Poprosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Poprosím o kontrolu logu

Příspěvekod normankott » 25 kvě 2018 00:05

Dobrý den,
PC moc nepoužívám kvůli práci v zahraničí, rodina jej používá a prý nejede jak má, zasekává se, poprosím o kontrolu logu, děkuji moc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by SWAN at 2018-05-24 23:56:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 162 GB (54%) free of 300 GB
Total RAM: 3282 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:56:45, on 24.5.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Program Files\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\Antivirus\AVGUI.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\SWAN.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kaspersky Secure Connection Service 2.0.0 (KSDE2.0.0) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9639 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVG\Antivirus\AVGSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe"
"C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe"
"C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\iTunes\iTunesHelper.exe"
AVGUI.exe /nogui

"C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\SWAN\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=66.0.3359.181 --initial-client-data=0xa0,0xa4,0xa8,0x9c,0xac,0x64920090,0x649200a0,0x649200ac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4656 --on-initialized-event-handle=376 --parent-handle=396 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=9FC1F0096ECA7BBCD8B34FA53FF58FE3 --mojo-platform-channel-handle=1200 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --service-pipe-token=D364B622202A7226E6A4879BB94CA6A2 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D364B622202A7226E6A4879BB94CA6A2 --renderer-client-id=14 --mojo-platform-channel-handle=4176 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --service-pipe-token=9A3BD3141808F657E3372084FB5C94A7 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=9A3BD3141808F657E3372084FB5C94A7 --renderer-client-id=17 --mojo-platform-channel-handle=3908 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --service-pipe-token=C7C36BB85FCF9D1B05539A226F899901 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=C7C36BB85FCF9D1B05539A226F899901 --renderer-client-id=21 --mojo-platform-channel-handle=5312 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --service-pipe-token=1E67C1737F4D616B10E21CE50AF9EE94 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=1E67C1737F4D616B10E21CE50AF9EE94 --renderer-client-id=26 --mojo-platform-channel-handle=3536 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --lang=cs --service-sandbox-type=utility --service-request-channel-token=A92228E772F323F8D0F3760B51841FE6 --mojo-platform-channel-handle=920 --ignored=" --type=renderer " /prefetch:8
"taskhost.exe"
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=renderer --disable-gpu-compositing --disable-pinch --no-sandbox --primordial-pipe-token=5196CB278F24B30CAC2E5F278C91C649 --lang=en-US --lang=en-US --log-file="C:\Users\SWAN\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (18.4.3056)" --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-webrtc-hw-vp8-encoding --disable-gpu-compositing --service-request-channel-token=5196CB278F24B30CAC2E5F278C91C649 --renderer-client-id=9 --mojo-platform-channel-handle=4304 /prefetch:1
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe" -hidden
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --service-pipe-token=D36FED8A3F14A636839ED4BE041B46A4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D36FED8A3F14A636839ED4BE041B46A4 --renderer-client-id=173 --mojo-platform-channel-handle=5980 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,15920900203867534538,8982043198498758067,131072 --service-pipe-token=C247F549F9EB01053BD506C30A8D4946 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=C247F549F9EB01053BD506C30A8D4946 --renderer-client-id=181 --mojo-platform-channel-handle=596 /prefetch:1
taskeng.exe {420B3963-6A71-4360-A1BB-15A5C6302C28}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\SWAN\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 205416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-29 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 2322576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-29 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-29 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-29 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2017-01-29 9181696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-07-14 303928]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2018-05-24 291568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\212d31243525b53c60eecb38d349bc1a]
C:\Users\SWAN\AppData\Local\Temp\conhost.exe .. []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super-Charger"=C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [2013-03-08 506864]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2018-05-24 23:56:38 ----D---- C:\rsit
2018-05-24 20:37:19 ----SHD---- C:\Config.Msi
2018-05-24 19:54:24 ----A---- C:\Windows\system32\avgBoot.exe
2018-05-04 17:36:15 ----A---- C:\Windows\system32\drivers\avgVmm.sys
2018-05-04 17:36:15 ----A---- C:\Windows\system32\drivers\avgStm.sys
2018-05-04 17:36:15 ----A---- C:\Windows\system32\drivers\avgSP.sys
2018-05-04 17:36:15 ----A---- C:\Windows\system32\drivers\avgRvrt.sys
2018-05-04 17:36:15 ----A---- C:\Windows\system32\drivers\avgMonFlt.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgSnx.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgRdr2.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgHwid.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgbuniva.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgbloga.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgbidsha.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgbidsdrivera.sys
2018-05-04 17:36:14 ----A---- C:\Windows\system32\drivers\avgArPot.sys
2018-05-04 17:36:00 ----D---- C:\Program Files\Common Files\AVG
2018-05-04 17:33:14 ----D---- C:\Program Files\AVG

