Dobry den,prosim o kontrolu logu

[tutamilan]

Logfile of random's system information tool 1.10 (written by random/random)
Run by ota at 2018-02-24 18:04:23
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 34 GB (30%) free of 114 GB
Total RAM: 3063 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:12, on 24.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\mmc.exe
C:\Users\ota\Downloads\RSIT.exe
C:\Program Files\trend micro\ota.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [DriveTheLife2013] "C:\Program Files\DTLSoft\DriveTheLife\DriveTheLife.exe" /start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [persistence module] rem|"C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO System - Cleaner Service (Cleaner_Validator) - Unknown owner - C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files\HP\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 7169 bytes

======Scheduled tasks folder======

C:\Windows\tasks\COMODO Updater.job - C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\HPCeeScheduleForota.job - C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForota (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\ota\AppData\Roaming\Mozilla\Firefox\Profiles\8atgv8ah.default

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-20 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07 416288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DriveTheLife2013"=C:\Program Files\DTLSoft\DriveTheLife\DriveTheLife.exe [2015-07-23 2132320]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-23 1183744]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-05-17 2358584]
"persistence module"=rem|C:\Windows\system32\igfxpers.exe []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-02-20 243496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2009-09-23 173592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2009-09-23 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2009-09-23 150552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ota^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Examiner8.0 CVB-11 32B.exe.lnk]
C:\Examin\EXAMIN~4.EXE [2016-12-11 25358700]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^ota^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeExaminer8.0.exe.lnk]
C:\Examin\FREEEX~1.EXE [2016-09-12 25166155]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-02-24 18:04:24 ----D---- C:\Program Files\trend micro
2018-02-24 18:04:23 ----D---- C:\rsit
2018-02-20 15:45:16 ----A---- C:\Windows\system32\aswBoot.exe
2018-02-05 15:55:56 ----D---- C:\ProgramData\SWCUTemp

======List of files/folders modified in the last 1 month======

2018-02-24 18:04:25 ----D---- C:\Windows\Prefetch
2018-02-24 18:04:24 ----RD---- C:\Program Files
2018-02-24 18:02:38 ----D---- C:\Windows\Temp
2018-02-24 17:57:43 ----D---- C:\Windows\system32\drivers
2018-02-24 17:57:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2018-02-24 17:57:43 ----D---- C:\Program Files\Mozilla Firefox
2018-02-21 20:25:15 ----D---- C:\Windows\Tasks
2018-02-21 20:25:15 ----D---- C:\Windows\system32\Tasks
2018-02-21 19:21:57 ----D---- C:\Program Files\TeamViewer
2018-02-20 15:45:54 ----D---- C:\Windows\system32\config
2018-02-20 15:45:16 ----D---- C:\Windows\System32
2018-02-11 17:34:04 ----D---- C:\Users\ota\AppData\Roaming\vlc
2018-02-11 14:08:45 ----D---- C:\Users\ota\AppData\Roaming\uTorrent
2018-02-09 20:09:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-09 20:09:05 ----D---- C:\Windows\inf
2018-02-05 15:55:56 ----HD---- C:\ProgramData
2018-02-03 00:50:40 ----SHD---- C:\System Volume Information
2018-02-02 21:07:04 ----D---- C:\Windows\system32\NDF
2018-01-26 21:50:57 ----D---- C:\Users\ota\AppData\Roaming\ViberPC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-01 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-01 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-01 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-02-20 70816]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-02-20 310784]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-02-20 164928]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-01 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-02-20 150808]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-02-20 100024]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-02-20 783600]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-02-20 391344]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2010-12-09 64608]
R1 CFRPD;CFRPD; C:\Windows\system32\DRIVERS\CFRPD.sys [2010-12-09 33744]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-02-20 124392]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-02-20 151832]
R2 drhard;drhard; C:\Windows\system32\drivers\drhard.sys [2005-12-01 23600]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-04-23 309248]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-10-18 971752]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2014-04-06 412952]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-03-25 4270288]
R3 GTIPCI21;GTIPCI21; C:\Windows\system32\DRIVERS\gtipci21.sys [2007-05-09 97280]
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys [2010-02-24 15544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SMSCIRDA;SMSC Infrared Device Driver; C:\Windows\system32\DRIVERS\SMSCirda.sys [2009-05-10 31232]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-05-17 327608]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-12-14 290816]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 123328]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-02-20 42808]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2017-08-13 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-04-23 69632]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-02-20 300600]
R2 Cleaner_Validator;COMODO System - Cleaner Service; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 305600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-11-21 332144]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 LDrvSvc;Local Driver Service; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TeamViewer;TeamViewer 12; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2017-12-18 10803440]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-02-20 5931184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-12 153752]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-12 153752]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 104960]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2018-02-24 174544]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-04-21 47224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Scan (Skenovanie) a pockaj na dokoncenie
• Klikni na Clean (Cistenie) a potvrd kliknutim na OK
• AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
• Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

