Win Vista - zamrznutí

[Ram]

Ahoj, mám prosbu. Počítač se nepravidelně zasekne a na obrazovce zůstane poslední obraz.
Myš se nehýbe, kolečko se netočí, prostě nic jiného než vypnutí na tvrdo nepomůže.
Stolní PC,Win Vista Business, SP2, 32bit.

vůbec netuším kde hledat problém, zda SW nebo HW.
Přikládám výpis z logu. Díky všem za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-10-23 22:19:50
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 178 GB (74%) free of 238 GB
Total RAM: 3326 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:05, on 23.10.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16708)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\notepad.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Admin\Downloads\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0317__yaff
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe" -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files\PDF Architect 2\ws.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 2\crash-handler-ws.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe

--
End of file - 7631 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Admin\AppData\Local\26431\Updater.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"pdf_architect_2_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\PDF Architect 2]
"Description"=
"Path"=C:\Program Files\PDF Architect 2\np-previewer.dll


C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default\searchplugins\
google.xml
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-16 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-05-21 111640]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-07 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-07 175128]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-07 166936]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-28 6134544]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion]
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-10-07 226304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-23 22:19:50 ----D---- C:\rsit
2015-10-23 22:19:50 ----D---- C:\Program Files\trend micro
2015-10-23 06:48:15 ----A---- C:\Windows\system32\ssinstall-uninstall.bat
2015-10-23 06:48:14 ----A---- C:\Windows\system32\ssins.exe
2015-10-20 07:17:35 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-18 20:37:51 ----D---- C:\Program Files\NinjaTrader 7
2015-10-16 08:45:15 ----D---- C:\Program Files\Mozilla Firefox
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 05:46:20 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 05:46:19 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 05:45:11 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-10-15 05:45:11 ----A---- C:\Windows\system32\ntdll.dll
2015-10-15 05:45:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-15 05:44:09 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 09:35:16 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 09:35:16 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 09:35:16 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 09:35:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 09:35:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 09:35:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 09:35:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 09:35:14 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 09:35:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 09:35:13 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 09:35:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-10-14 09:35:12 ----A---- C:\Windows\system32\mshta.exe
2015-10-14 09:35:12 ----A---- C:\Windows\system32\msfeedssync.exe
2015-10-14 09:35:12 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 09:35:12 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 09:35:12 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 09:35:11 ----A---- C:\Windows\system32\url.dll
2015-10-14 09:35:11 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 09:35:11 ----A---- C:\Windows\system32\ieframe.dll
2015-09-29 08:42:07 ----D---- C:\snapshots
2015-09-28 20:10:22 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-10-23 22:20:02 ----D---- C:\Windows\Prefetch
2015-10-23 22:19:54 ----D---- C:\Windows\Temp
2015-10-23 22:19:50 ----RD---- C:\Program Files
2015-10-23 20:59:31 ----D---- C:\Program Files\TeamViewer
2015-10-23 20:57:21 ----A---- C:\Windows\system32\log.txt
2015-10-23 15:27:30 ----D---- C:\Windows\system32\catroot2
2015-10-23 13:28:31 ----SHD---- C:\System Volume Information
2015-10-23 06:48:15 ----D---- C:\Windows\System32
2015-10-20 14:02:38 ----D---- C:\Windows\system32\drivers
2015-10-20 07:18:35 ----D---- C:\Windows\system32\Tasks
2015-10-20 07:17:27 ----D---- C:\Windows
2015-10-19 13:59:41 ----HD---- C:\ProgramData
2015-10-18 20:38:17 ----SHD---- C:\Windows\Installer
2015-10-18 12:44:33 ----RD---- C:\Users
2015-10-16 18:43:51 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-10-15 06:52:43 ----D---- C:\Windows\rescache
2015-10-15 06:34:14 ----D---- C:\Windows\system32\migration
2015-10-15 06:34:13 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 06:34:13 ----D---- C:\Program Files\Internet Explorer
2015-10-15 06:00:24 ----D---- C:\Windows\winsxs
2015-10-15 06:00:12 ----D---- C:\Windows\system32\MRT
2015-10-15 05:48:06 ----A---- C:\Windows\system32\mrt.exe
2015-10-15 05:47:11 ----D---- C:\Windows\system32\catroot
2015-10-14 14:48:20 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-10-13 14:59:11 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2015-10-10 07:07:57 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2015-10-03 15:57:00 ----RSD---- C:\Windows\Fonts
2015-10-03 15:55:38 ----D---- C:\Users\Admin\AppData\Roaming\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-28 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-28 208664]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-28 107984]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-09-28 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-28 789296]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-28 434184]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-28 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-28 76000]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-11-17 5120]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-28 220752]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-09-28 157888]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6032.sys [2010-01-08 191656]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-10-07 6212096]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 vrvd5;vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [2014-11-13 11296]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-09-28 57888]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-28 146600]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2010-05-21 174616]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-10-23 2324216]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-05-21 2071064]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-28 3219136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-06 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-06 107848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [2015-07-31 235696]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-16 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [2014-10-10 1771560]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Márty84]

