VIRY.CZ

Dobry den,

ve firefoxu a IE se mi oteviraji nahodne nechtene stranky s reklamama.
Zkousel jsem nektere programy na odstraneni malware, ale bohuzel nepomohlo.

Prikladam log z RSIT, prosim mrknete se na nej, moc dekuji.

M.

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

prikladam log z Adwcleaneru, jestli jsem to dobre pochopil, tak problem byl samotny Spyhunter ktery jsem stahnul asi z ulozto a byl uz infikovany?

Pokud to jde, vkládejte logy přimo do fóra. Dejte nový log RSIT.

vkladam novy RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by pocitac at 2017-11-07 22:30:02
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 86 GB (55%) free of 157 GB
Total RAM: 2559 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:35, on 7.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\CtHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\NOTEPAD.EXE
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\pocitac\Downloads\RSIT(1).exe
C:\Program Files\trend micro\pocitac.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://accesswebunlimited.com/wpad.dat? ... 7735984287
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1957499592-743838051-792565591-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1957499592-743838051-792565591-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD2F6237-702B-426B-9799-0A46C6A66F42}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

--
End of file - 6072 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-24 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-07 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-24 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\Windows\system32\CTHELPER.EXE [2007-04-09 19456]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2007-04-09 19968]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-07 253344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-09-05 587288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-07 22:29:56 ----D---- C:\ProgramData\SWCUTemp
2017-11-07 21:28:02 ----D---- C:\Program Files\trend micro
2017-11-07 21:28:01 ----D---- C:\rsit
2017-11-05 18:42:42 ----D---- C:\Users\pocitac\AppData\Roaming\OpenOffice
2017-11-05 18:40:03 ----D---- C:\Program Files\OpenOffice 4
2017-11-03 23:10:00 ----D---- C:\Program Files\Common Files\Adobe
2017-11-03 23:10:00 ----D---- C:\Program Files\Adobe
2017-11-03 23:09:12 ----D---- C:\ProgramData\Adobe
2017-10-24 21:21:38 ----D---- C:\Program Files\Common Files\Java
2017-10-22 21:23:13 ----D---- C:\AdwCleaner
2017-10-17 22:28:12 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-10-17 22:27:53 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-10-17 22:27:45 ----D---- C:\ProgramData\Malwarebytes
2017-10-17 22:27:45 ----D---- C:\Program Files\Malwarebytes
2017-10-16 20:02:47 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-15 18:53:15 ----A---- C:\Windows\system32\mshtml.dll
2017-10-15 18:53:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\wininet.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\jscript9.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\iertutil.dll
2017-10-15 18:53:12 ----A---- C:\Windows\system32\win32k.sys
2017-10-15 18:53:12 ----A---- C:\Windows\system32\urlmon.dll
2017-10-15 18:53:12 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\vbscript.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\tquery.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\Query.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\jscript.dll
2017-10-15 18:53:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-15 18:53:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-10-15 18:53:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-15 18:53:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\msexcl40.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\mf.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\t2embed.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\msctf.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\gdi32.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlansec.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\webcheck.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\themeui.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\ntdll.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\mswstr10.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-15 18:53:06 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\smss.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\msjint40.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mfps.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\icaapi.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-15 18:53:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-15 18:53:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\occache.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\mssvp.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\mssrch.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\msrating.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\kerberos.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\ieui.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\advapi32.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\wdigest.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\sspicli.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\srcore.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\srclient.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\schannel.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\secur32.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\rstrui.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssph.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\lsass.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\inseng.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\iesetup.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\iernonce.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-15 18:53:04 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-15 18:53:04 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\credssp.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\appidapi.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msshooks.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msobjs.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msaudite.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\mferror.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\auditpol.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\adtschema.dll
2017-10-08 22:29:17 ----A---- C:\Windows\system32\Stats.ini