[tutamilan]

# AdwCleaner 7.0.8.0 - Logfile created on Sat Feb 24 20:37:22 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Ultimate (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files\DriverToolkit
Deleted: C:\Users\ota\AppData\Local\DriverToolkit
Deleted: C:\ProgramData\DriveTheLife2013
Deleted: C:\ProgramData\Application Data\DriveTheLife2013
Deleted: C:\Users\All Users\DriveTheLife2013
Deleted: C:\Users\ota\AppData\Roaming\DriveTheLife2013
Deleted: C:\ProgramData\Solvusoft
Deleted: C:\ProgramData\Application Data\Solvusoft
Deleted: C:\Program Files\Solvusoft
Deleted: C:\Users\All Users\Solvusoft
Deleted: C:\Users\ota\AppData\Roaming\Solvusoft
Deleted: C:\Windows\\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: DRIVERTOOLKIT AUTORUN
Deleted: DllKitPRO


***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\puzzlegamesdaily.dl.tb.ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
Deleted: [Key] - HKU\S-1-5-21-335174678-1145664534-2665916264-1000\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\virtualdj.en.softonic.com
Deleted: [Key] - HKLM\SOFTWARE\Common Toolkit Suite


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2650 B] - [2018/2/24 20:36:15]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Conder]

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

[tutamilan]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.02.2018
Ran by ota (administrator) on HP-PC (25-02-2018 07:01:42)
Running from C:\Users\ota\Desktop
Loaded Profiles: ota (Available Profiles: ota)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
() C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DriveTheLife2013] => C:\Program Files\DTLSoft\DriveTheLife\DriveTheLife.exe [2132320 2015-07-23] (Drive The Life Co., Ltd.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2008-04-23] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2358584 2012-05-17] (Synaptics Incorporated)
HKLM\...\Run: [persistence module] => C:\Windows\system32\igfxpers.exe [150552 2009-09-23] (Intel Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [243496 2018-02-20] (AVAST Software)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 188.92.8.18 192.168.1.1
Tcpip\..\Interfaces\{5BED7537-9AC1-4692-9D2A-E0BBF9941A2D}: [DhcpNameServer] 188.92.8.18 192.168.1.1
Tcpip\..\Interfaces\{9BB95287-ECD9-4AA1-995D-12FB235B6C01}: [DhcpNameServer] 188.92.8.18 192.168.1.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-20] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 8atgv8ah.default
FF ProfilePath: C:\Users\ota\AppData\Roaming\Mozilla\Firefox\Profiles\8atgv8ah.default [2018-02-24]
FF Homepage: Mozilla\Firefox\Profiles\8atgv8ah.default -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\8atgv8ah.default -> is enabled.
FF Extension: (Avast SafePrice) - C:\Users\ota\AppData\Roaming\Mozilla\Firefox\Profiles\8atgv8ah.default\Extensions\sp@avast.com.xpi [2018-01-20]
FF Extension: (Avast Online Security) - C:\Users\ota\AppData\Roaming\Mozilla\Firefox\Profiles\8atgv8ah.default\Extensions\wrc@avast.com.xpi [2018-01-01]
FF Extension: (Adblock Plus) - C:\Users\ota\AppData\Roaming\Mozilla\Firefox\Profiles\8atgv8ah.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-18]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default [2018-02-25]
CHR Extension: (Prezentace) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-12]
CHR Extension: (YouTube) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-12]
CHR Extension: (Avast SafePrice) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-24]
CHR Extension: (Tabulky) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-12]
CHR Extension: (Avast Online Security) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5931184 2018-02-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [300600 2018-02-20] (AVAST Software)