Zdravim

Jak casto k tomu dochazi, aspon priblizne (jednou za den, jednou za hodinu atd.)?
Stava se to pri urcite cinnosti (treba pri prohlizeni netu)? Nebo zcela nahodne?


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[Ram]

Díky za rychlou reakci.

Stává se nepravidelně, někdy vydrží i hodiny fungovat, občas sekne i po 10minutách.
Podezřívám převážně Firefox a flasplayer.

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Business Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/10/24 10:35:56

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Intel(R) ICH10 Family 6 Port SATA AHCI Controller - 3A02 [ATA]
+ ATA Channel 0 (0)
- Hitachi HDP725025GLA380 ATA Device
+ ATA Channel 1 (1)
- HL-DT-ST DVD-RAM GH10N ATA Device
- ATA Channel 3 (3)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HDP725025GLA380 : 250,0 GB [0/2/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HDP725025GLA380
----------------------------------------------------------------------------
Model : Hitachi HDP725025GLA380
Firmware : GM2OA5NA
Serial Number : GEM264RS26M19M
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 7174 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 42383 hod.
Power On Count : 718 krát
Temparature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : 8080h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _16 000000000000 Počet chyb čtení
02 131 131 _54 000000000092 Průchodnost disku
03 110 110 _24 000300BA00B9 Čas na roztočení ploten
04 100 100 __0 0000000002E1 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 136 136 _20 00000000001B Čas potřebný na vyhledání
09 _94 _94 __0 00000000A58F Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 0000000002CE Počet cyklů zapnutí zařízení
C0 100 100 __0 0000000002ED Počet vypnutí disku
C1 100 100 __0 0000000002ED Počet cyklů načítání/vymazání
C2 166 166 __0 0031000F0024 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 4745 4D32 5253 5253 3236 4D31 394D
020: 0003 380C 0038 474D 324F 4E41 4E41 4869 7461 6368
030: 6920 4844 5037 3235 3032 4C41 4C41 3338 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0044 0040
080: 00FC 0029 346B 7FE9 4063 3C01 3C01 4063 203F 002E
090: 002F 0000 FFFE 0000 8080 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 5A87 5000 CCA3
110: 55DF 30B7 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 000A
130: 0000 0000 2880 0EB1 FE20 4000 4000 0400 0241 0000
140: 0000 0504 0504 0404 0404 0404 0404 5CFF 26E5 1127
150: 8000 0000 3247 4735 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 42A5


Log z Adw Cleaner přidám během pár minut.

[Ram]

# AdwCleaner v5.014 - Logfile created 24/10/2015 at 11:10:56
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows Vista (TM) Business Service Pack 2 (x86)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Admin\Desktop\adwcleaner_5.014.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Elex-tech
[-] Folder Deleted : C:\ProgramData\{5cebfb77-e989-6fb0-5ceb-bfb77e98eddf}
[-] Folder Deleted : C:\Users\Admin\AppData\Local\pdfforge
[-] Folder Deleted : C:\Users\Admin\AppData\Local\FileViewPro
[-] Folder Deleted : C:\Users\Admin\AppData\Local\26431
[-] Folder Deleted : C:\Users\Admin\AppData\Roaming\pdfforge
[-] Folder Deleted : C:\Users\Admin\AppData\Roaming\Solvusoft
[-] Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Common Files\config\uninstinethnfd.exe
[-] File Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default\searchplugins\yahoo.xml
[-] File Deleted : C:\Windows\system32\roboot.exe

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : AmiUpdXp

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\OffersWizard
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\OffersWizard
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\inethnfd
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iSafe
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4F524A2D-5350-4500-76A7-A758B70C1902}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OffersWizard
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PokerStars.net
[!] Key Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\inethnfd

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3108 bytes] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Ram]

Trvalo to přes dvě hodinky

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.10.2015
Čas skenování: 11:34:34
Protokol: MBAM_1.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.24.02
Databáze rootkitů: v2015.10.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Admin

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 479433
Uplynulý čas: 2 hod, 14 min, 2 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 4
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}, , [7f4381d9612ade58e46a62c931d151af],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\dream.capture.1, , [7f4381d9612ade58e46a62c931d151af],
PUP.Optional.Amonetize, HKLM\SOFTWARE\CLASSES\dream.capture, , [7f4381d9612ade58e46a62c931d151af],
PUP.Optional.YahooVNM, HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, , [d3ef61f9f19aa49274a9ec9f927134cc],

Hodnoty registru: 1
PUP.Optional.YahooVNM, HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://search.yahoo.com/search?fr=vmn& ... earchTerms}, , [d3ef61f9f19aa49274a9ec9f927134cc]

Data registru: 1
PUP.Optional.YahooVNM, HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0317__yaff, Dobré: (www.google.com), Špatné: (https://www.yahoo.com/?fr=vmn&type=vmn_ ... 0317__yaff),,[b9098eccbfcc9d99537177bc62a2f10f]

Složky: 1
PUP.Optional.OffersWizard, C:\Program Files\Common Files\Config, , [d7eb5ffb9eed7abc9bb475fc18ebc937],

Soubory: 9
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\Program Files\Common Files\config\uninstinethnfd.exe.vir, , [12b069f14546c96dfa62cba432cf827e],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\Users\Admin\AppData\Local\26431\Updater.exe.vir, , [7f4364f6b9d22511adc07bb4cd33649c],
PUP.Optional.Seznam, C:\Users\Admin\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe, , [279b54061d6ebe78e272a4f7c63aef11],
PUP.Optional.Bundle, C:\Users\Admin\Downloads\flashplayer-lista-centrumcz.exe, , [e6dc12482e5dfe38b57dea23a65b19e7],
FraudTool.YAC, C:\Users\Admin\Downloads\yet_another_cleaner_sk_390399.exe, , [9d25a4b689027cba15e694b93aca03fd],
PUP.Optional.Bundle, C:\Users\Admin\Downloads\adobeacrobatreader-lista-centrumcz(1).exe, , [863c7fdb662595a1f141a4694bb653ad],
PUP.Optional.Bundle, C:\Users\Admin\Downloads\adobeacrobatreader-lista-centrumcz.exe, , [d9e961f92665f244dd55ee1f956c8977],
PUP.Optional.OffersWizard, C:\Program Files\Common Files\Config\ver.xml, , [d7eb5ffb9eed7abc9bb475fc18ebc937],
PUP.Optional.OffersWizard, C:\Program Files\Common Files\Config\data.xml, , [d7eb5ffb9eed7abc9bb475fc18ebc937],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[Ram]

Sakra, zapomněl jsem dát uložit test (po více jak dvou hodinách) Podezřelých 0.
Mám ho spustit ještě jednou?

[Ram]

Takže znova a lépe.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.10.2015
Čas skenování: 17:30:51
Protokol: MBAM_2.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.25.02
Databáze rootkitů: v2015.10.23.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Admin

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 483962
Uplynulý čas: 3 hod, 19 min, 4 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

MBAM muzete odinstalovat.

