Blokování webového štítu u antiviru

Zpráva

SJirka · #1 Příspěvek od **SJirka** » 20 dub 2017 18:57

Dobrý den, na notebooku přestal fungovat webový štít v AVG antiviru a NB se začal hrozně zpomalovat, téměř s ním nešlo pracovat, odinstaloval jsem AVG, ale opětovná instalace AVG ani Avastu neproběhne regulérně do konce, po restartu pak je opět blokován webový štít u obou antivirů, zkoušel jsem je několikrát odstranit a znovu nainstalovat, ale furt stejné, on-line ESET antivirus nic nenašel, lovec potvor UnHackMe také nic, prosím o shlédnutí přiloženého logu z RSIT a o radu co dál. Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-04-20 19:31:43
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 60 GB (50%) free of 119 GB
Total RAM: 3066 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:48, on 20.4.2017
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Admin\Downloads\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Antivirus - Unknown owner - C:\Program Files\AVG\Antivirus\AVGSvc.exe (file missing)
O23 - Service: avgbIDSAgent - Unknown owner - C:\Program Files\AVG\Antivirus\aswidsagent.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7250 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AVG-SSU_0117avz.job - C:\ProgramData\Avg_Update_0117avz\AVG-Secure-Search-Update_0117avz.exe /CMPID=0117avz /RUNBY=AV
C:\Windows\tasks\AVG-SSU_0117avz_DELETE.job - C:\ProgramData\Avg_Update_0117avz\AVG-Secure-Search-Update_0117avz.exe /CMPID=0117avz /CMPN_DELETE_ALL /RUNBY=AV

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\krliaa1a.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-23 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-12-12 587288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-11-07 7048408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-19 21:41:44 ----D---- C:\rsit
2017-04-19 21:41:44 ----D---- C:\Program Files\trend micro
2017-04-19 18:14:47 ----ASH---- C:\hiberfil.sys
2017-04-19 18:14:46 ----D---- C:\ProgramData\AVG
2017-04-18 21:15:29 ----D---- C:\d39b518fdc8c6124771b514c
2017-04-18 21:15:03 ----A---- C:\Windows\system32\avgBoot.exe
2017-04-18 20:25:58 ----D---- C:\b766feb1d8448326707c221e46b6609f
2017-04-18 20:25:48 ----A---- C:\Windows\system32\drivers\avgStmXP.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgVmm.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgSP.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgSnx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgRvrt.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgRdr.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgMonFlt.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgHwid.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbunivx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgblogx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbidshx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbidsdriverx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbdiskx.sys
2017-04-18 19:26:27 ----D---- C:\ProgramData\RegRun
2017-04-18 19:25:39 ----RASHOT---- C:\Windows\winstart.bat
2017-04-17 20:34:02 ----D---- C:\4a146e265fe00f32e5831f
2017-04-17 19:17:53 ----D---- C:\70830570b3c404462a
2017-04-17 19:17:28 ----A---- C:\Windows\ucrtbase.dll
2017-04-06 12:28:36 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2017-04-06 12:26:41 ----D---- C:\Program Files\Common Files\Skype
2017-04-06 12:26:07 ----RD---- C:\Program Files\Skype
2017-04-06 12:25:08 ----D---- C:\ProgramData\Skype
2017-04-05 18:37:42 ----D---- C:\2fc5b8aa755b5ffe634741d331adef3b
2017-03-27 18:29:36 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-27 18:29:34 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-03-27 18:29:34 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-27 18:29:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-27 18:29:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-03-27 18:29:29 ----A---- C:\Windows\system32\ucrtbase.dll
2017-03-27 09:05:08 ----D---- C:\Users\Admin\AppData\Roaming\Skype(18)
2017-03-27 09:04:49 ----RD---- C:\Program Files\Skype(1)
2017-03-27 08:46:46 ----D---- C:\bd1026703523e8c2ab00fc660799
2017-03-27 08:46:30 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2017-04-20 19:31:39 ----D---- C:\Windows\Temp
2017-04-19 21:45:32 ----D---- C:\Program Files\Mozilla Firefox
2017-04-19 21:41:44 ----RD---- C:\Program Files
2017-04-19 18:20:58 ----D---- C:\Windows\inf
2017-04-19 18:20:58 ----D---- C:\Windows
2017-04-19 18:14:46 ----HD---- C:\ProgramData
2017-04-19 18:12:12 ----D---- C:\Program Files\totalcmd
2017-04-18 22:27:02 ----D---- C:\Windows\system32\drivers
2017-04-18 22:26:03 ----SHD---- C:\Windows\Installer
2017-04-18 22:25:56 ----SHD---- C:\System Volume Information
2017-04-18 22:11:59 ----SD---- C:\ProgramData\Microsoft
2017-04-18 22:05:22 ----AD---- C:\Windows\System32
2017-04-18 21:15:23 ----D---- C:\Windows\system32\Tasks
2017-04-17 21:22:50 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2017-04-17 20:23:58 ----D---- C:\Windows\SoftwareDistribution
2017-04-17 19:17:29 ----D---- C:\Windows\winsxs
2017-04-11 20:02:04 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-04-11 20:00:55 ----D---- C:\Windows\system32\Macromed
2017-04-11 19:56:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-04-08 19:48:23 ----D---- C:\Windows\system32\WDI
2017-04-07 20:52:22 ----D---- C:\Windows\system32\catroot2
2017-04-06 12:26:41 ----D---- C:\Program Files\Common Files
2017-04-06 11:34:19 ----D---- C:\Users\Admin\AppData\Roaming\MPC-HC
2017-04-03 18:03:22 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-03-28 04:23:07 ----D---- C:\Windows\system32\config
2017-03-28 04:23:03 ----D---- C:\Windows\Tasks
2017-03-28 04:23:03 ----D---- C:\Windows\system32\spool
2017-03-28 04:23:03 ----D---- C:\Windows\system32\Msdtc
2017-03-28 04:23:01 ----D---- C:\Windows\system32\wbem
2017-03-28 04:23:01 ----D---- C:\Windows\registration
2017-03-27 18:30:11 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidshx.sys [2017-04-18 150536]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgblogx.sys [2017-04-18 269856]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbunivx.sys [2017-04-18 43504]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2017-04-18 63136]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2017-04-18 280784]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 avgbdisk;avgbdisk; C:\Windows\system32\drivers\avgbdiskx.sys [2017-04-18 135384]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdriverx.sys [2017-04-18 257504]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr.sys [2017-04-18 61744]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2017-04-18 765048]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2017-04-18 473752]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2017-04-18 107888]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-08 3548672]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2017-04-18 35128]
S3 avgStmXP;avgStmXP; C:\Windows\system32\drivers\avgStmXP.sys [2017-04-18 185200]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-07 667648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
S2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-08 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11 271448]
S3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe []
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-08 153752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-04-02 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 20 dub 2017 19:44

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

SJirka · #3 Příspěvek od **SJirka** » 20 dub 2017 20:02

Log z AdwCleaneru:

# AdwCleaner v6.045 - Log vytvořen 20/04/2017 v 20:54:22
# Aktualizováno dne 28/03/2017 z Malwarebytes
# Databáze : 2017-03-28.2 [Místní]
# Operační systém : Windows Vista (TM) Home Premium Service Pack 2 (X86)
# Uživatelské jméno : Admin - ADMIN-PC
# Spuštěno z : C:\Users\Admin\Desktop\adwcleaner_6.045.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [824 Bajty] - [20/04/2017 20:54:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [1395 Bajty] - [20/04/2017 20:54:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [969 Bajty] ##########

#4 Příspěvek od **Rudy** » 20 dub 2017 20:57

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\winstart.bat

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir s po něm restartujte PC. Dejte nový log RSIT.

SJirka · #5 Příspěvek od **SJirka** » 21 dub 2017 16:28

Dobrý den, provedl jsem dle instrukcí spuštění OTM, log z RSIT níže, děkuji....

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-04-21 17:23:46
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 60 GB (50%) free of 119 GB
Total RAM: 3066 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:23:49, on 21.4.2017
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?CZ (file missing)
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Antivirus - Unknown owner - C:\Program Files\AVG\Antivirus\AVGSvc.exe (file missing)
O23 - Service: avgbIDSAgent - Unknown owner - C:\Program Files\AVG\Antivirus\aswidsagent.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7179 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AVG-SSU_0117avz.job - C:\ProgramData\Avg_Update_0117avz\AVG-Secure-Search-Update_0117avz.exe /CMPID=0117avz /RUNBY=AV
C:\Windows\tasks\AVG-SSU_0117avz_DELETE.job - C:\ProgramData\Avg_Update_0117avz\AVG-Secure-Search-Update_0117avz.exe /CMPID=0117avz /CMPN_DELETE_ALL /RUNBY=AV

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\krliaa1a.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 25.0.0.148 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.121.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-23 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-05-08 959904]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-11-07 7048408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-04-21 17:18:36 ----D---- C:\_OTM
2017-04-20 20:51:57 ----D---- C:\AdwCleaner
2017-04-19 21:41:44 ----D---- C:\rsit
2017-04-19 21:41:44 ----D---- C:\Program Files\trend micro
2017-04-19 18:14:47 ----ASH---- C:\hiberfil.sys
2017-04-19 18:14:46 ----D---- C:\ProgramData\AVG
2017-04-18 21:15:29 ----D---- C:\d39b518fdc8c6124771b514c
2017-04-18 21:15:03 ----A---- C:\Windows\system32\avgBoot.exe
2017-04-18 20:25:58 ----D---- C:\b766feb1d8448326707c221e46b6609f
2017-04-18 20:25:48 ----A---- C:\Windows\system32\drivers\avgStmXP.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgVmm.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgSP.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgSnx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgRvrt.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgRdr.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgMonFlt.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgHwid.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbunivx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgblogx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbidshx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbidsdriverx.sys
2017-04-18 20:25:47 ----A---- C:\Windows\system32\drivers\avgbdiskx.sys
2017-04-18 19:26:27 ----D---- C:\ProgramData\RegRun
2017-04-17 20:34:02 ----D---- C:\4a146e265fe00f32e5831f
2017-04-17 19:17:53 ----D---- C:\70830570b3c404462a
2017-04-17 19:17:28 ----A---- C:\Windows\ucrtbase.dll
2017-04-06 12:28:36 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2017-04-06 12:26:41 ----D---- C:\Program Files\Common Files\Skype
2017-04-06 12:26:07 ----RD---- C:\Program Files\Skype
2017-04-06 12:25:08 ----D---- C:\ProgramData\Skype
2017-04-05 18:37:42 ----D---- C:\2fc5b8aa755b5ffe634741d331adef3b
2017-03-27 18:29:36 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-27 18:29:35 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-27 18:29:34 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-03-27 18:29:34 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-27 18:29:33 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-27 18:29:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-03-27 18:29:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-03-27 18:29:29 ----A---- C:\Windows\system32\ucrtbase.dll
2017-03-27 09:05:08 ----D---- C:\Users\Admin\AppData\Roaming\Skype(18)
2017-03-27 09:04:49 ----RD---- C:\Program Files\Skype(1)
2017-03-27 08:46:46 ----D---- C:\bd1026703523e8c2ab00fc660799
2017-03-27 08:46:30 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2017-04-21 17:23:43 ----D---- C:\Windows\Temp
2017-04-21 17:18:46 ----D---- C:\Windows
2017-04-20 20:55:35 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-04-20 20:55:35 ----D---- C:\Program Files\Mozilla Firefox
2017-04-19 21:41:44 ----RD---- C:\Program Files
2017-04-19 18:20:58 ----D---- C:\Windows\inf
2017-04-19 18:14:46 ----HD---- C:\ProgramData
2017-04-19 18:12:12 ----D---- C:\Program Files\totalcmd
2017-04-18 22:27:02 ----D---- C:\Windows\system32\drivers
2017-04-18 22:26:03 ----SHD---- C:\Windows\Installer
2017-04-18 22:25:56 ----SHD---- C:\System Volume Information
2017-04-18 22:11:59 ----SD---- C:\ProgramData\Microsoft
2017-04-18 22:05:22 ----AD---- C:\Windows\System32
2017-04-18 21:15:23 ----D---- C:\Windows\system32\Tasks
2017-04-17 21:22:50 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2017-04-17 20:23:58 ----D---- C:\Windows\SoftwareDistribution
2017-04-17 19:17:29 ----D---- C:\Windows\winsxs
2017-04-11 20:02:04 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-04-11 20:00:55 ----D---- C:\Windows\system32\Macromed
2017-04-11 19:56:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-04-08 19:48:23 ----D---- C:\Windows\system32\WDI
2017-04-07 20:52:22 ----D---- C:\Windows\system32\catroot2
2017-04-06 12:26:41 ----D---- C:\Program Files\Common Files
2017-04-06 11:34:19 ----D---- C:\Users\Admin\AppData\Roaming\MPC-HC
2017-03-28 04:23:07 ----D---- C:\Windows\system32\config
2017-03-28 04:23:03 ----D---- C:\Windows\Tasks
2017-03-28 04:23:03 ----D---- C:\Windows\system32\spool
2017-03-28 04:23:03 ----D---- C:\Windows\system32\Msdtc
2017-03-28 04:23:01 ----D---- C:\Windows\system32\wbem
2017-03-28 04:23:01 ----D---- C:\Windows\registration
2017-03-27 18:30:11 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 avgbidsh;avgbidsh; C:\Windows\system32\drivers\avgbidshx.sys [2017-04-18 150536]
R0 avgblog;avgblog; C:\Windows\system32\drivers\avgblogx.sys [2017-04-18 269856]
R0 avgbuniv;avgbuniv; C:\Windows\system32\drivers\avgbunivx.sys [2017-04-18 43504]
R0 avgRvrt;avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [2017-04-18 63136]
R0 avgVmm;avgVmm; C:\Windows\system32\drivers\avgVmm.sys [2017-04-18 280784]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 avgbdisk;avgbdisk; C:\Windows\system32\drivers\avgbdiskx.sys [2017-04-18 135384]
R1 avgbidsdriver;avgbidsdriver; C:\Windows\system32\drivers\avgbidsdriverx.sys [2017-04-18 257504]
R1 avgRdr;avgRdr; C:\Windows\system32\drivers\avgRdr.sys [2017-04-18 61744]
R1 avgSnx;avgSnx; C:\Windows\system32\drivers\avgSnx.sys [2017-04-18 765048]
R1 avgSP;avgSP; C:\Windows\system32\drivers\avgSP.sys [2017-04-18 473752]
R2 avgMonFlt;avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [2017-04-18 107888]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-08 3548672]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S3 avgHwid;avgHwid; C:\Windows\system32\drivers\avgHwid.sys [2017-04-18 35128]
S3 avgStmXP;avgStmXP; C:\Windows\system32\drivers\avgStmXP.sys [2017-04-18 185200]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-07 667648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
S2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-08 153752]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11 271448]
S3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe []
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-08 153752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-04-20 172488]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 21 dub 2017 16:46

