VIRY.CZ

Zdravím, vypíná se mi antivir, mozila přestala fungovat.
Prosím o kontrolu logu. (Addition.zip v příloze, je .txt nemá tu na PC žádný komprimační nástroj.)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
Ran by Sokol (administrator) on SOKOL-PC (17-02-2016 10:28:06)
Running from C:\Users\Sokol\Desktop
Loaded Profiles: Sokol (Available Profiles: Sokol)
Platform: Microsoft® Windows Vista™ Ultimate (X86) Language: Čeština (Česká republika)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Monet+, a.s.) C:\Windows\System32\xmesrv.exe
(Microsoft Corporation) C:\Windows\System32\wercon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ieuser.exe
(forum.viry.cz) C:\Users\Sokol\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2013-01-10] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-11] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-11] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Windows\system32\napinsp.dll [50176 2006-11-02] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EFC70F15-4621-4A70-A018-6BFF71EEDE7C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-11] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Sokol\AppData\Roaming\Mozilla\Firefox\Profiles\wu9lwtm8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-11] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3256442033-3976859429-1304900942-1001: @servis24.cz/PKIComponent -> C:\Users\Sokol\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2015-02-16] (Česká spořitelna, a.s.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-02-14] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-31]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.109\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Disk Google) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-17]
CHR Extension: (YouTube) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-17]
CHR Extension: (Komponenta pro aplikaci SERVIS 24) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gincjcoomijeeoddomaaimknmflggfnb [2015-05-05]
CHR Extension: (Avast Online Security) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-16]
CHR Extension: (Gmail) - C:\Users\Sokol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-11] (AVAST Software)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2013-01-10] (Microsoft Corporation)
R2 xmengine service; C:\Windows\system32\xmesrv.exe [34696 2013-12-10] (Monet+, a.s.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-12-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812208 2016-01-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449384 2016-01-21] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [165104 2015-12-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [58016 2015-12-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-11] (AVAST Software)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [183912 2006-11-02] (Společnost Microsoft)
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [89600 2009-08-10] (Gemalto)
S3 GEMPC430; C:\Windows\System32\Drivers\gemusb.sys [53568 2001-12-04] (Gemplus)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1060920 2013-01-10] (Společnost Microsoft)
R2 SF1CLPT; C:\Windows\system32\SF1CLPT.SYS [54488 2008-01-17] (Sharp Corporation) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-17 10:28 - 2016-02-17 10:28 - 00010187 _____ C:\Users\Sokol\Desktop\FRST.txt
2016-02-17 10:28 - 2016-02-17 10:28 - 00000000 ____D C:\FRST
2016-02-17 10:26 - 2016-02-17 10:26 - 00112640 _____ (forum.viry.cz) C:\Users\Sokol\Desktop\FRSTLauncher.exe
2016-02-17 10:25 - 2016-02-17 10:25 - 00112640 _____ (forum.viry.cz) C:\Users\Sokol\Downloads\Nepotvrzeno 507592.crdownload
2016-02-17 10:24 - 2016-02-17 10:24 - 00112640 _____ (forum.viry.cz) C:\Users\Sokol\Downloads\Nepotvrzeno 383981.crdownload
2016-02-17 10:23 - 2016-02-17 10:24 - 01721344 _____ (Farbar) C:\Users\Sokol\Desktop\FRST.exe
2016-02-17 10:08 - 2016-02-17 10:09 - 06828320 _____ (Piriform Ltd) C:\Users\Sokol\Downloads\ccsetup514.exe
2016-02-17 10:05 - 2016-02-17 10:08 - 42845584 _____ C:\Users\Sokol\Downloads\Firefox_Setup_44.0.exe
2016-02-17 09:00 - 2016-02-17 09:00 - 00000000 ____D C:\70c8c0fb686e0d9914
2016-02-12 09:58 - 2016-02-16 09:14 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-03 10:31 - 2016-02-03 12:10 - 00023094 _____ C:\Users\Sokol\Desktop\formulář - žádost dotace.odt
2016-01-29 08:42 - 2015-12-11 12:18 - 00322760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-17 10:24 - 2013-01-10 10:51 - 00000418 ____H C:\Windows\Tasks\User_Feed_Synchronization-{83C1E5A9-CDBF-4639-9C66-CDC8C548095C}.job
2016-02-17 10:14 - 2013-03-11 15:56 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-17 10:14 - 2006-11-02 14:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-17 10:14 - 2006-11-02 13:46 - 00003936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-17 10:14 - 2006-11-02 13:46 - 00003936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-17 10:13 - 2006-11-02 14:00 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-17 10:05 - 2013-03-11 15:56 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-17 09:58 - 2014-09-15 11:06 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-16 09:14 - 2013-01-10 10:36 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-12 08:33 - 2013-03-11 16:03 - 00001943 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-12 08:33 - 2013-03-11 16:03 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-11 09:58 - 2014-09-15 11:06 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-11 09:58 - 2014-09-15 11:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-01-29 08:44 - 2015-12-11 12:20 - 00001789 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-21 08:48 - 2013-03-11 15:56 - 00812208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-01-21 08:48 - 2013-01-09 16:47 - 00449384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