======List of files/folders modified in the last 1 month======

2017-11-07 22:29:56 ----HD---- C:\ProgramData
2017-11-07 22:29:54 ----D---- C:\Windows\Temp
2017-11-07 22:12:16 ----D---- C:\Windows\System32
2017-11-07 22:12:16 ----D---- C:\Windows\inf
2017-11-07 22:12:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-07 22:11:44 ----D---- C:\Users\pocitac\AppData\Roaming\Seznam.cz
2017-11-07 22:06:47 ----D---- C:\Windows\system32\drivers
2017-11-07 22:05:24 ----D---- C:\Windows\system32\config
2017-11-07 22:04:57 ----D---- C:\Windows\Tasks
2017-11-07 21:46:17 ----D---- C:\Windows\Prefetch
2017-11-07 21:28:02 ----RD---- C:\Program Files
2017-11-07 19:58:06 ----D---- C:\Windows\system32\Tasks
2017-11-06 22:25:12 ----D---- C:\Stazene soubory
2017-11-05 18:41:37 ----SHD---- C:\System Volume Information
2017-11-05 18:40:55 ----SHD---- C:\Windows\Installer
2017-11-05 18:40:51 ----RSD---- C:\Windows\assembly
2017-11-05 18:40:15 ----RSD---- C:\Windows\Fonts
2017-11-05 18:38:41 ----D---- C:\Windows\winsxs
2017-11-03 23:42:48 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2017-11-03 23:11:13 ----SD---- C:\Users\pocitac\AppData\Roaming\Microsoft
2017-11-03 23:11:13 ----D---- C:\Users\pocitac\AppData\Roaming\Adobe
2017-11-03 23:10:00 ----D---- C:\Program Files\Common Files
2017-10-24 21:22:28 ----D---- C:\ProgramData\Oracle
2017-10-24 21:22:17 ----D---- C:\Program Files\Java
2017-10-24 21:20:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2017-10-18 15:15:54 ----D---- C:\Windows\rescache
2017-10-17 22:50:11 ----D---- C:\ProgramData\Nero
2017-10-17 22:28:00 ----D---- C:\Windows
2017-10-17 19:31:09 ----D---- C:\Windows\Microsoft.NET
2017-10-17 19:19:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-10-16 20:42:15 ----D---- C:\Windows\system32\migration
2017-10-16 20:42:15 ----D---- C:\Windows\system32\cs-CZ
2017-10-16 20:42:15 ----D---- C:\Program Files\Internet Explorer
2017-10-16 20:42:14 ----D---- C:\Windows\system32\en-US
2017-10-16 20:18:33 ----D---- C:\Windows\system32\MRT
2017-10-16 20:02:09 ----AC---- C:\Windows\system32\MRT.exe
2017-10-15 21:21:09 ----D---- C:\ProgramData\AVAST Software
2017-10-15 18:51:11 ----D---- C:\Windows\system32\catroot2
2017-10-08 22:30:10 ----D---- C:\ProgramData\Norton
2017-10-08 22:30:09 ----D---- C:\Program Files\Norton Security
2017-10-08 22:24:42 ----D---- C:\Program Files\Nero

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-10-07 157416]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-10-07 276736]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-10-07 50384]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-10-07 70864]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-10-07 297840]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-10-07 255624]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-10-07 99560]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-10-26 783648]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-10-07 499560]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-19 388096]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-10-07 124952]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-10-07 149824]
R3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-18 98600]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 520488]
R3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-12 546048]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 14632]
R3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-12 560384]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 157480]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 92968]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 163112]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-11-07 221112]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 126760]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2010-03-23 1812512]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-10-07 42856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 511272]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 esgiguard;esgiguard; \??\C:\Users\pocitac\Desktop\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI]\esgiguard.sys [2011-03-02 13088]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 NAVENG;NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.3.14\Definitions\SDSDefs\20170805.001\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.3.14\Definitions\SDSDefs\20170805.001\NAVEX15.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-20 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-07 281416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 633672]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2015-02-18 1258312]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-10-07 5828816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-16 174032]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

