VIRY.CZ

Dobrý den,

neustále mi při prohlížení internetu vyskakují různá reklamní okna, mám Avast, Spy Bot ale ani jeden program nic nenasel. Posílám log s RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by oem at 2017-03-09 09:28:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 372 GB (82%) free of 453 GB
Total RAM: 3990 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:28:40, on 9.3.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\oem.NTBSAM\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\oem.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdvancedMonitoringSysTray] "C:\PROGRA~2\ADVANC~1\systray\Launcher.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: ExpressCache - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: FF Install Filter Service (InstallFilterService) - Unknown owner - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11222 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2013-03-21 330160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-08 771816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-22 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2013-03-21 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-22 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"AdvancedMonitoringSysTray"=C:\PROGRA~2\ADVANC~1\systray\Launcher.exe []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-03-08 205512]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2017-03-09 09:28:36 ----D---- C:\rsit
2017-03-09 09:28:36 ----D---- C:\Program Files (x86)\trend micro
2017-03-09 09:28:30 ----D---- C:\ProgramData\SWCUTemp
2017-03-08 22:39:15 ----A---- C:\windows\SysWOW64\wksprtPS.dll
2017-03-08 22:39:15 ----A---- C:\windows\SysWOW64\tsgqec.dll
2017-03-08 22:39:15 ----A---- C:\windows\SysWOW64\mstscax.dll
2017-03-08 22:39:15 ----A---- C:\windows\SysWOW64\mstsc.exe
2017-03-08 22:39:15 ----A---- C:\windows\SysWOW64\MsRdpWebAccess.dll
2017-03-08 22:39:14 ----A---- C:\windows\SysWOW64\rdvidcrl.dll
2017-03-08 22:37:24 ----A---- C:\windows\SysWOW64\rdpendp_winip.dll
2017-03-08 22:33:43 ----A---- C:\windows\SysWOW64\KBDAZEL.DLL
2017-03-08 22:33:43 ----A---- C:\windows\SysWOW64\KBDAZE.DLL
2017-03-08 22:33:42 ----A---- C:\windows\SysWOW64\kbdgeoqw.dll
2017-02-23 13:54:04 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-02-23 13:54:00 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-02-22 14:35:31 ----SHD---- C:\Config.Msi
2017-02-22 09:58:24 ----D---- C:\ProgramData\Google
2017-02-22 09:49:28 ----D---- C:\Users\oem.NTBSAM\AppData\Roaming\AVAST Software
2017-02-22 09:49:01 ----D---- C:\Program Files (x86)\Common Files\AV
2017-02-22 09:43:43 ----D---- C:\ProgramData\AVAST Software

======List of files/folders modified in the last 1 month======

2017-03-09 09:28:36 ----D---- C:\Program Files (x86)
2017-03-09 09:28:30 ----HD---- C:\ProgramData
2017-03-09 09:26:40 ----D---- C:\windows\Temp
2017-03-09 09:25:56 ----D---- C:\windows\winsxs
2017-03-09 09:16:46 ----D---- C:\windows\System32
2017-03-09 09:12:38 ----A---- C:\windows\SysWOW64\log.txt
2017-03-08 22:41:04 ----D---- C:\windows\SysWOW64\wbem
2017-03-08 22:41:04 ----D---- C:\windows\SysWOW64\cs-CZ
2017-03-08 22:41:04 ----D---- C:\windows\SysWOW64
2017-03-08 22:41:03 ----RSD---- C:\windows\Fonts
2017-03-08 22:41:03 ----D---- C:\windows\SysWOW64\en-US
2017-03-08 22:41:03 ----D---- C:\windows\PolicyDefinitions
2017-03-08 22:41:02 ----D---- C:\windows\AppPatch
2017-03-08 22:41:01 ----D---- C:\windows\inf
2017-03-08 22:34:22 ----SHD---- C:\System Volume Information
2017-03-08 09:26:36 ----SD---- C:\Users\oem.NTBSAM\AppData\Roaming\Microsoft
2017-03-06 16:36:07 ----D---- C:\Users\oem.NTBSAM\AppData\Roaming\vlc
2017-03-01 10:54:43 ----D---- C:\windows\Microsoft.NET
2017-02-23 17:17:48 ----SHD---- C:\windows\Installer
2017-02-23 13:54:12 ----SD---- C:\ProgramData\Microsoft
2017-02-22 09:58:35 ----RD---- C:\Program Files
2017-02-22 09:58:35 ----D---- C:\Program Files (x86)\Google
2017-02-22 09:53:25 ----D---- C:\windows\debug
2017-02-22 09:49:13 ----D---- C:\windows\Prefetch
2017-02-22 09:49:01 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\windows\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys []
R0 excsd;ExpressCache Storage Filter Driver; C:\windows\system32\DRIVERS\excsd.sys []
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []
R0 stdflt;Disk Filter Driver for Accelerometer; C:\windows\system32\DRIVERS\stdflt.sys []
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys []
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys []
R1 excfs;ExpressCache File System Filter Driver; C:\windows\system32\DRIVERS\excfs.sys []
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys []
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys []
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys []
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys []
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\windows\system32\DRIVERS\AMPPAL.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\windows\system32\DRIVERS\asmtxhci.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys []
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys []
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys []
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys []
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys []
R3 irstrtdv;Intel(R) Rapid Start Technology Driver; C:\windows\system32\DRIVERS\irstrtdv.sys []
R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys []
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\windows\system32\DRIVERS\amppal.sys []
S3 aswHwid;aswHwid; C:\windows\system32\drivers\aswHwid.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys []
S3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys []
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys []
S3 RimUsb;zařízení BlackBerry Smartphone; C:\windows\System32\Drivers\RimUsb_AMD64.sys []
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []
S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe []
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-15 1166848]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-03-08 262736]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-10-18 1001808]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2011-03-01 21504]
R2 InstallFilterService;FF Install Filter Service; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2010-12-17 60928]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\SysWOW64\irstrtsv.exe [2011-07-06 184320]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-08-09 325912]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2011-03-01 21504]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2011-03-01 21504]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-09-15 844560]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2016-09-21 4088608]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2016-11-24 235984]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-08-09 2656536]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-03-08 7147320]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-10-18 936272]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-11-29 125112]
S2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-09-15 1518352]
S2 ExpressCache;ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2011-09-23 79664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-21 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2011-03-01 21504]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-10-18 1354064]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2017-02-22 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe /V []
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-15 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2011-03-01 21504]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2011-03-01 21504]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2011-03-01 21504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-11-29 51384]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2011-03-01 21504]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-11-29 135848]

Moc děkuju za pomoc

Zdravim

Spybota odinstalujte, je zastaraly a k nicemu

Reklamy vyskakuji ve vsech prohlizecich?

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Děkuji za rychlou odpověď. Okna mi vyskakují jen v Google Chrome.

Udělal jsem co jste řekl a vypadl mi tento log:

# AdwCleaner v6.044 - Log vytvořen 09/03/2017 v 13:20:51
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-03-09.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : oem - NTBSAM
# Spuštěno z : C:\Users\oem.NTBSAM\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****

[-] Složka smazána: C:\Users\oem.NTBSAM\AppData\Local\PackageAware


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.akcniceny.cz


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2631 Bajty] - [09/03/2017 13:20:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [2972 Bajty] - [09/03/2017 13:18:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2777 Bajty] ##########

Děkuji moc za pomoc!

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce