Prosím o kontrolu logu Vyřešeno
Napsal: 01 říj 2016 12:09
Dobrý den,
chtěla bych vás poprosit o kontrolu logu. Mám pocit, že si můj počítač žije svým vlastním životem - sám od sebe si vypíná co chce a kdy chce, což vyvrcholilo samovolným vypínáním num locku.
Nejprve přikládám výpis z TFC:
Getting user folders.
Stopping running processes.
Emptying Temp folders.
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Tereza
->Temp folder emptied: 1027262 bytes
->Temporary Internet Files folder emptied: 1656900 bytes
->Google Chrome cache emptied: 390261716 bytes
->Flash cache emptied: 707 bytes
User: Terka
->Temp folder emptied: 35145837 bytes
->Temporary Internet Files folder emptied: 8894025 bytes
->Google Chrome cache emptied: 413146926 bytes
->Flash cache emptied: 726 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73115899 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
Emptying RecycleBin. Do not interrupt.
RecycleBin emptied: 460189741 bytes
Process complete!
Total Files Cleaned = 1 319,00 mb
Dále z HiJackThis:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:00:33, on 1. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Terka\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: STATISTICA Browser Helper - {990A8747-93BF-4EF7-B72E-94A6884B98C2} - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ArcGIS License Manager - Flexera Software LLC - C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 11105 bytes
A do třetice z Malwarebytes Anti-Malware:
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 1. 10. 2016
Čas skenování: 11:22
Protokol: malwarelog.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.10.01.02
Databáze rootkitů: v2016.09.26.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Terka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 404621
Uplynulý čas: 16 min, 59 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 8
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E265B779-E577-4A45-A4E8-157727969D57}, , [01056f257723e3537a53af1adf25629e],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchSignup, , [2bdb2b697e1c2b0bede143861fe5f40c],
PUP.Optional.UpdateCheckerApp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\UpdateCheckerApp, , [ef17395b6a30de58cff55861bc47718f],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69A018B2-3C57-450D-B960-EC392BC6D1C0}, , [bb4b8e06ebaf87afe9af1e7e8f7422de],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1B07FEC-B597-4850-9988-C2AE41EF85B4}, , [32d4c8cc54460333dfb9940805fe827e],
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9059CCB3-E980-4EF8-A4FB-1C8F31E5CF6C}, , [a165742006946fc7a6830caa47bc08f8],
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F333F525-9421-483B-9B93-1674437EA4B0}, , [e6203361f9a136009594e1d52bd8738d],
PUP.Optional.OutBrowse, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\OB, , [17efc7cd5941fe380c6d28864cb71ee2],
Hodnoty registru: 8
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E265B779-E577-4A45-A4E8-157727969D57}|Path, \LaunchSignup, , [01056f257723e3537a53af1adf25629e]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69A018B2-3C57-450D-B960-EC392BC6D1C0}|AppPath, C:\Users\Terka\AppData\Local\Conduit\CT1750559, , [bb4b8e06ebaf87afe9af1e7e8f7422de]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1B07FEC-B597-4850-9988-C2AE41EF85B4}|AppPath, C:\Users\Terka\AppData\Local\Conduit\CT1750559, , [32d4c8cc54460333dfb9940805fe827e]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9059CCB3-E980-4EF8-A4FB-1C8F31E5CF6C}|URL, http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}, , [a165742006946fc7a6830caa47bc08f8]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9059CCB3-E980-4EF8-A4FB-1C8F31E5CF6C}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, , [53b393018c0ec6709e8c694d798adc24]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F333F525-9421-483B-9B93-1674437EA4B0}|URL, http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}, , [e6203361f9a136009594e1d52bd8738d]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F333F525-9421-483B-9B93-1674437EA4B0}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, , [e125cec6a3f74beb63c7cee857ac08f8]
PUP.Optional.OutBrowse, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\OB|monitype6, 6/16/14 20:41:58, , [17efc7cd5941fe380c6d28864cb71ee2]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.SqueakyChocolate, C:\Program Files (x86)\SqueakyChocolate, , [ac5a553f9901b086955f6756ed15bb45],
Soubory: 1
PUP.Optional.MyPCBackup, C:\Windows\System32\Tasks\LAUNCHSIGNUP, , [23e3c5cf6c2e61d5a32d13b611f32ad6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Předem moc děkuju.
chtěla bych vás poprosit o kontrolu logu. Mám pocit, že si můj počítač žije svým vlastním životem - sám od sebe si vypíná co chce a kdy chce, což vyvrcholilo samovolným vypínáním num locku.
Nejprve přikládám výpis z TFC:
Getting user folders.
Stopping running processes.
Emptying Temp folders.
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Tereza
->Temp folder emptied: 1027262 bytes
->Temporary Internet Files folder emptied: 1656900 bytes
->Google Chrome cache emptied: 390261716 bytes
->Flash cache emptied: 707 bytes
User: Terka
->Temp folder emptied: 35145837 bytes
->Temporary Internet Files folder emptied: 8894025 bytes
->Google Chrome cache emptied: 413146926 bytes
->Flash cache emptied: 726 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 73115899 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
Emptying RecycleBin. Do not interrupt.
RecycleBin emptied: 460189741 bytes
Process complete!
Total Files Cleaned = 1 319,00 mb
Dále z HiJackThis:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:00:33, on 1. 10. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17568)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Terka\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: STATISTICA Browser Helper - {990A8747-93BF-4EF7-B72E-94A6884B98C2} - C:\Program Files\StatSoft\STATISTICA 12\Support\StaBHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ArcGIS License Manager - Flexera Software LLC - C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 11105 bytes
A do třetice z Malwarebytes Anti-Malware:
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 1. 10. 2016
Čas skenování: 11:22
Protokol: malwarelog.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.10.01.02
Databáze rootkitů: v2016.09.26.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Terka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 404621
Uplynulý čas: 16 min, 59 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 8
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E265B779-E577-4A45-A4E8-157727969D57}, , [01056f257723e3537a53af1adf25629e],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchSignup, , [2bdb2b697e1c2b0bede143861fe5f40c],
PUP.Optional.UpdateCheckerApp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\UpdateCheckerApp, , [ef17395b6a30de58cff55861bc47718f],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69A018B2-3C57-450D-B960-EC392BC6D1C0}, , [bb4b8e06ebaf87afe9af1e7e8f7422de],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1B07FEC-B597-4850-9988-C2AE41EF85B4}, , [32d4c8cc54460333dfb9940805fe827e],
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9059CCB3-E980-4EF8-A4FB-1C8F31E5CF6C}, , [a165742006946fc7a6830caa47bc08f8],
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F333F525-9421-483B-9B93-1674437EA4B0}, , [e6203361f9a136009594e1d52bd8738d],
PUP.Optional.OutBrowse, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\OB, , [17efc7cd5941fe380c6d28864cb71ee2],
Hodnoty registru: 8
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E265B779-E577-4A45-A4E8-157727969D57}|Path, \LaunchSignup, , [01056f257723e3537a53af1adf25629e]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69A018B2-3C57-450D-B960-EC392BC6D1C0}|AppPath, C:\Users\Terka\AppData\Local\Conduit\CT1750559, , [bb4b8e06ebaf87afe9af1e7e8f7422de]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1B07FEC-B597-4850-9988-C2AE41EF85B4}|AppPath, C:\Users\Terka\AppData\Local\Conduit\CT1750559, , [32d4c8cc54460333dfb9940805fe827e]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9059CCB3-E980-4EF8-A4FB-1C8F31E5CF6C}|URL, http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}, , [a165742006946fc7a6830caa47bc08f8]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9059CCB3-E980-4EF8-A4FB-1C8F31E5CF6C}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, , [53b393018c0ec6709e8c694d798adc24]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F333F525-9421-483B-9B93-1674437EA4B0}|URL, http://search.yahoo.com/search?fr=chr-g ... =198484&p={searchTerms}, , [e6203361f9a136009594e1d52bd8738d]
PUP.Optional.Spigot, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F333F525-9421-483B-9B93-1674437EA4B0}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, , [e125cec6a3f74beb63c7cee857ac08f8]
PUP.Optional.OutBrowse, HKU\S-1-5-21-3152794667-1888837929-3469490325-1002\SOFTWARE\OB|monitype6, 6/16/14 20:41:58, , [17efc7cd5941fe380c6d28864cb71ee2]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.SqueakyChocolate, C:\Program Files (x86)\SqueakyChocolate, , [ac5a553f9901b086955f6756ed15bb45],
Soubory: 1
PUP.Optional.MyPCBackup, C:\Windows\System32\Tasks\LAUNCHSIGNUP, , [23e3c5cf6c2e61d5a32d13b611f32ad6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Předem moc děkuju.