R2 Cleaner_Validator; C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [305600 2010-12-09] ()
S3 hpqcaslwmiex; C:\Program Files\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 LDrvSvc; c:\program files\dtlsoft\drivethelife\ldrvsvc.dll [186544 2017-10-17] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-12-18] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [164928 2018-02-20] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [255584 2018-01-01] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [157376 2018-01-01] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [276696 2018-01-01] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [50344 2018-01-01] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [150808 2018-02-20] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-02-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [124392 2018-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100024 2018-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [70816 2018-02-20] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783600 2018-02-20] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [391344 2018-02-20] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [151832 2018-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-02-20] (AVAST Software)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [64608 2010-12-09] (Windows (R) Win 7 DDK provider)
R1 CFRPD; C:\Windows\System32\DRIVERS\CFRPD.sys [33744 2010-12-09] (Windows (R) Win 7 DDK provider)
R2 drhard; C:\Windows\system32\Drivers\drhard.sys [23600 2005-12-01] (Licensed for Gebhard Software) [File not signed]
R3 GTIPCI21; C:\Windows\System32\DRIVERS\gtipci21.sys [97280 2007-05-09] (Texas Instruments)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-25 07:01 - 2018-02-25 07:02 - 000011164 _____ C:\Users\ota\Desktop\FRST.txt
2018-02-25 07:01 - 2018-02-25 07:01 - 000000000 ____D C:\FRST
2018-02-25 06:58 - 2018-02-25 06:59 - 001763328 _____ (Farbar) C:\Users\ota\Desktop\FRST.exe
2018-02-24 21:33 - 2018-02-24 21:37 - 000000000 ____D C:\AdwCleaner
2018-02-24 21:18 - 2018-02-24 21:18 - 008222496 _____ (Malwarebytes) C:\Users\ota\Desktop\adwcleaner_7.0.8.0.exe
2018-02-24 18:04 - 2018-02-24 18:05 - 000000000 ____D C:\rsit
2018-02-24 18:04 - 2018-02-24 18:05 - 000000000 ____D C:\Program Files\trend micro
2018-02-24 18:03 - 2018-02-24 18:03 - 001107968 _____ C:\Users\ota\Downloads\RSIT.exe
2018-02-20 15:45 - 2018-02-20 15:44 - 000319392 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-02-11 11:14 - 2018-02-11 11:45 - 574926928 _____ C:\Users\ota\Downloads\Vikingové_S02E09_Cz_dab.avi
2018-02-11 09:47 - 2018-02-11 10:08 - 387154824 _____ C:\Users\ota\Downloads\Vikingové s02e08-Vývar bez kostí- (akční 2013) CZ dab.avi
2018-02-10 21:22 - 2018-02-10 21:50 - 531418778 _____ C:\Users\ota\Downloads\Vikingové_S02E08_Cz_dab.avi
2018-02-10 21:17 - 2018-02-11 01:03 - 591990968 _____ C:\Users\ota\Downloads\Vikingové S02E10 Modlitba Páně.avi
2018-02-10 21:17 - 2018-02-11 00:58 - 574926928 _____ C:\Users\ota\Downloads\Vikingové S02E09 Volba.avi
2018-02-10 20:57 - 2018-02-11 00:02 - 384714124 _____ C:\Users\ota\Downloads\Vikingové s02e06-Nesmiřitelní.avi
2018-02-10 20:56 - 2018-02-10 21:05 - 425478034 _____ C:\Users\ota\Downloads\Vikingové s02e07-Krvavý orel.avi
2018-02-10 20:21 - 2018-02-10 21:34 - 381240172 _____ C:\Users\ota\Downloads\Vikingové s02e05-Odpovědi psané krví- CZ.avi
2018-02-10 19:35 - 2018-02-10 20:30 - 386651986 _____ C:\Users\ota\Downloads\Vikingové s02e04-Oko za oko.avi
2018-02-10 19:21 - 2018-02-10 20:55 - 599894350 _____ C:\Users\ota\Downloads\Vikingové-S02E03-Zrada-(CZ).avi
2018-02-10 19:20 - 2018-02-10 20:32 - 593194808 _____ C:\Users\ota\Downloads\Vikingové 2.serie S02E02 CZ-dabing.avi
2018-02-10 19:20 - 2018-02-10 19:43 - 614853344 _____ C:\Users\ota\Downloads\Vikingové-02x01-Válka-bratrů.avi
2018-02-10 16:33 - 2018-02-10 17:06 - 602152628 _____ C:\Users\ota\Downloads\Vikingové S01E08 - Oběť bohům.avi
2018-02-10 15:55 - 2018-02-10 16:25 - 561968688 _____ C:\Users\ota\Downloads\Vikingové S01E05 - Přepadení.avi
2018-02-10 13:16 - 2018-02-10 17:59 - 602152628 _____ C:\Users\ota\Downloads\Vikingové-S01E08-Oběť-bohům-(CZ).avi
2018-02-10 13:15 - 2018-02-10 13:21 - 363742156 _____ C:\Users\ota\Downloads\Vikingové s01e09-Čas změn.avi
2018-02-10 10:16 - 2018-02-10 13:07 - 564205552 _____ C:\Users\ota\Downloads\Vikingové-S01E07-Královské-výkupné-(CZ.avi
2018-02-10 10:15 - 2018-02-10 13:01 - 564647738 _____ C:\Users\ota\Downloads\Vikingové S01E06 - Pohřební obřad CZ .avi
2018-02-10 10:14 - 2018-02-10 13:11 - 659381964 _____ C:\Users\ota\Downloads\Vikingové_S01E05_Cz_dab.avi
2018-02-10 10:13 - 2018-02-10 13:11 - 646257724 _____ C:\Users\ota\Downloads\Vikingové.01x04.Soud.DVB-T.CZ.avi
2018-02-10 10:13 - 2018-02-10 10:40 - 695920412 _____ C:\Users\ota\Downloads\Vikingové.01x03.Vyvlastnění.DVB-T.CZ.avi
2018-02-05 15:55 - 2018-02-05 15:55 - 000000000 ____D C:\ProgramData\SWCUTemp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-25 07:01 - 2009-07-14 05:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-02-25 07:01 - 2009-07-14 05:34 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-02-24 21:38 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-02-24 21:37 - 2018-01-01 12:05 - 000018763 _____ C:\Windows\cscmondump.bin
2018-02-24 21:31 - 2017-04-07 11:23 - 000000000 ____D C:\Users\ota\AppData\LocalLow\Mozilla
2018-02-24 17:58 - 2017-10-18 13:12 - 000000312 _____ C:\Windows\Tasks\HPCeeScheduleForota.job
2018-02-24 17:57 - 2017-06-17 10:39 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-02-24 17:57 - 2017-04-07 11:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-24 10:01 - 2017-12-16 10:01 - 000000446 _____ C:\Windows\Tasks\COMODO Updater.job
2018-02-21 19:21 - 2017-08-13 00:10 - 000000000 ____D C:\Program Files\TeamViewer
2018-02-20 15:45 - 2018-01-01 13:37 - 000391344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000310784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000164928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000151832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000124392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000100024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000070816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-02-20 15:45 - 2018-01-01 13:37 - 000042808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-02-20 15:44 - 2018-01-01 13:37 - 000783600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-02-20 15:44 - 2018-01-01 13:37 - 000150808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-02-11 17:34 - 2017-12-08 20:56 - 000000000 ____D C:\Users\ota\AppData\Roaming\vlc
2018-02-11 14:08 - 2017-11-12 17:30 - 000000000 ____D C:\Users\ota\AppData\Roaming\uTorrent
2018-02-09 20:09 - 2017-04-05 06:41 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2018-02-09 20:09 - 2009-07-14 09:44 - 000668792 _____ C:\Windows\system32\perfh005.dat
2018-02-09 20:09 - 2009-07-14 09:44 - 000141420 _____ C:\Windows\system32\perfc005.dat
2018-02-09 20:09 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2018-02-04 17:16 - 2018-01-01 12:31 - 000000012 _____ C:\Windows\CSC_ActiveCleanLog.dat
2018-02-04 17:16 - 2018-01-01 12:05 - 001368358 _____ C:\Windows\CSC_ServiceDump.dat
2018-02-04 17:14 - 2017-12-31 20:42 - 000000000 ____D C:\Users\ota\Desktop\Pustina krimi HBO
2018-02-02 21:07 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\NDF
2018-01-26 21:50 - 2017-08-12 14:03 - 000000000 ____D C:\Users\ota\AppData\Roaming\ViberPC
2018-01-26 20:44 - 2017-10-02 10:17 - 000000000 ____D C:\Users\ota\AppData\Local\Viber
2018-01-26 20:43 - 2017-08-13 13:54 - 000000000 ____D C:\Users\ota\Documents\ViberDownloads

==================== Files in the root of some directories =======

2017-12-15 17:24 - 2017-01-12 14:56 - 021752832 _____ () C:\Users\ota\AppData\Roaming\TMS-UnInstall.exe
2017-07-01 12:06 - 2017-07-01 12:06 - 000000017 _____ () C:\Users\ota\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-03 00:43

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24.02.2018
Ran by ota (25-02-2018 07:02:51)
Running from C:\Users\ota\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2017-04-05 05:35:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-335174678-1145664534-2665916264-500 - Administrator - Disabled)
Guest (S-1-5-21-335174678-1145664534-2665916264-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-335174678-1145664534-2665916264-1002 - Limited - Enabled)
ota (S-1-5-21-335174678-1145664534-2665916264-1000 - Administrator - Enabled) => C:\Users\ota

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.1.2326 - AVAST Software)
COMODO System-Cleaner (HKLM\...\{C4039DC0-905D-4372-8B20-120F0B6CF283}) (Version: 3.0.172695.53 - COMODO)
Dr. Hardware 2009 9.9.2e (HKLM\...\Dr. Hardware 2009 Second Edition_is1) (Version: - Peter A. Gebhard)
DriveTheLife (HKLM\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.2.6.114 - 深圳市驱动人生软件技术有限公司)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM\...\{04442D89-B941-4C8C-B20D-625233B78BB0}) (Version: 12.8.47.1 - HP Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) (HKLM\...\Microsoft .NET Framework 4 Client Profile ITA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile Language Pack - 日本語 (HKLM\...\Microsoft .NET Framework 4 Client Profile JPN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile 한국어 언어 팩 (HKLM\...\Microsoft .NET Framework 4 Client Profile KOR Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile 简体中文语言包 (HKLM\...\Microsoft .NET Framework 4 Client Profile CHS Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile 繁體中文語言套件 (HKLM\...\Microsoft .NET Framework 4 Client Profile CHT Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended - Language Pack (ITA) (HKLM\...\Microsoft .NET Framework 4 Extended ITA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended Language Pack - 日本語 (HKLM\...\Microsoft .NET Framework 4 Extended JPN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended 한국어 언어 팩 (HKLM\...\Microsoft .NET Framework 4 Extended KOR Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended 简体中文语言包 (HKLM\...\Microsoft .NET Framework 4 Extended CHS Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended 繁體中文語言套件 (HKLM\...\Microsoft .NET Framework 4 Extended CHT Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Module linguistique Microsoft .NET Framework 4 Client Profile FRA (HKLM\...\Microsoft .NET Framework 4 Client Profile FRA Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 58.0.2 (x86 cs)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Client Profile PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil) (HKLM\...\Microsoft .NET Framework 4 Extended PTB Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (HKLM\...\Microsoft .NET Framework 4 Client Profile ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (HKLM\...\Microsoft .NET Framework 4 Extended ESN Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Scriba 3 (HKLM\...\{C5ECA2AE-3025-4D83-BA96-94D408756495}) (Version: 3.6.0.8 - Electrox)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5240 - Analog Devices)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.6.2 - Synaptics Incorporated)
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TM-Soft-Examiner Installation V.8.00 (HKLM\...\TM-Soft-Examiner Installation V.8.00) (Version: - TM-Soft)
Viber (HKLM\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-335174678-1145664534-2665916264-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-02-20] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-02-20] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-02-20] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2018-02-20] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EF8A86F-95BC-4A1F-B14A-8B71B7533F37} - System32\Tasks\{848C0AA1-8326-4DC5-917E-A1331B4DCA14} => C:\Windows\system32\pcalua.exe -a "C:\Users\ota\Desktop\NC6400- 2013.09.09.09.19.00\Display\pci_ven_8086&dev_27a2\TVWSetup.exe" -d "C:\Users\ota\Desktop\NC6400- 2013.09.09.09.19.00\Display\pci_ven_8086&dev_27a2"
Task: {0FFA0DD2-D296-4D6F-8136-AF7A626DA0A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {3F68D8D9-B66B-41A0-8866-1775E14B1460} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {438967D4-C236-431E-A748-1072A8CD3DF2} - System32\Tasks\COMODO Updater => C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe [2010-12-09] (COMODO Security Solutions, Inc.)
Task: {4840CB63-9F6E-44AB-9E45-EACC4B96E14C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-01-30] (HP Inc.)
Task: {661FF4CC-8BDC-4352-AE43-0EEF090C8B2D} - System32\Tasks\HPCeeScheduleForota => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-06-24] (HP Inc.)
Task: {69D11FEC-FBA8-4FA9-938E-3178AD450E53} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-12] (Google Inc.)
Task: {7DDC3EF1-FDC3-4CAB-8F96-B00B21EFD3FF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-04-07] (HP Inc.)
Task: {89FFBD98-DFB8-474E-88FA-492AE376EC89} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-02-23] (AVAST Software)