prikladam novy RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by pocitac at 2017-11-07 22:50:33
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 87 GB (55%) free of 157 GB
Total RAM: 2559 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:51:09, on 7.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\notepad.exe
C:\Windows\System32\CtHelper.exe
C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\NOTEPAD.EXE
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://accesswebunlimited.com/wpad.dat? ... 7735984287
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1957499592-743838051-792565591-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1957499592-743838051-792565591-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD2F6237-702B-426B-9799-0A46C6A66F42}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

--
End of file - 6067 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-24 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-07 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-24 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\Windows\system32\CTHELPER.EXE [2007-04-09 19456]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2007-04-09 19968]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-07 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-07 22:48:13 ----D---- C:\ProgramData\SWCUTemp
2017-11-07 22:47:26 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-11-07 22:42:39 ----D---- C:\_OTM
2017-11-07 21:28:02 ----D---- C:\Program Files\trend micro
2017-11-07 21:28:01 ----D---- C:\rsit
2017-11-05 18:42:42 ----D---- C:\Users\pocitac\AppData\Roaming\OpenOffice
2017-11-05 18:40:03 ----D---- C:\Program Files\OpenOffice 4
2017-11-03 23:10:00 ----D---- C:\Program Files\Common Files\Adobe
2017-11-03 23:10:00 ----D---- C:\Program Files\Adobe
2017-11-03 23:09:12 ----D---- C:\ProgramData\Adobe
2017-10-24 21:21:38 ----D---- C:\Program Files\Common Files\Java
2017-10-22 21:23:13 ----D---- C:\AdwCleaner
2017-10-17 22:27:53 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-10-17 22:27:45 ----D---- C:\ProgramData\Malwarebytes
2017-10-17 22:27:45 ----D---- C:\Program Files\Malwarebytes
2017-10-16 20:02:47 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-15 18:53:15 ----A---- C:\Windows\system32\mshtml.dll
2017-10-15 18:53:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\wininet.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\jscript9.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\iertutil.dll
2017-10-15 18:53:12 ----A---- C:\Windows\system32\win32k.sys
2017-10-15 18:53:12 ----A---- C:\Windows\system32\urlmon.dll
2017-10-15 18:53:12 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\vbscript.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\tquery.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\Query.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\jscript.dll
2017-10-15 18:53:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-15 18:53:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-10-15 18:53:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-15 18:53:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\msexcl40.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\mf.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\t2embed.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\msctf.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\gdi32.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlansec.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\webcheck.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\themeui.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\ntdll.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\mswstr10.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-15 18:53:06 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\smss.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\msjint40.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mfps.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\icaapi.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-15 18:53:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-15 18:53:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\occache.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\mssvp.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\mssrch.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\msrating.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\kerberos.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\ieui.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\advapi32.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\wdigest.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\sspicli.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\srcore.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\srclient.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\schannel.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\secur32.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\rstrui.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssph.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\lsass.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\inseng.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\iesetup.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\iernonce.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-15 18:53:04 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-15 18:53:04 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\credssp.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\appidapi.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msshooks.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msobjs.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msaudite.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\mferror.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\auditpol.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\adtschema.dll
2017-10-08 22:29:17 ----A---- C:\Windows\system32\Stats.ini