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[Ram]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-10-26 08:18:39
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 177 GB (74%) free of 238 GB
Total RAM: 3326 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:19:01, on 26.10.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16708)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Admin\Desktop\Radek\Tor Browser\Browser\firefox.exe
C:\Users\Admin\Desktop\Radek\Tor Browser\Browser\TorBrowser\Tor\tor.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Admin\Desktop\Oprava PC\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe" -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files\PDF Architect 2\ws.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 2\crash-handler-ws.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe

--
End of file - 9042 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"pdf_architect_2_conv@pdfarchitect.org"=C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\PDF Architect 2]
"Description"=
"Path"=C:\Program Files\PDF Architect 2\np-previewer.dll


C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default\searchplugins\
google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-16 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-05-21 111640]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-10-07 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-10-07 175128]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-10-07 166936]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-28 6134544]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-08-04 597552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion]
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-10-07 226304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-25 21:06:30 ----A---- C:\MBAM_2.txt
2015-10-24 12:49:40 ----A---- C:\MBAM_1.txt
2015-10-24 10:32:28 ----D---- C:\ProgramData\Malwarebytes
2015-10-24 10:08:06 ----D---- C:\AdwCleaner
2015-10-23 21:19:50 ----D---- C:\rsit
2015-10-23 21:19:50 ----D---- C:\Program Files\trend micro
2015-10-23 05:48:15 ----A---- C:\Windows\system32\ssinstall-uninstall.bat
2015-10-23 05:48:14 ----A---- C:\Windows\system32\ssins.exe
2015-10-20 06:17:35 ----A---- C:\Windows\system32\aswBoot.exe
2015-10-18 19:37:51 ----D---- C:\Program Files\NinjaTrader 7
2015-10-16 07:45:15 ----D---- C:\Program Files\Mozilla Firefox
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 04:46:20 ----A---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 04:46:19 ----A---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 04:45:11 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-10-15 04:45:11 ----A---- C:\Windows\system32\ntdll.dll
2015-10-15 04:45:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-15 04:44:09 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 08:35:16 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 08:35:16 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 08:35:16 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 08:35:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 08:35:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 08:35:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 08:35:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 08:35:14 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 08:35:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 08:35:13 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 08:35:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-10-14 08:35:12 ----A---- C:\Windows\system32\mshta.exe
2015-10-14 08:35:12 ----A---- C:\Windows\system32\msfeedssync.exe
2015-10-14 08:35:12 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 08:35:12 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 08:35:12 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 08:35:11 ----A---- C:\Windows\system32\url.dll
2015-10-14 08:35:11 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 08:35:11 ----A---- C:\Windows\system32\ieframe.dll
2015-09-29 07:42:07 ----D---- C:\snapshots
2015-09-28 19:10:22 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2015-10-26 08:18:45 ----D---- C:\Windows\Temp
2015-10-26 08:18:43 ----D---- C:\Windows\Prefetch
2015-10-26 08:15:13 ----RD---- C:\Program Files
2015-10-26 08:15:12 ----D---- C:\Windows\system32\drivers
2015-10-26 03:10:59 ----SHD---- C:\System Volume Information
2015-10-25 18:08:36 ----D---- C:\Program Files\TeamViewer
2015-10-25 13:09:40 ----D---- C:\Windows\System32
2015-10-25 13:09:40 ----D---- C:\Windows\inf
2015-10-25 13:09:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-25 13:06:39 ----A---- C:\Windows\system32\log.txt
2015-10-25 13:03:38 ----D---- C:\Windows\L2Schemas
2015-10-25 09:51:38 ----D---- C:\Windows\PolicyDefinitions
2015-10-25 09:48:02 ----D---- C:\Program Files\Common Files
2015-10-24 10:32:28 ----HD---- C:\ProgramData
2015-10-24 10:24:10 ----D---- C:\Users\Admin\AppData\Roaming\vlc
2015-10-23 14:27:30 ----D---- C:\Windows\system32\catroot2
2015-10-20 06:18:35 ----D---- C:\Windows\system32\Tasks
2015-10-20 06:17:27 ----D---- C:\Windows
2015-10-18 19:38:17 ----SHD---- C:\Windows\Installer
2015-10-18 11:44:33 ----RD---- C:\Users
2015-10-16 17:43:51 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-10-15 05:52:43 ----D---- C:\Windows\rescache
2015-10-15 05:34:14 ----D---- C:\Windows\system32\migration
2015-10-15 05:34:13 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 05:34:13 ----D---- C:\Program Files\Internet Explorer
2015-10-15 05:00:24 ----D---- C:\Windows\winsxs
2015-10-15 05:00:12 ----D---- C:\Windows\system32\MRT
2015-10-15 04:48:06 ----A---- C:\Windows\system32\mrt.exe
2015-10-15 04:47:11 ----D---- C:\Windows\system32\catroot
2015-10-14 13:48:20 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-10-10 06:07:57 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2015-10-03 14:57:00 ----RSD---- C:\Windows\Fonts
2015-10-03 14:55:38 ----D---- C:\Users\Admin\AppData\Roaming\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-28 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-28 208664]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-28 107984]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2015-09-28 55200]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-28 789296]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-28 434184]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-28 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-28 76000]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-11-17 5120]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-28 220752]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2015-09-28 157888]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6032.sys [2010-01-08 191656]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-10-07 6212096]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2008-01-21 45624]
R3 vrvd5;vrvd5; C:\Windows\system32\DRIVERS\vrvd5.sys [2014-11-13 11296]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2015-09-28 57888]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-28 146600]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2010-05-21 174616]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-10-23 2324216]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-05-21 2071064]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-28 3219136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-06 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-06 107848]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [2015-07-31 235696]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-16 147624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PDF Architect 2;PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [2014-10-10 1771560]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-11 772296]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]