Task: {AB1820F6-8733-45C4-91D7-DEC31BB94C69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-08-12] (Google Inc.)
Task: {AB38EADA-77D6-4CF9-9AA8-BECA4E59A482} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {C7A3B121-20A8-4C33-B688-3F6DE1EC2AE9} - System32\Tasks\{CEEBBED3-9F9D-4C22-9980-24CA0C330C3D} => C:\Windows\system32\pcalua.exe -a C:\Users\ota\Downloads\bi_1_2_0_18\BatteryInfoSetup.exe -d C:\Users\ota\Downloads\bi_1_2_0_18
Task: {CDCC9D84-D614-4E81-9DA4-7A847E663356} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {CF594EC9-1B8E-4104-92BD-9AC3F0F1FA58} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-02-20] (AVAST Software)
Task: {FB9B458D-52F5-4DF9-8882-4525CFEB8B7D} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\COMODO Updater.job => C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe
Task: C:\Windows\Tasks\HPCeeScheduleForota.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-02-20 15:44 - 2018-02-20 15:44 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-02-24 11:30 - 2018-02-24 11:30 - 005822096 _____ () C:\Program Files\AVAST Software\Avast\defs\18022400\algo.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000756952 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000172248 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000963288 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000468696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000339160 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-01-01 13:37 - 2018-01-01 13:37 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000275672 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2010-12-09 13:08 - 2010-12-09 13:08 - 000305600 _____ () C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe
2010-12-09 13:08 - 2010-12-09 13:08 - 000797632 _____ () C:\Program Files\COMODO\COMODO System-Cleaner\CSCDll.dll
2010-12-09 13:09 - 2010-12-09 13:09 - 000537536 _____ () C:\Program Files\COMODO\COMODO System-Cleaner\UtilsDll.dll
2017-07-28 13:43 - 2017-10-17 02:21 - 000186544 _____ () c:\program files\dtlsoft\drivethelife\ldrvsvc.dll
2017-10-19 15:18 - 2017-10-17 02:21 - 000263344 _____ () c:\program files\dtlsoft\drivethelife\updater\checkupdate.dll
2017-07-28 13:43 - 2017-10-17 02:21 - 000169648 _____ () c:\program files\dtlsoft\drivethelife\substat.dll
2017-07-28 13:43 - 2017-10-17 02:21 - 000169648 _____ () c:\program files\dtlsoft\drivethelife\DtlPlug.dll
2017-07-28 13:43 - 2017-10-17 02:21 - 000111280 _____ () c:\program files\dtlsoft\drivethelife\dstudp.dll
2017-07-28 13:43 - 2017-10-17 02:21 - 000123568 _____ () c:\program files\dtlsoft\drivethelife\udp.dll
2018-02-20 15:44 - 2018-02-20 15:44 - 000617688 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2017-12-15 18:12 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-335174678-1145664534-2665916264-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ota\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 188.92.8.18 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\startupfolder: C:^Users^ota^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Examiner8.0 CVB-11 32B.exe.lnk => C:\Windows\pss\Examiner8.0 CVB-11 32B.exe.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ota^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeExaminer8.0.exe.lnk => C:\Windows\pss\FreeExaminer8.0.exe.lnk.Startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9E2FD2CB-A52B-4F7F-A67E-E2B2225324D5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5CDAEE7B-9C26-454B-BC48-117983E45870}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DAE3C5B7-1808-4FC7-B69E-6890734FA068}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{2E4DC489-AC06-4657-8D8C-B1FF28109489}] => (Allow) C:\Program Files\DTLSoft\DriveTheLife\DriveTheLife.exe
FirewallRules: [{E7C69E30-EC7C-4ED7-B05F-BF6343BD8F90}] => (Allow) C:\Program Files\DTLSoft\DriveTheLife\LDrvSvc.dll
FirewallRules: [{4BDF462B-FB0E-4BA8-BE4D-E12F747B4ED2}] => (Allow) C:\Program Files\DTLSoft\DriveTheLife\download\MiniThunderPlatform.exe
FirewallRules: [{4DC4668F-CA67-4E7C-A474-476E0FF1A6A1}] => (Allow) C:\Program Files\DTLSoft\DriveTheLife\DTLService.exe
FirewallRules: [TCP Query User{83712B9F-AB7D-4E06-A478-E7DFFB2980EE}C:\users\ota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{26B15F90-FFD1-4BDA-A57C-69D324A2AF25}C:\users\ota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{036112C1-06E9-470A-958A-3A6A2C9FAAF5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{BD51F21C-7EF1-418D-A3F7-49C39AED1B98}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{4F0919D0-5ACA-428E-9D6F-7BD15840EBA2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AB69034E-5132-4536-B68A-0E7522051A18}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{895EB47C-B8E4-4C5E-88A6-8512E5F950AA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{E730515D-0423-4601-AA3F-6B2FC4A615C7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{45F3939D-5E37-4C14-9C5D-0E34BD745D96}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0AD6E6D6-EFB3-4F59-9AB1-3FAD2EC5EDEE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{E0288DA9-FA7F-44C8-9040-9AF1613E32EE}C:\users\ota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{4118D667-AA42-4FBD-8DEB-94CD36B90416}C:\users\ota\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ota\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{A35337B0-EFAD-4135-9A8F-F16E0ECEEBCA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