OK. Nastala nějaká změna?

SJirka · #7 Příspěvek od **SJirka** » 21 dub 2017 19:15

Zkoušel jsem nainstalovat Avast, ale bohužel opět neúspěšně, něco jakoby to těsně před koncem instalace vždy začalo blokovat a instalace se zasekne, pořád probíhá. Nechal jsem to pro jistotu 2 hodiny, ale je vidět že se nic neděje, HDD jenom problikává pořád ve stejných intervalech. Po násilném ukončení a restartu je antivir nainstalován, ale nekompletní, webový štít není aktivní a nejde zapnout a ani nejde spustit kontrola počítače. Jiné programy jsou naistalovat bez problémů. Děkuji.

#8 Příspěvek od **Rudy** » 21 dub 2017 20:09

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

SJirka · #9 Příspěvek od **SJirka** » 21 dub 2017 20:53

Log z MBAM:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 21.04.17
Čas skenování: 21:43
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.6.1469
Verze komponentů: 1.0.103
Aktualizovat verzi balíku komponent: 1.0.1777
Licence: Zkušební

-Systémová informace-
OS: Windows Vista Service Pack 2
CPU: x86
Systém souborů: NTFS
Uživatel: Admin-PC\Admin

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 248773
Uplynulý čas: 5 min, 13 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#10 Příspěvek od **Rudy** » 21 dub 2017 21:13

Virový problém to už není, log je OK. Zkuste napsat do přík řádku sfc /scannow , nechte proces proběhout (je to oprava systémových souborů) a pak znovu zkuste instalaci.

SJirka · #11 Příspěvek od **SJirka** » 23 dub 2017 20:39

Dobrý den, provedl jsem, bohužel žádná změna, zkusil jsem oba antiviry (ÄVG i Avast, samozřejmě s řádnou odinstalací mezi nimi) a chování je pořád stejné - instalace se před koncem zasekne a nejsou aktivní štíty (kompenenty). Tak asi přeinstalace OS (?), nebo máte ještě nějaké eso v rukávu? Děkuji.

#12 Příspěvek od **Rudy** » 23 dub 2017 21:01

Ještě bych tu měl obnovu systému k datu, kdy korketně fungoval.

SJirka · #13 Příspěvek od **SJirka** » 24 dub 2017 21:23

Dobrý den, už se mi podařilo si vzpomenout, kdy byl NB naposledy v pořádku, tak bych to zkusil. Děkuji.

#14 Příspěvek od **Rudy** » 25 dub 2017 17:29

VIRY.CZ

Blokování webového štítu u antiviru

Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru

Re: Blokování webového štítu u antiviru