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2015-12-12 10:19:20 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-12 10:19:20 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2015-12-12 10:19:19 ----A---- C:\Windows\SysWOW64\mshtml.dll
2015-12-12 10:19:19 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2015-12-12 10:19:15 ----A---- C:\Windows\SysWOW64\iesetup.dll
2015-12-12 10:19:15 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2015-12-12 10:19:13 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2015-12-12 10:19:13 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2015-12-12 10:19:13 ----A---- C:\Windows\SysWOW64\jscript.dll
2015-12-12 10:19:12 ----A---- C:\Windows\SysWOW64\ieui.dll
2015-12-12 10:19:12 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2015-12-12 10:19:11 ----A---- C:\Windows\SysWOW64\ieframe.dll
2015-12-12 10:19:05 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-12 10:19:04 ----A---- C:\Windows\SysWOW64\webcheck.dll
2015-12-12 10:19:04 ----A---- C:\Windows\SysWOW64\jscript9.dll
2015-12-12 10:19:04 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2015-12-12 10:19:03 ----A---- C:\Windows\SysWOW64\wininet.dll
2015-12-12 10:19:03 ----A---- C:\Windows\SysWOW64\msrating.dll
2015-12-12 10:18:02 ----A---- C:\Windows\SysWOW64\els.dll

======List of files/folders modified in the last 1 month======

2016-01-08 21:48:31 ----D---- C:\Windows\temp
2016-01-08 21:44:42 ----RD---- C:\Program Files (x86)
2016-01-08 21:44:42 ----D---- C:\ProgramData
2016-01-08 19:59:49 ----D---- C:\Windows\System32
2016-01-08 19:59:49 ----D---- C:\Windows\inf
2016-01-08 19:57:11 ----D---- C:\Windows\Prefetch
2016-01-08 19:39:42 ----D---- C:\Windows
2016-01-08 19:30:29 ----D---- C:\Windows\Tasks
2016-01-08 19:29:09 ----D---- C:\Users\Martina\AppData\Roaming\Seznam.cz
2016-01-08 19:29:05 ----D---- C:\Program Files (x86)\Seznam.cz
2016-01-08 19:27:53 ----D---- C:\Program Files (x86)\Driver Identifier
2016-01-08 19:26:25 ----D---- C:\Users\Martina\AppData\Roaming\Foxit Software
2016-01-08 19:25:01 ----D---- C:\Windows\SoftwareDistribution
2016-01-08 19:24:02 ----D---- C:\Windows\debug
2016-01-08 18:59:43 ----SHD---- C:\System Volume Information
2016-01-08 14:19:34 ----D---- C:\Windows\rescache
2016-01-08 12:57:13 ----D---- C:\Windows\Microsoft.NET
2016-01-08 09:37:39 ----SHD---- C:\Windows\Installer
2016-01-08 09:37:25 ----D---- C:\Config.Msi
2016-01-08 09:36:10 ----RD---- C:\Program Files
2016-01-08 08:21:59 ----D---- C:\Program Files (x86)\Common Files
2015-12-23 19:18:15 ----D---- C:\Windows\SysWOW64
2015-12-23 19:18:15 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-23 17:34:17 ----D---- C:\Windows\winsxs
2015-12-22 20:04:33 ----RSD---- C:\Windows\Fonts
2015-12-22 20:04:33 ----D---- C:\Windows\SysWOW64\cs-CZ
2015-12-22 17:57:16 ----SD---- C:\Windows\SysWOW64\GWX
2015-12-17 16:24:30 ----RSD---- C:\Windows\assembly
2015-12-15 18:55:04 ----D---- C:\Users\Martina\AppData\Roaming\HpUpdate
2015-12-15 18:47:21 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-12-13 18:28:31 ----D---- C:\Windows\ehome
2015-12-13 18:28:29 ----D---- C:\Windows\SysWOW64\en-US
2015-12-13 18:28:28 ----D---- C:\Program Files (x86)\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-04-29 361984]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 864032]
R2 cmdidx;cmdidx; C:\Program Files\cmdidx\cmdidx.exe [2016-01-08 383488]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dowuloadupnzwupdxtep;Unotone; C:\Users\Martina\AppData\Local\Techitrax.exe [2016-01-08 28160]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-01-08 2522616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-04 114288]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 08 led 2016 22:27

Dvouklikem na soubor C:\Program Files (x86)\trend micro\Martina.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zq6zG2t&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73 ... Zq6zG2t&q={searchTerms}
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

skalda88 · #5 Příspěvek od **skalda88** » 09 led 2016 05:24

provedeno. reklamy se již neobjevují....
takže je to vše? Pokud ano mnohokrát díky! přeji hezký den a můžete

#6 Příspěvek od **Rudy** » 09 led 2016 12:23

Ode mne je to vše. Nemáte zač!

VIRY.CZ

prosím o pomoc

prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc

Re: prosím o pomoc