03-02-2018 00:50:08 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2018 03:06:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HPSF.exe, verze: 8.5.37.19, časové razítko: 0x59cb6d6e
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.23915, časové razítko: 0x59b94a7d
Kód výjimky: 0xc0000005
Posun chyby: 0x00064971
ID chybujícího procesu: 0x1dc0
Čas spuštění chybující aplikace: 0x01d38d32d87fcde5
Cesta k chybující aplikaci: C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 2aea129d-f934-11e7-a401-0016d4c089df

Error: (01/14/2018 03:06:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: HPSF.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na System.Windows.Media.Composition.DUCE+UnsafeNativeMethods.MilConnection_DestroyChannel(IntPtr)
na System.Windows.Media.Composition.DUCE+Channel.Close()
na System.Windows.Media.MediaSystem.DisconnectTransport()
na System.Windows.Media.MediaSystem.Shutdown(System.Windows.Media.MediaContext)
na System.Windows.Media.MediaContext.Dispose()
na System.Windows.Media.MediaContext.OnDestroyContext(System.Object, System.EventArgs)
na System.EventHandler.Invoke(System.Object, System.EventArgs)
na System.Windows.Threading.Dispatcher.ShutdownImplInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.Dispatcher.ShutdownImpl()
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na HP.SupportAssistant.HPSA_UI.App.Main()

Error: (01/01/2018 12:29:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary wxmjpuez.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (01/01/2018 12:15:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary wxmjpuez.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (01/01/2018 12:15:09 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {1c93039d-a185-4176-b6b9-c32947583fa9}

Error: (12/08/2017 09:16:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 2.1.0.0, časové razítko: 0x523f7ac4
Název chybujícího modulu: msvcrt.dll, verze: 7.0.7601.17744, časové razítko: 0x4eeaf722
Kód výjimky: 0xc0000005
Posun chyby: 0x00013f7c
ID chybujícího procesu: 0xc2c
Čas spuštění chybující aplikace: 0x01d370614848f3ef
Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID zprávy: 9d78be92-dc54-11e7-8671-0016d4c089df

Error: (12/08/2017 09:02:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 2.1.0.0, časové razítko: 0x523f7ac4
Název chybujícího modulu: vlc.exe, verze: 2.1.0.0, časové razítko: 0x523f7ac4
Kód výjimky: 0xc0000005
Posun chyby: 0x000018ad
ID chybujícího procesu: 0x27c
Čas spuštění chybující aplikace: 0x01d3705f4fc7a949
Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta k chybujícímu modulu: C:\Program Files\VideoLAN\VLC\vlc.exe
ID zprávy: a7bc6f26-dc52-11e7-8671-0016d4c089df

Error: (11/28/2017 07:00:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Scriba3.exe, verze: 3.6.0.8, časové razítko: 0x00000000
Název chybujícího modulu: Scriba3.exe, verze: 3.6.0.8, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x001e05c4
ID chybujícího procesu: 0x9b0
Čas spuštění chybující aplikace: 0x01d3686fec39dfe8
Cesta k chybující aplikaci: C:\Program Files\Electrox\Scriba 3\Scriba3.exe
Cesta k chybujícímu modulu: C:\Program Files\Electrox\Scriba 3\Scriba3.exe
ID zprávy: f3645acd-d465-11e7-96f2-0016d4c089df


System errors:
=============
Error: (02/24/2018 09:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (02/24/2018 09:37:44 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (02/24/2018 09:37:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll

Error: (02/24/2018 09:37:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll

Error: (02/24/2018 09:37:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv.dll

Error: (02/24/2018 09:37:21 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (02/24/2018 09:37:21 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (02/24/2018 09:37:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Celeron(R) M CPU 440 @ 1.86GHz
Percentage of memory in use: 38%
Total physical RAM: 3063.43 MB
Available physical RAM: 1891.84 MB
Total Virtual: 6125.18 MB
Available Virtual: 5056.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:33.5 GB) NTFS

\\?\Volume{78df1b02-19c0-11e7-9765-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 568F41D1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Conder]