======List of files/folders modified in the last 1 month======

2018-05-24 23:56:45 ----D---- C:\Windows\Prefetch
2018-05-24 23:56:42 ----D---- C:\Program Files\trend micro
2018-05-24 23:48:00 ----D---- C:\Windows\Temp
2018-05-24 22:59:55 ----D---- C:\ProgramData\Kaspersky Lab
2018-05-24 22:26:20 ----D---- C:\Program Files (x86)\UOS
2018-05-24 21:24:43 ----D---- C:\Windows
2018-05-24 21:02:02 ----D---- C:\Windows\System32
2018-05-24 21:02:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-05-24 20:57:24 ----SHD---- C:\System Volume Information
2018-05-24 20:54:51 ----D---- C:\Windows\Minidump
2018-05-24 20:54:18 ----D---- C:\Windows\system32\drivers
2018-05-24 20:42:51 ----D---- C:\Windows\system32\config
2018-05-24 20:37:45 ----SHD---- C:\Windows\Installer
2018-05-24 20:37:41 ----D---- C:\Program Files (x86)\Kaspersky Lab
2018-05-24 20:37:29 ----D---- C:\Windows\inf
2018-05-24 20:37:27 ----D---- C:\Windows\system32\catroot
2018-05-24 19:55:37 ----D---- C:\Windows\SysWOW64
2018-05-24 19:55:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-05-24 19:55:30 ----D---- C:\Windows\system32\Macromed
2018-05-24 19:55:29 ----D---- C:\Windows\SYSWOW64\Macromed
2018-05-24 19:54:43 ----D---- C:\Windows\system32\Tasks
2018-05-24 19:53:50 ----RD---- C:\Program Files (x86)
2018-05-04 18:27:07 ----D---- C:\ProgramData\AVG
2018-05-04 17:37:33 ----D---- C:\Users\SWAN\AppData\Roaming\AVG
2018-05-04 17:36:55 ----D---- C:\Program Files\CCleaner
2018-05-04 17:36:18 ----D---- C:\Windows\winsxs
2018-05-04 17:36:00 ----D---- C:\Program Files\Common Files
2018-05-04 17:33:14 ----D---- C:\Program Files
2018-05-04 15:14:22 ----D---- C:\Windows\system32\NDF
2018-05-04 14:21:27 ----D---- C:\Program Files (x86)\Audified
2018-05-04 14:17:01 ----D---- C:\ProgramData
2018-05-04 14:17:01 ----D---- C:\Program Files (x86)\Epic Games
2018-05-04 14:15:53 ----D---- C:\Program Files\Common Files\VST3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-06-30 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-06-30 43720]
R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidsha.sys [2018-05-24 192536]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgbloga.sys [2018-05-24 336848]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbuniva.sys [2018-05-24 50776]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2018-05-24 78352]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2018-05-24 373944]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avgArPot;avgArPot; C:\Windows\system32\drivers\avgArPot.sys [2018-05-24 189032]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdrivera.sys [2018-05-24 220600]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [2018-05-24 103744]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2018-05-24 1020112]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2018-05-24 452904]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-05 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-04-09 57472]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2018-05-24 151504]
R2 avgStm;avgStm; C:\Windows\system32\drivers\avgStm.sys [2018-05-24 198368]
R2 rzpnk;rzpnk; \??\C:\Windows\system32\drivers\rzpnk.sys [2014-04-25 129856]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-11-19 21516800]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-11-19 483840]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2017-01-29 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-04-03 30352]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-01-29 5523456]
R3 kltap;Kaspersky Security Data Escort Adapter; C:\Windows\system32\DRIVERS\kltap.sys [2016-06-07 52152]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2015-01-05 1547616]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2012-10-25 13368]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2017-01-29 1037832]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2013-02-26 108128]
S3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2013-02-26 228448]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys []
S3 andnetadb;ADB Interface DriverNet; C:\Windows\System32\Drivers\lgandnetadb.sys []
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2018-05-24 39352]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cmshusbser;Mobile Connector USB Device for Legacy Serial Communication IN ANDROID DEVICE; C:\Windows\system32\DRIVERS\cmshusbser.sys [2011-11-30 127232]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-01-29 129152]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ipadtst;ipadtst; \??\C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [2013-02-01 19952]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2016-12-21 23040]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 qcusbser;Gionee USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\qcusbser.sys [2015-07-22 270048]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-22 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-01-29 221824]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2016-02-26 203672]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2015-01-22 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2015-01-22 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2015-01-22 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2016-12-21 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-11-19 296448]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-06-04 361984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-04-03 83768]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2018-05-24 318328]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-11-15 1659592]
R2 KSDE2.0.0;Kaspersky Secure Connection Service 2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [2017-01-24 354672]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-02-20 161264]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [2018-05-24 7670672]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-07-14 689976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-24 272384]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-03-16 774272]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-08-31 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-09 114688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 178824]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-19 66872]
S3 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-03-19 103736]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-05 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------