======List of files/folders modified in the last 1 month======

2017-11-07 22:48:13 ----HD---- C:\ProgramData
2017-11-07 22:48:03 ----D---- C:\Windows\Temp
2017-11-07 22:47:32 ----SD---- C:\Windows\system32\Microsoft
2017-11-07 22:47:26 ----D---- C:\Windows\system32\drivers
2017-11-07 22:46:14 ----D---- C:\Windows\system32\config
2017-11-07 22:12:16 ----D---- C:\Windows\System32
2017-11-07 22:12:16 ----D---- C:\Windows\inf
2017-11-07 22:12:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-07 22:11:44 ----D---- C:\Users\pocitac\AppData\Roaming\Seznam.cz
2017-11-07 22:04:57 ----D---- C:\Windows\Tasks
2017-11-07 21:46:17 ----D---- C:\Windows\Prefetch
2017-11-07 21:28:02 ----RD---- C:\Program Files
2017-11-07 19:58:06 ----D---- C:\Windows\system32\Tasks
2017-11-06 22:25:12 ----D---- C:\Stazene soubory
2017-11-05 18:41:37 ----SHD---- C:\System Volume Information
2017-11-05 18:40:55 ----SHD---- C:\Windows\Installer
2017-11-05 18:40:51 ----RSD---- C:\Windows\assembly
2017-11-05 18:40:15 ----RSD---- C:\Windows\Fonts
2017-11-05 18:38:41 ----D---- C:\Windows\winsxs
2017-11-03 23:42:48 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2017-11-03 23:11:13 ----SD---- C:\Users\pocitac\AppData\Roaming\Microsoft
2017-11-03 23:11:13 ----D---- C:\Users\pocitac\AppData\Roaming\Adobe
2017-11-03 23:10:00 ----D---- C:\Program Files\Common Files
2017-10-24 21:22:28 ----D---- C:\ProgramData\Oracle
2017-10-24 21:22:17 ----D---- C:\Program Files\Java
2017-10-24 21:20:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2017-10-18 15:15:54 ----D---- C:\Windows\rescache
2017-10-17 22:50:11 ----D---- C:\ProgramData\Nero
2017-10-17 22:28:00 ----D---- C:\Windows
2017-10-17 19:31:09 ----D---- C:\Windows\Microsoft.NET
2017-10-17 19:19:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-10-16 20:42:15 ----D---- C:\Windows\system32\migration
2017-10-16 20:42:15 ----D---- C:\Windows\system32\cs-CZ
2017-10-16 20:42:15 ----D---- C:\Program Files\Internet Explorer
2017-10-16 20:42:14 ----D---- C:\Windows\system32\en-US
2017-10-16 20:18:33 ----D---- C:\Windows\system32\MRT
2017-10-16 20:02:09 ----AC---- C:\Windows\system32\MRT.exe
2017-10-15 21:21:09 ----D---- C:\ProgramData\AVAST Software
2017-10-15 18:51:11 ----D---- C:\Windows\system32\catroot2
2017-10-08 22:30:10 ----D---- C:\ProgramData\Norton
2017-10-08 22:30:09 ----D---- C:\Program Files\Norton Security
2017-10-08 22:24:42 ----D---- C:\Program Files\Nero

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-10-07 157416]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-10-07 276736]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-10-07 50384]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-10-07 70864]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-10-07 297840]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-10-07 255624]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-10-07 99560]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-10-26 783648]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-10-07 499560]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-19 388096]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-10-07 124952]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-10-07 149824]
R3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-18 98600]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 520488]
R3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-12 546048]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 14632]
R3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-12 560384]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 157480]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 92968]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 163112]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-11-07 221112]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 126760]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2010-03-23 1812512]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-10-07 42856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 511272]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 esgiguard;esgiguard; \??\C:\Users\pocitac\Desktop\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI]\esgiguard.sys [2011-03-02 13088]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 NAVENG;NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.3.14\Definitions\SDSDefs\20170805.001\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.3.14\Definitions\SDSDefs\20170805.001\NAVEX15.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-20 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-07 281416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 633672]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2015-02-18 1258312]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-10-07 5828816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-16 174032]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Smazáno. Nastala nějaká změna?