-----------------EOF-----------------

[Ram]

A ještě ten FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-10-2015 02
Ran by Admin (administrator) on ADMIN-PC (26-10-2015 08:31:39)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Guest)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Users\Admin\Desktop\Radek\Tor Browser\Browser\firefox.exe
() C:\Users\Admin\Desktop\Radek\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-05-21] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-28] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\...\MountPoints2: {10739d94-d791-11dd-8ef9-806e6f6e6963} - D:\hbcd\wintools\autorun.exe
HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-28] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.122.0.1 10.122.0.3
Tcpip\..\Interfaces\{9C2AA485-A9C4-4BB7-8011-A211EF514387}: [DhcpNameServer] 10.122.0.1 10.122.0.3

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2812501099-2658016741-2431437663-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2812501099-2658016741-2431437663-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-16] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-16] (Oracle Corporation)
Toolbar: HKLM - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default
FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0317__yaff
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.seznam.cz/
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "198.71.82.108"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "198.71.82.108"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "198.71.82.108"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "198.71.82.108"
FF NetworkProxy: "ssl_port", 3128
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-16] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin: PDF Architect 2 -> C:\Program Files\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2812501099-2658016741-2431437663-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Extension: Check4Change - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5zg6t03q.default\Extensions\check4change-owner@mozdev.org.xpi [2015-09-14] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-11-13] [not signed]
FF HKLM\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-03-17] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-20] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-06]
CHR Extension: (Dokumenty Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Tabulky Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-10]
CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-16]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-28] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3219136 2015-09-28] (Avast Software)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [235696 2015-07-31] (McAfee, Inc.)
S3 PDF Architect 2; C:\Program Files\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 ssinstall; C:\Windows\System32\ssins.exe [2324216 2015-10-23] (PS Media s.r.o.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2071064 2010-05-21] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-09-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [789296 2015-09-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [434184 2015-09-28] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [157888 2015-09-28] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-09-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-28] (AVAST Software)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [191656 2010-01-08] (Intel Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [107984 2015-09-28] (AVAST Software)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-09-28] (Avast Software)
R3 vrvd5; C:\Windows\System32\DRIVERS\vrvd5.sys [11296 2014-11-13] (Rsupport Corporation)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 08:31 - 2015-10-26 08:32 - 00017599 _____ C:\Users\Admin\Desktop\FRST.txt
2015-10-26 08:30 - 2015-10-26 08:31 - 00000000 ____D C:\FRST
2015-10-26 08:27 - 2015-10-26 08:28 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2015-10-26 08:24 - 2015-10-26 08:24 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Downloads\Nepotvrzeno 605.crdownload
2015-10-26 08:22 - 2015-10-26 08:22 - 01701376 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2015-10-25 21:06 - 2015-10-25 21:06 - 00001166 _____ C:\MBAM_2.txt