Reklama
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10631
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod Orcus » 29 kvě 2018 08:58

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na tlačítko "Logfile" načež se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
- Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:

Aktualizace Malwarebytes' Anti-Malware
Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec

- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a jerabina

Pokud budete spokojeni , můžete podpořit naše fórum.

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 29 kvě 2018 23:24

V programu TFC jsem klikl na Start, poté mi PC hodil modrou smrt a psalo to něco o "Dumping physical memory to hard drive" nebo něco v tom smyslu, nevím jestli to takhle má probíhat.

EDIT:// Hlavní problém je v připojení k internetu, věčně vypadává, 3 minuty to jede a pak spadne na 20 vteřin na 0kb/s, pak se zas rozjede

V ADWcleaneru jsem nic nemazal, jen nechal vyjet log:

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-29.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-29-2018
# Duration: 00:00:31
# OS: Windows 7 Ultimate
# Scanned: 40921
# Detected: 202


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\SWAN\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\SWAN\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy C:\ProgramData\IObit\ASCDownloader
PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
PUP.Optional.Legacy C:\Program Files (x86)\myfree codec
PUP.Optional.Legacy C:\Program Files (x86)\DriverToolkit
PUP.Optional.Legacy C:\Users\SWAN\AppData\Local\DriverToolkit

***** [ Files ] *****

PUP.Optional.DriverToolkit C:\Users\SWAN\Downloads\DriverToolkitInstaller.exe

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Adware.Heuristic C:\Windows\System32\Tasks\{C2BAE604-973C-4300-B96B-A3EBE077AEB1}
PUP.Optional.Legacy C:\Windows\Tasks\DRIVERTOOLKIT AUTORUN.job
PUP.Optional.Legacy C:\Windows\System32\Tasks\DRIVERTOOLKIT AUTORUN

***** [ Registry ] *****

PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2BAE604-973C-4300-B96B-A3EBE077AEB1}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD593D21-F16D-4BAF-944F-26D5CFE78D8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9B0EE37-D3E8-4162-9C7A-3C70F5611A4}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F59866C-63E6-4A9E-B61D-6E9AD5AD2CF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F33468F2-4B21-499D-8E7F-4F6318A3461}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F178E231-FF0A-46D7-A3AC-A69BEE9766F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1675A6F-E5A-4335-958E-F65F6D1C9BDA}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE068CF2-21A-4680-A2DF-8B2AD94ACFA1}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ECB9DE21-11EA-4E70-B75-9D187C23875A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC9CC353-3916-4641-80C-FFCD4AB1374}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9C839C6-9149-493E-A514-F43C516ACBC}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5EFA9F-3762-48F2-B9BC-92711857934}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E301E684-B32-476F-AD6A-2FC98240CB2D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCB9C22-80A8-4329-A670-1EC6F44790A6}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9D3DDD8-7D9B-46F0-B8A7-C5EF6A0A0BF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9B017A8-EBB6-4DA7-86E-94AF4B16DC2}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D86B3888-14EE-45B3-B5A7-624AE494889}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D85132C2-EDC6-4842-B94E-E77556BD155}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D66EFF84-4202-4D4D-91A4-C3E0EB15259}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D63A76D2-EE21-4A00-A777-8EA6278392F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5A7FD66-53A-404C-BF98-35B8EC630B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5A517B4-82E8-4561-B42D-3690D1471D7}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D541187-193B-4547-AB89-F5753F21192B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D440F188-90C6-4A1D-AFB4-6BCAF197D36}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D426B82C-D5C5-4576-B4D3-313016E7D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D08B4940-771-4E40-82CF-101EACBD47A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD856685-EA7-4226-B61D-B983F180D1C3}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD60B8F8-FC54-4DAE-9BD8-91CE9A9B93B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD247383-CF3B-4BF8-9AB6-ACB2E878EEF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCBCCCC5-B7CE-4B7E-B359-16868FDE6A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBC427D2-D8C7-47E1-A0D8-2C849A0DF15}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBA76687-B8B2-4597-A52C-179714C09A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB65D9FA-5E6D-4086-BD3A-F1EAAF1D0AD}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB449A21-E788-4468-8D65-89166684333}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7EB497-C773-4E7B-9671-82105F41C39B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C711F126-BBE0-4E10-9574-1043510DD75}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5E0A71E-EA7C-49EC-A27-BF6E533DA3F7}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4E51977-DDE2-428B-80B4-3D93EBDCD7}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C410B71F-174E-4264-ADA2-EE0A35C39F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3AE815-1B08-4634-87B0-82EB65F6B120}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2C1BC67-46D2-4FD0-9DFC-1437978EFC}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C29C6488-9014-4998-AF7-519074AE9781}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C27F5A2B-E388-485D-B04-9A3C6F4D1A11}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0E06015-4C62-4935-BE3-86F629F8CF58}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD88A8B2-8B11-4BDB-BDE0-AF1F2DDA1D8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B870C829-DC85-43A4-8E96-4FC7F3BA630}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B80348A3-3DA6-4434-826-B39FD64705B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7E67D1E-7ED9-48ED-865D-DB0ACCBA2A5}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7B1EEA7-DFF-4319-A076-8222884FFE99}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B681E99-C8BD-4A79-B385-C4E62647BF2B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B53BEF4C-AAD1-49C3-88B-A6BEF124E262}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B40014AC-1D69-4FA8-B070-8D8C753F832}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3912F14-AE90-4C4F-80B-D7527AB3FC}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B20364B9-5B-478F-8AD2-4256313FEAA}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B14182D9-2875-46DE-997F-5C64F184947}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1101511-A3F1-4B48-BC41-4A61E7A3978}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B037A9A8-306D-4A67-8CA1-B9DBBEBC3F8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF1769ED-DE45-491B-85C-75AA943A43D5}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE400DF-C802-4F70-B34D-9A954109D8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE1760FE-703-44B6-9B2E-A2495328B24}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD76ACE6-3EB-431F-9F69-9B452E5A740}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC6A387D-2B5F-4B02-91D3-90CFAE63E26}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABA95611-4E79-4D3F-BEEC-3892EE824E1}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA2B5EDC-4926-491D-BCC1-246F770EF83}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A76C1AE8-5EB8-4BF7-A465-66B41DAD420}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A67EB855-88E-4BAD-B485-DEA638C2571E}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4CDAEFE-FE9F-4246-9F56-A1D29478054}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4C33A0B-5A03-4938-BDA9-3136660F438}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A29CE215-D87-4BEA-899D-9BC583C8BBAE}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A207045E-E0D5-4FE4-AEF0-D63D73850A6}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1EDE9B5-95F6-4035-A69F-DB61C952B1F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C9FF1EC-848D-4C7D-9CF9-571B9A0ACF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BA4B950-8E06-43BC-905A-60D877B287F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B34BD38-805-4F73-8AA2-B98E3866E98D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96B0038-5C87-4CDE-9CDE-D6DAA68FCFB4}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96A0F0B4-12AF-4B85-91E7-2911C69184E}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95C63346-C6C8-46CF-A9E0-BDC14DDB6E4}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9586E42F-EA70-4E00-BC17-2ED54CF8EDB}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{943A3972-F969-414F-9484-C7573071419}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{918C3ED6-9E92-4C4E-91C3-EDDF898C97D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F551D5-26DD-4330-8BD1-53F835A1451}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D970A89-5972-4A45-894F-9CA5CC89C}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B59F0AB-7801-46C9-BC18-F29B2E9D71A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86B8EE15-C37-4D30-81ED-92DDFA233A4C}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84CF8FFE-5402-40C4-83E-42ACF7894A1}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84932C11-BD9F-483A-9F8B-99D66F2DC3B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83FA2403-FBC9-4008-BEBB-B24E2E135E3}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83B28630-5085-4AAE-ABA4-D324DDE0ACA}