ted jsem to zkousel, vse vypadalo nadejne, ale bohuzel po chvili jse se chtel podivat na idnes.cz a misto toho me presmerovalo na http://warn.recursive.dnsbycomodo.com/? ... annels.com

pro jistotu jeste prikladam aktualni RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by pocitac at 2017-11-08 20:30:07
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 87 GB (55%) free of 157 GB
Total RAM: 2559 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:15, on 8.11.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\CtHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\pocitac\Desktop\RSIT.exe
C:\Program Files\trend micro\pocitac.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://accesswebunlimited.com/wpad.dat? ... 7735984287
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1957499592-743838051-792565591-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1957499592-743838051-792565591-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD2F6237-702B-426B-9799-0A46C6A66F42}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{5BF04BFC-F9DE-4AB2-B7F5-281BD09B188C}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

--
End of file - 5831 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-24 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-07 820672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-24 187968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\Windows\system32\CTHELPER.EXE [2007-04-09 19456]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2007-04-09 19968]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-10-07 253344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\pocitac\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\pocitac\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-07 22:47:26 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-11-07 22:42:39 ----D---- C:\_OTM
2017-11-07 21:28:02 ----D---- C:\Program Files\trend micro
2017-11-07 21:28:01 ----D---- C:\rsit
2017-11-05 18:42:42 ----D---- C:\Users\pocitac\AppData\Roaming\OpenOffice
2017-11-05 18:40:03 ----D---- C:\Program Files\OpenOffice 4
2017-11-03 23:10:00 ----D---- C:\Program Files\Common Files\Adobe
2017-11-03 23:10:00 ----D---- C:\Program Files\Adobe
2017-11-03 23:09:12 ----D---- C:\ProgramData\Adobe
2017-10-24 21:21:38 ----D---- C:\Program Files\Common Files\Java
2017-10-22 21:23:13 ----D---- C:\AdwCleaner
2017-10-17 22:27:53 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-10-17 22:27:45 ----D---- C:\ProgramData\Malwarebytes
2017-10-17 22:27:45 ----D---- C:\Program Files\Malwarebytes
2017-10-16 20:02:47 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-15 18:53:15 ----A---- C:\Windows\system32\mshtml.dll
2017-10-15 18:53:14 ----A---- C:\Windows\system32\ieframe.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\wininet.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\jscript9.dll
2017-10-15 18:53:13 ----A---- C:\Windows\system32\iertutil.dll
2017-10-15 18:53:12 ----A---- C:\Windows\system32\win32k.sys
2017-10-15 18:53:12 ----A---- C:\Windows\system32\urlmon.dll
2017-10-15 18:53:12 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\vbscript.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\tquery.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\Query.dll
2017-10-15 18:53:11 ----A---- C:\Windows\system32\jscript.dll
2017-10-15 18:53:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-15 18:53:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-10-15 18:53:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-15 18:53:09 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\msexcl40.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\mf.dll
2017-10-15 18:53:09 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\t2embed.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\msctf.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\gdi32.dll
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-15 18:53:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlansec.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\webcheck.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\themeui.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\ntdll.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\mswstr10.dll
2017-10-15 18:53:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-15 18:53:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-15 18:53:06 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\smss.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\msjint40.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mfps.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-15 18:53:06 ----A---- C:\Windows\system32\icaapi.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-15 18:53:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-15 18:53:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-15 18:53:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\occache.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\mssvp.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\mssrch.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\msrating.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\kerberos.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\ieui.dll
2017-10-15 18:53:05 ----A---- C:\Windows\system32\advapi32.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\wdigest.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\sspicli.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\srcore.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\srclient.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\schannel.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\secur32.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\rstrui.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssph.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\lsass.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\inseng.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\iesetup.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\iernonce.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-15 18:53:04 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-15 18:53:04 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-15 18:53:04 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\credssp.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\appidapi.dll
2017-10-15 18:53:04 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msshooks.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msobjs.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\msaudite.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\mferror.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-15 18:53:03 ----A---- C:\Windows\system32\auditpol.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-15 18:53:03 ----A---- C:\Windows\system32\adtschema.dll