==================== Files in the root of some directories =======

Some files in TEMP:
====================
C:\Users\Sokol\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplgu3uz.dll
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer-4.exe
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer-5.exe
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer-6.exe
C:\Users\Sokol\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Sokol\AppData\Local\Temp\ljM1005MFP-HB-pnp-winv32-czp.exe
C:\Users\Sokol\AppData\Local\Temp\{7FABA064-7C3C-4980-9CCB-5B0FC62AC835}-47.0.2526.111_chrome_installer.exe
C:\Users\Sokol\AppData\Local\Temp\{A5FF4F39-8B8C-4BC1-9E93-E955214DA5EC}-48.0.2564.97_chrome_installer.exe
C:\Users\Sokol\AppData\Local\Temp\{DD82E3C0-BBFD-44AF-9586-7E333C6E0705}-47.0.2526.111_47.0.2526.106_chrome_updater_3stage.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{83C1E5A9-CDBF-4639-9C66-CDC8C548095C}.job => C:\Windows\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Sokol\Desktop" je 165 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Mohu ještě jednou poprosit o kontroly logů. Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sokol at 2016-02-17 14:44:39
Microsoft® Windows Vista™ Ultimate
System drive C: has 104 GB (71%) free of 147 GB
Total RAM: 1015 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:44:57, on 17.2.2016
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Users\Sokol\Desktop\FRST.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sokol\Downloads\RSIT.exe
C:\Program Files\trend micro\Sokol.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\system32\xmesrv.exe

--
End of file - 4246 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\User_Feed_Synchronization-{83C1E5A9-CDBF-4639-9C66-CDC8C548095C}.job - C:\Windows\system32\msfeedssync.exe sync

=========Mozilla firefox=========

ProfilePath - C:\Users\Sokol\AppData\Roaming\Mozilla\Firefox\Profiles\wu9lwtm8.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-11 664184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2013-01-10 1006264]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-11 7021880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2013-01-10 1232896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2016-02-17 14:44:39 ----D---- C:\rsit
2016-02-17 14:44:39 ----D---- C:\Program Files\trend micro
2016-02-17 10:28:00 ----D---- C:\FRST
2016-02-17 09:00:37 ----D---- C:\70c8c0fb686e0d9914
2016-02-12 09:58:47 ----D---- C:\Program Files\Mozilla Firefox
2016-01-29 08:42:22 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2016-02-17 14:44:54 ----D---- C:\Windows\Prefetch
2016-02-17 14:44:39 ----D---- C:\Program Files
2016-02-17 14:44:35 ----D---- C:\Windows\Temp
2016-02-17 10:28:04 ----D---- C:\Windows
2016-02-17 09:00:26 ----SHD---- C:\System Volume Information
2016-02-16 09:14:32 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-02-15 11:46:18 ----D---- C:\Windows\System32
2016-02-11 12:35:09 ----D---- C:\Windows\system32\catroot2
2016-02-11 09:58:46 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-02-04 09:05:04 ----SHD---- C:\Windows\Installer
2016-02-04 09:00:32 ----D---- C:\Windows\Tasks
2016-01-31 16:53:55 ----D---- C:\Windows\system32\drivers
2016-01-29 08:43:39 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-11 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-11 209432]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2006-11-02 121960]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-12-11 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-21 812208]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-21 449384]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-11 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-21 81168]
R2 SF1CLPT;SF1CLPT; \??\C:\Windows\system32\SF1CLPT.SYS [2008-01-17 54488]
R3 GemCCID;GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [2009-08-10 89600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-08-25 263272]
S3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-12-11 165104]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-12-11 58016]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 GEMPC430;GEMPC430; C:\Windows\System32\Drivers\gemusb.sys [2001-12-04 53568]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 USBCCID;Čtecí zařízení čipových karet USB; C:\Windows\system32\DRIVERS\usbccid.sys [2006-11-02 30208]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 xmengine service;CryptoPlus XME Engine Service; C:\Windows\system32\xmesrv.exe [2013-12-10 34696]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-11 226440]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11 269504]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [2015-12-02 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-12 146888]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

VIRY.CZ

kontrola logu - podezřelé chováni PC

kontrola logu - podezřelé chováni PC

Re: kontrola logu - podezřelé chováni PC

Re: kontrola logu - podezřelé chováni PC