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{831A59EF-3C95-498E-9CB-EFBBA6D772EA}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{813F659D-EF60-4811-9E44-CB3A58E4273}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8091A42D-35C2-4911-815D-EBB4BF7DA52}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{808B311A-339-4914-89D3-8BF9F6AC62F8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F960D15-771D-46C2-AFE3-DAB854FD6E7}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D76CBD3-DE8A-4C04-A217-F1D6969629}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D745E3E-B27D-41A2-9A33-996FD7FF56C}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CAE86E-A3CB-4B83-9C24-2C5FF6481FC}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78B81C73-E0F3-4B02-82F5-51A8D9DE86}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77EF62-DAD0-4359-A5AE-6ED4BAA6C860}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D05D43-71B2-497F-ADAF-A3C598AA5DE}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74CF1ED-CDF8-4F89-86BC-C4B5CE8268E}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70B5D957-5EE-4430-8B82-CF39F6D3D8BD}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70A16072-5E76-4B73-AD35-A870B31902D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FEC7E1F-8F6B-458E-9B84-284974C4581}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F1DD0C3-1A19-450A-AF1-EA9E96F49993}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DAD309C-60CC-4762-9AB-2371ADBD9E5C}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D844A7-B1B5-4C9F-B446-9378989D691A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{695A6897-82BA-49DA-AE93-AB617ADAC34}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67EF1C5D-1AF7-4BBE-A795-DDEB11384BD}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{673C4C7B-3BD0-461C-9F6B-28CD99FC4C5}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65A9B7AB-7EBC-4B61-941-B8416D2A4632}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{653FBCC1-79B3-46C0-8C92-A3057955722}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{643AE7DD-591D-490E-B025-43AFA3B6AD3}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61EFA456-D8CA-4DB8-984-A2D19DE8361}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61D178A8-99C9-43FF-B64D-0451AA26C48}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DA78F03-9FE-46F2-BF5C-4C19743FA6FD}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C338B10-761-4D36-AD3B-2539C8706B4B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B55FBBA-95C3-47BD-8AB0-DBE5B78C1F9}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5983BCBD-C0B5-4047-91CE-CFBC7837F45}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58F62D7E-DC43-4548-8A35-EA89D919C4E}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{586C869-262A-4233-BBEF-F2F27723774C}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57BEC8B4-4246-498F-8295-C88A2B76A5}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{569714B9-411A-4A70-B9B2-D48FD6DB519}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55B1B74F-5E37-422C-AFA0-A274E4438D1}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52F9B476-6ED4-414D-ABF4-40A2999DDDA}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{527EB78F-AD62-4714-97CC-B9AEA3F205F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{518E107D-36C0-4881-80D2-869A8277114}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5055C882-779-4CE0-B25E-3B5F60C2F8F5}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FBCC233-AF8F-4D24-BE37-CAA81B7BD99}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F39547F-268-4B59-93EF-4D5082639A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CF4CD9F-F451-4412-8F30-A5D7438D3D4}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4B98BF13-AA3E-4D52-B924-CF023AA4A1F}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{496C5F4-7CD-4491-8892-C714467978}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48EDBD4-563B-4F8A-9FB7-1E7FC49490B2}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{472CAF5F-592E-4A12-BCEC-4A29EDF3443}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40FDD7C2-925B-4286-9FF6-9FCC3D771B2}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40877427-CE4F-470E-A9C5-2C7E868DB39}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40387592-7C88-4021-AF3B-762A811C919}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D6FF0-14DA-4B8B-8087-109DD747ACAB}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C65116-B1A1-4640-9765-485E89B9BF3}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BEE5C99-EF05-4F3E-BB31-4245B8D1E3D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38730B64-547A-4D16-B256-DC85F4236D8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35C03E8C-9B58-4990-A721-B7A665EFE9}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3530D9E5-2B87-476E-92B-D76DBCBDB66D}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{345A5172-459-47AE-A8AD-30A64E1DD9C}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{335954E9-D9F8-4DA9-8C94-78C37BE0A2}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30CD3364-3EC5-4FA5-A03A-7E8CC8D6A85}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30AF2102-8660-4C23-994C-41F969477D9}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30A874E7-6FDE-4417-B558-383A741F0C2}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9F38C-FEC1-4A86-9BB6-1C1837FE117}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C7947A0-946E-4A7F-A8D6-79F169F4B20}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{285A6975-894-49FD-9151-1DB223D3C79}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{277BB52C-7E04-4BC5-97DF-F6D431EBBCF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27176E62-2247-4EE9-BBF-E29695B364AF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24ECCE2A-7C73-4101-987A-65AB271C382}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{238EDCDE-B41-4125-A6BC-DB7510CBC054}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22606820-CD31-4A0B-8582-7A741BE1EF8}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1EE65496-A1A6-497D-92F8-1659F811ADF}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19FA0B2-10D4-4784-916B-9D462F91CC65}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18D59559-181C-48AC-945F-CAB6C4EFE8A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18B49E29-96A0-4C28-B63B-68A8069529A}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17CF62F7-FDFC-4A90-8D28-B4AEA87F318}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15E78337-A16-4342-87E6-52CCDFE7A34B}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1391C0EE-42CA-4467-B97D-4ECC0EED014}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11D21BB0-46C8-4D64-B948-20D2D935EB}
PUP.CrossRider.Heuristic HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{102EBD60-A68A-4D17-984A-41D6E4F589A}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.Conduit HKCU\Software\Conduit
PUP.Optional.Legacy HKCU\Software\GotClip Downloader
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
PUP.Optional.Legacy HKCU\Software\DriverToolkit
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F139397B-21E7-4389-87B9-DDEF422979A8}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVERTOOLKIT AUTORUN
PUP.Optional.Spigot HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
PUP.Optional.Spigot HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
PUP.Optional.Spigot HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
PUP.Optional.Spigot HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
PUP.Optional.SupTab HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
PUP.Optional.SupTab HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Naposledy upravil(a) normankott dne 30 kvě 2018 13:11, celkem upraveno 1 x.