2015-10-24 12:49 - 2015-10-24 12:49 - 00003469 _____ C:\MBAM_1.txt
2015-10-24 10:32 - 2015-10-24 10:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-24 10:23 - 2015-10-24 10:24 - 00000000 ____D C:\Users\Admin\Desktop\Rock Balads
2015-10-24 10:19 - 2015-10-26 08:25 - 00000000 ____D C:\Users\Admin\Desktop\Oprava PC
2015-10-24 10:08 - 2015-10-24 10:11 - 00000000 ____D C:\AdwCleaner
2015-10-23 21:19 - 2015-10-26 08:18 - 00000000 ____D C:\Program Files\trend micro
2015-10-23 21:19 - 2015-10-23 21:20 - 00000000 ____D C:\rsit
2015-10-23 21:15 - 2015-10-23 21:15 - 00112107 _____ (forum.viry.cz) C:\Users\Admin\Downloads\Nepotvrzeno 454156.crdownload
2015-10-23 05:48 - 2015-10-25 13:04 - 00000000 _____ C:\Windows\system32\sinstall.log
2015-10-23 05:48 - 2015-10-23 05:48 - 02324216 _____ (PS Media s.r.o.) C:\Windows\system32\ssins.exe
2015-10-23 05:48 - 2015-10-23 05:48 - 00000079 _____ C:\Windows\system32\ssinstall-uninstall.bat
2015-10-20 06:17 - 2015-09-28 19:10 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-20 06:04 - 2015-10-20 06:04 - 05693008 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online(2).exe
2015-10-20 05:28 - 2015-10-20 05:28 - 05693008 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-10-18 19:43 - 2015-10-18 19:43 - 00000107 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-10-18 19:38 - 2015-10-18 19:38 - 00001904 _____ C:\Users\Public\Desktop\NinjaTrader 7.lnk
2015-10-18 19:38 - 2015-10-18 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NinjaTrader 7
2015-10-18 19:37 - 2015-10-18 19:43 - 00000000 ____D C:\Users\Admin\Documents\NinjaTrader 7
2015-10-18 19:37 - 2015-10-18 19:37 - 00000000 ____D C:\Users\Admin\Documents\NinjaTrader Backup
2015-10-18 19:37 - 2015-10-18 19:37 - 00000000 ____D C:\Program Files\NinjaTrader 7
2015-10-18 11:46 - 2015-10-18 11:46 - 00000949 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-18 11:46 - 2015-10-18 11:46 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2015-10-18 11:45 - 2015-10-18 11:45 - 00000944 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-18 11:45 - 2015-10-18 11:45 - 00000915 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-10-18 11:44 - 2015-10-18 11:45 - 00000000 ____D C:\Users\Guest
2015-10-18 11:44 - 2015-10-18 11:44 - 00000020 ___SH C:\Users\Guest\ntuser.ini
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Šablony
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Soubory cookie
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Okolní tiskárny
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Okolní síť
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Nabídka Start
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Dokumenty
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Documents\Obrázky
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Documents\Hudba
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Documents\Filmy
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\Data aplikací
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\AppData\Local\Historie
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 _SHDL C:\Users\Guest\AppData\Local\Data aplikací
2015-10-18 11:44 - 2015-10-18 11:44 - 00000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2015-10-18 11:44 - 2008-01-21 03:43 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-18 11:44 - 2008-01-21 03:43 - 00000000 ___RD C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-16 07:45 - 2015-10-16 17:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-10-15 04:46 - 2015-07-18 14:14 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-15 04:46 - 2015-07-18 14:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-15 04:45 - 2015-09-28 18:17 - 01206192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-15 04:45 - 2015-09-26 17:09 - 03606464 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-10-15 04:45 - 2015-09-26 17:09 - 03554240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-15 04:44 - 2015-07-29 01:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 08:35 - 2015-09-11 08:22 - 01814016 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 08:35 - 2015-09-11 08:21 - 12388352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 08:35 - 2015-09-11 08:19 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 08:35 - 2015-09-11 