======List of files/folders modified in the last 1 month======

2017-11-08 20:28:30 ----D---- C:\Windows\System32
2017-11-08 20:28:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-08 20:28:29 ----D---- C:\Windows\inf
2017-11-08 20:27:29 ----D---- C:\Users\pocitac\AppData\Roaming\Seznam.cz
2017-11-08 20:25:26 ----D---- C:\Windows\system32\config
2017-11-08 20:22:32 ----D---- C:\Windows\Temp
2017-11-08 20:22:32 ----D---- C:\Windows\system32\drivers
2017-11-07 23:05:45 ----HD---- C:\ProgramData
2017-11-07 22:47:32 ----SD---- C:\Windows\system32\Microsoft
2017-11-07 22:04:57 ----D---- C:\Windows\Tasks
2017-11-07 21:46:17 ----D---- C:\Windows\Prefetch
2017-11-07 21:28:02 ----RD---- C:\Program Files
2017-11-07 19:58:06 ----D---- C:\Windows\system32\Tasks
2017-11-06 22:25:12 ----D---- C:\Stazene soubory
2017-11-05 18:41:37 ----SHD---- C:\System Volume Information
2017-11-05 18:40:55 ----SHD---- C:\Windows\Installer
2017-11-05 18:40:51 ----RSD---- C:\Windows\assembly
2017-11-05 18:40:15 ----RSD---- C:\Windows\Fonts
2017-11-05 18:38:41 ----D---- C:\Windows\winsxs
2017-11-03 23:42:48 ----D---- C:\Users\pocitac\AppData\Roaming\vlc
2017-11-03 23:11:13 ----SD---- C:\Users\pocitac\AppData\Roaming\Microsoft
2017-11-03 23:11:13 ----D---- C:\Users\pocitac\AppData\Roaming\Adobe
2017-11-03 23:10:00 ----D---- C:\Program Files\Common Files
2017-10-24 21:22:28 ----D---- C:\ProgramData\Oracle
2017-10-24 21:22:17 ----D---- C:\Program Files\Java
2017-10-24 21:20:45 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2017-10-18 15:15:54 ----D---- C:\Windows\rescache
2017-10-17 22:50:11 ----D---- C:\ProgramData\Nero
2017-10-17 22:28:00 ----D---- C:\Windows
2017-10-17 19:31:09 ----D---- C:\Windows\Microsoft.NET
2017-10-17 19:19:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-10-16 20:42:15 ----D---- C:\Windows\system32\migration
2017-10-16 20:42:15 ----D---- C:\Windows\system32\cs-CZ
2017-10-16 20:42:15 ----D---- C:\Program Files\Internet Explorer
2017-10-16 20:42:14 ----D---- C:\Windows\system32\en-US
2017-10-16 20:18:33 ----D---- C:\Windows\system32\MRT
2017-10-16 20:02:09 ----AC---- C:\Windows\system32\MRT.exe
2017-10-15 21:21:09 ----D---- C:\ProgramData\AVAST Software
2017-10-15 18:51:11 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2017-10-07 157416]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2017-10-07 276736]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2017-10-07 50384]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-10-07 70864]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-10-07 297840]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2017-10-07 255624]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-10-07 99560]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-10-26 783648]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-10-07 499560]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-19 388096]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-10-07 124952]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-10-07 149824]
R3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-18 98600]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 520488]
R3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-12 546048]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 14632]
R3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-12 560384]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 157480]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 92968]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 797992]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 163112]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-11-08 221112]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 126760]
R3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver; C:\Windows\system32\DRIVERS\RTL85n86.sys [2010-03-23 1812512]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-10-07 42856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 511272]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2007-04-10 347128]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-12 94976]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 esgiguard;esgiguard; \??\C:\Users\pocitac\Desktop\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI]\esgiguard.sys [2011-03-02 13088]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 189736]
S3 NAVENG;NAVENG; \??\C:\Program Files\Norton Security\NortonData\22.9.3.14\Definitions\SDSDefs\20170805.001\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton Security\NortonData\22.9.3.14\Definitions\SDSDefs\20170805.001\NAVEX15.SYS []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-20 83032]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-10-07 281416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-07 4430792]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-01-31 633672]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2015-02-18 1258312]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-10-07 5828816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-10-16 174032]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Spusťte ještě postupně tyto utility:


1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

bohuzel mi nesel stahnout Junkware removal tool, objevi se pouze stranka se zobrazenim "pageok".
prikladam zoek results log:


Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by pocitac on st 08.11.2017 at 22:07:43,54.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\pocitac\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.11.2017 22:10:47 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== FireFox Fix ======================

Deleted from C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\zt1zn4ry.default\prefs.js:

Added to C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\zt1zn4ry.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\zt1zn4ry.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\zt1zn4ry.default
- Undetermined - %ProfilePath%\extensions\sko-extension@firma.seznam.cz
- Undetermined - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

==== Firefox Plugins ======================

Profilepath: C:\Users\pocitac\AppData\Roaming\Mozilla\Firefox\Profiles\zt1zn4ry.default
CD656126C7A56461A4A57BE0BC1FE0DA - C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - Adobe Acrobat
B7CA365E7F1BECCE849FF6D390F16DCE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
F807716F6A899CDA4036C8612C4D529A - C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U151
BFB8123460850729B6BA2E926E6677E3 - C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.1510.12


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{0C47ADE9-4DDA-4B66-A619-0797828C657A} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{0E843894-7CCB-4F0D-A5AF-1E0542D12986} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{1066F360-5DE4-427D-8219-FEF203065C89} - http://search.seznam.cz/?q={searchTerms ... arch_12454
HKCU\SearchScopes\{11503DE1-6892-4A40-AC06-FB28A733ED23} - http://www.mapy.cz/?query={searchTerms} ... arch_12454
HKCU\SearchScopes\{3B2CD219-1674-4D75-A4DF-163D53921CF6} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
HKCU\SearchScopes\{3BCAE867-AD8E-41C2-9985-F617CDB088CC} - http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
HKCU\SearchScopes\{9AB713A3-B7E8-42B0-800F-6B6EBE16AE4E} - http://www.novinky.cz/hledej?w={searchT ... arch_12454
HKCU\SearchScopes\{B51E3643-176B-4BCA-A8ED-2F128B120BB2} - http://encyklopedie.seznam.cz/search?q= ... arch_12454
HKCU\SearchScopes\{FB90063F-D44C-4554-8581-D96540CA7C2B} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Users\pocitac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\pocitac\AppData\Local\Mozilla\Firefox\Profiles\zt1zn4ry.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\pocitac\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\pocitac\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 08.11.2017 at 22:14:08,31 ======================

Tady bylo něco smazáno. Zkuste JRT stáhnout z http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/ .

Diky, prikladam log z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x86
Ran by pocitac (Administrator) on źt 09.11.2017 at 21:09:10,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 8

Successfully deleted: C:\Users\pocitac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99ATP59A (Temporary Internet Files Folder)
Successfully deleted: C:\Users\pocitac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UMK0Z99C (Temporary Internet Files Folder)
Successfully deleted: C:\Users\pocitac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WD9N7PSG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\pocitac\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGBQ4S4R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99ATP59A (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UMK0Z99C (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WD9N7PSG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGBQ4S4R (Temporary Internet Files Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1066F360-5DE4-427D-8219-FEF203065C89} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 09.11.2017 at 21:11:43,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OK. Změnilo se něco k lepšímu?

po poslednich akcich se mozna omezila frekvence oteviranych "reklam", ale uplne problem nezmizel, ted me napriklad presmerovalo na stranku s reklamou na nejakou online hru (https://om.elvenar.com/ox/cz/?ref=ad4_c ... 938.471151)....