Doinstaluj vsetky dolezite aktualizacie cez Windows Update.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  VirusTotal: C:\Windows\cscmondump.bin
  File: C:\Windows\cscmondump.bin
  Winlogon\Notify\ScCertProp: wlnotify.dll [X]
  S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  Task: {0EF8A86F-95BC-4A1F-B14A-8B71B7533F37} - System32\Tasks\{848C0AA1-8326-4DC5-917E-A1331B4DCA14} => C:\Windows\system32\pcalua.exe -a "C:\Users\ota\Desktop\NC6400- 2013.09.09.09.19.00\Display\pci_ven_8086&dev_27a2\TVWSetup.exe" -d "C:\Users\ota\Desktop\NC6400- 2013.09.09.09.19.00\Display\pci_ven_8086&dev_27a2"
  Task: {C7A3B121-20A8-4C33-B688-3F6DE1EC2AE9} - System32\Tasks\{CEEBBED3-9F9D-4C22-9980-24CA0C330C3D} => C:\Windows\system32\pcalua.exe -a C:\Users\ota\Downloads\bi_1_2_0_18\BatteryInfoSetup.exe -d C:\Users\ota\Downloads\bi_1_2_0_18
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[tutamilan]

je normalni ze tato "operace" trva uz hodinu a stale neni ukonceno?

[Conder]

Nie je. Skus FRST nasilu ukoncit alebo restartovat PC. Ak sa na ploche vytvoril Fixlog.txt, skopiruj sem jeho obsah.

[tutamilan]

log se nevytvoril,muzu to cele zopakovat?

[Conder]

Ano. Cele by to malo trvat max. 5-10 minut.

[tutamilan]

Fix result of Farbar Recovery Scan Tool (x86) Version: 24.02.2018
Ran by ota (25-02-2018 20:10:51) Run:2
Running from C:\Users\ota\Desktop
Loaded Profiles: ota (Available Profiles: ota)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\Windows\cscmondump.bin
File: C:\Windows\cscmondump.bin
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
Task: {0EF8A86F-95BC-4A1F-B14A-8B71B7533F37} - System32\Tasks\{848C0AA1-8326-4DC5-917E-A1331B4DCA14} => C:\Windows\system32\pcalua.exe -a "C:\Users\ota\Desktop\NC6400- 2013.09.09.09.19.00\Display\pci_ven_8086&dev_27a2\TVWSetup.exe" -d "C:\Users\ota\Desktop\NC6400- 2013.09.09.09.19.00\Display\pci_ven_8086&dev_27a2"
Task: {C7A3B121-20A8-4C33-B688-3F6DE1EC2AE9} - System32\Tasks\{CEEBBED3-9F9D-4C22-9980-24CA0C330C3D} => C:\Windows\system32\pcalua.exe -a C:\Users\ota\Downloads\bi_1_2_0_18\BatteryInfoSetup.exe -d C:\Users\ota\Downloads\bi_1_2_0_18

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\Windows\cscmondump.bin => https://www.virustotal.com/file/9dff4db ... 519571087/

========================= File: C:\Windows\cscmondump.bin ========================

C:\Windows\cscmondump.bin
File not signed
MD5: 9DCFEC7430F208998EEE45A6A34B0B0A
Creation and modification date: 2018-01-01 12:05 - 2018-02-25 18:14
Size: 000018763
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/9dff4db ... 519571087/

====== End of File: ======

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp => not found
Synth3dVsc => service not found.
tsusbhub => service not found.
VGPU => service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EF8A86F-95BC-4A1F-B14A-8B71B7533F37} => not found
"C:\Windows\System32\Tasks\{848C0AA1-8326-4DC5-917E-A1331B4DCA14}" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{848C0AA1-8326-4DC5-917E-A1331B4DCA14} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7A3B121-20A8-4C33-B688-3F6DE1EC2AE9} => not found
"C:\Windows\System32\Tasks\{CEEBBED3-9F9D-4C22-9980-24CA0C330C3D}" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CEEBBED3-9F9D-4C22-9980-24CA0C330C3D} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4984394 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5305396 B
Edge => 0 B
Chrome => 54318085 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
ota => 760499 B

RecycleBin => 1792557223 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:12:08 ====

[Conder]

Vyzera to uz OK. Su este s PC nejake problemy?

Skontroluj velkost plochy (C:\Users\ota\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

[tutamilan]

Vse se zda byt uz mnohem lepsi,hlavne vypinani pc uz netrva 50 minut,ale pouze par minut.Dekuji mnohokrat za vasi pomoc Milan

[Conder]

Nie je zaco, rad som pomohol