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 29 kvě 2018 23:25

Zde ještě přikládám log z mbam:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 29.05.18
Čas skenování: 23:10
Logovací soubor: b93cc2ac-6384-11e8-a32a-00fffd38d3ac.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.365
Aktualizovat verzi balíku komponent: 1.0.5296
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: SWAN-PC\SWAN

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 286475
Zjištěné hrozby: 5
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 10 min, 6 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 1
PUP.Optional.DriverToolkit, HKU\S-1-5-21-2071813083-1845976314-806757171-1000\SOFTWARE\DriverToolkit, Žádná uživatelská akce, [887], [512874],1.0.5296

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.DriverToolkit, C:\Program Files (x86)\DriverToolkit\Download, Žádná uživatelská akce, [887], [512876],1.0.5296
PUP.Optional.DriverToolkit, C:\Program Files (x86)\DriverToolkit\Backup, Žádná uživatelská akce, [887], [512876],1.0.5296
PUP.Optional.DriverToolkit, C:\PROGRAM FILES (X86)\DRIVERTOOLKIT, Žádná uživatelská akce, [887], [512876],1.0.5296

Soubor: 1
PUP.Optional.DriverToolkit, C:\USERS\SWAN\DOWNLOADS\DRIVERTOOLKITINSTALLER.EXE, Žádná uživatelská akce, [887], [512879],1.0.5296

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38855
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod jaro3 » 30 kvě 2018 19:03

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.


Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 30 kvě 2018 23:07

Omlouvám se ale budu zde reagovat nejdříve za 3 týdny, odjíždím naléhavě do zahraničí, nezlobte se

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10631
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod Orcus » 31 kvě 2018 08:50

OK.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a jerabina

Pokud budete spokojeni , můžete podpořit naše fórum.

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 25 čer 2018 11:07

Tak jsem provedl vše výše zmíněné, zde jsou logy:

ADWcleaner:

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-06-22.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-24-2018
# Duration: 00:01:11
# OS: Windows 7 Ultimate
# Scanned: 41079
# Detected: 6


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare V8
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare V8
PUP.Optional.AdvancedSystemCare C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare V8
PUP.Optional.AdvancedSystemCare C:\Users\SWAN\AppData\LocalLow\IObit\Advanced SystemCare V8
PUP.Optional.AdvancedSystemCare C:\Users\SWAN\AppData\Roaming\IObit\Advanced SystemCare V8

***** [ Files ] *****

PUP.Optional.DriverToolkit C:\Users\SWAN\Downloads\DriverToolkitInstaller.exe

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 25 čer 2018 11:07

MBAM:
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 24.06.18
Čas skenování: 22:03
Logovací soubor: b2af5264-77e9-11e8-8b0e-00fffd38d3ac.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.374
Aktualizovat verzi balíku komponent: 1.0.5615
Licence: Bezplatný

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: SWAN-PC\SWAN

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 284188
Zjištěné hrozby: 1
Hrozby umístěné do karantény: 1
Uplynulý čas: 11 min, 2 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
Generic.Malware/Suspicious, C:\USERS\SWAN\DOWNLOADS\FK_MANAGER.EXE, Smazání při restartu, [0], [392686],1.0.5615

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 25 čer 2018 11:11

Junkware removal tool:

RogueKiller V12.12.19.0 (x64) [May 28 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : SWAN [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Prohledat -- Datum : 06/25/2018 10:21:06 (Duration : 00:35:20)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2071813083-1845976314-806757171-1000\Software\WebApp -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2071813083-1845976314-806757171-1000\Software\WebApp -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC56C193-3B36-4A55-902F-147F41D52746} | DhcpNameServer : 172.20.10.1 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BC56C193-3B36-4A55-902F-147F41D52746} | DhcpNameServer : 172.20.10.1 ([]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP.AutoIt.Gen][Soubor] C:\Users\SWAN\Desktop\RSITx64.exe -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA330 SATA Disk Device +++++
--- User ---
[MBR] 9439c6c588c91b478bfd282cc0ee6e52
[BSP] 2b417840db59c7e82535693f77957307 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 300000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 614606848 | Size: 653763 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

normankott
nováček
Příspěvky: 21
Registrován: květen 18
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod normankott » 25 čer 2018 11:13

Rogue killer:

RogueKiller V12.12.19.0 (x64) [May 28 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : SWAN [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mód : Prohledat -- Datum : 06/25/2018 10:21:06 (Duration : 00:35:20)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2071813083-1845976314-806757171-1000\Software\WebApp -> Nalezeno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2071813083-1845976314-806757171-1000\Software\WebApp -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC56C193-3B36-4A55-902F-147F41D52746} | DhcpNameServer : 172.20.10.1 ([]) -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{BC56C193-3B36-4A55-902F-147F41D52746} | DhcpNameServer : 172.20.10.1 ([]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP.AutoIt.Gen][Soubor] C:\Users\SWAN\Desktop\RSITx64.exe -> Nalezeno

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA330 SATA Disk Device +++++
--- User ---
[MBR] 9439c6c588c91b478bfd282cc0ee6e52
[BSP] 2b417840db59c7e82535693f77957307 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 300000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 614606848 | Size: 653763 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38855
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Poprosím o kontrolu logu

Příspěvekod jaro3 » 25 čer 2018 22:20

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 5 hostů