08:17 - 09751552 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 08:35 - 2015-09-11 08:16 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 08:35 - 2015-09-11 08:16 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 08:35 - 2015-09-11 08:15 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 08:35 - 2015-09-11 08:15 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 08:35 - 2015-09-11 08:14 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 08:35 - 2015-09-11 08:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-10-14 08:35 - 2015-09-11 08:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-10-14 08:35 - 2015-09-11 08:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-10-13 14:05 - 2015-10-13 14:05 - 00000850 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2015-10-06 05:29 - 2015-10-26 08:29 - 00000000 ____D C:\Users\Admin\Desktop\Plocha
2015-10-03 16:05 - 2015-10-06 05:18 - 00000000 ____D C:\Users\Admin\AppData\Local\Unity
2015-10-03 16:05 - 2015-10-03 19:27 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Unity
2015-10-03 14:59 - 2015-10-03 14:59 - 00000000 ____D C:\Users\Admin\AppData\Local\TeamViewer
2015-10-03 14:56 - 2015-10-03 14:56 - 00000840 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-03 14:56 - 2015-10-03 14:56 - 00000828 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-09-29 07:42 - 2015-09-30 05:03 - 00000000 ____D C:\snapshots
2015-09-28 19:10 - 2015-09-28 19:10 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 08:21 - 2015-05-06 09:31 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 07:49 - 2014-11-03 17:06 - 01332384 _____ C:\Windows\WindowsUpdate.log
2015-10-26 07:05 - 2006-11-02 13:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 07:05 - 2006-11-02 13:47 - 00003664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-25 23:24 - 2015-07-23 13:12 - 00000000 ____D C:\Users\Admin\Desktop\Radek
2015-10-25 18:08 - 2014-11-11 10:35 - 00000000 ____D C:\Program Files\TeamViewer
2015-10-25 16:21 - 2015-05-06 09:31 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-25 13:09 - 2009-04-13 10:21 - 01530430 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-25 13:04 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-25 13:03 - 2015-09-05 13:32 - 00028264 _____ C:\Windows\PFRO.log
2015-10-25 13:03 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\L2Schemas
2015-10-25 13:02 - 2006-11-02 14:01 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-24 10:24 - 2014-11-06 12:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-10-23 21:28 - 2015-05-06 09:33 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-21 15:21 - 2015-07-23 13:26 - 00000000 ____D C:\Users\Admin\Desktop\Zápas
2015-10-20 06:51 - 2015-08-17 21:14 - 00000000 ____D C:\Users\Admin\AppData\Local\{D068F889-6ECC-42B4-ACE1-51F0FA2AC940}
2015-10-20 06:51 - 2015-08-14 21:15 - 00000000 ____D C:\Users\Admin\AppData\Local\{B33D22E7-9B49-488A-AA61-3272A8135218}
2015-10-20 06:51 - 2015-08-06 21:14 - 00000000 ____D C:\Users\Admin\AppData\Local\{17BDBED6-9F48-48B1-BC6C-79E1F73356BE}
2015-10-20 06:51 - 2015-08-02 21:14 - 00000000 ____D C:\Users\Admin\AppData\Local\{F7A4165C-13B4-4D41-9BD7-9FF8CCFB7016}
2015-10-20 06:51 - 2015-07-31 05:47 - 00000000 ____D C:\Users\Admin\AppData\Local\{6E99FBE3-0D85-47DD-84C1-D7B708D31DDC}
2015-10-20 06:51 - 2015-07-30 05:05 - 00000000 ____D C:\Users\Admin\AppData\Local\{CB079492-540E-48E6-A96D-C2A38CBEC327}
2015-10-20 06:51 - 2015-07-26 21:14 - 00000000 ____D C:\Users\Admin\AppData\Local\{807E8D34-37FC-49ED-9E1E-8BC07B24DB03}
2015-10-20 06:51 - 2015-07-23 21:14 - 00000000 ____D C:\Users\Admin\AppData\Local\{06DF5F65-4FE4-43FB-B159-65288C86C165}
2015-10-20 06:18 - 2015-09-16 10:11 - 00001829 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-20 05:38 - 2015-07-25 14:03 - 00000000 ____D C:\Users\Admin\.gimp-2.8
2015-10-19 05:56 - 2014-11-06 12:38 - 00000000 ____D C:\Users\Admin\Desktop\Složky
2015-10-16 17:43 - 2014-11-06 12:03 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-10-15 14:06 - 2015-09-20 19:29 - 00000000 ____D C:\Users\Admin\Desktop\Foto
2015-10-15 05:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2015-10-15 05:00 - 2014-11-20 18:22 - 00000000 ____D C:\Windows\system32\MRT
2015-10-15 04:48 - 2006-11-02 11:24 - 141105520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-10-15 04:39 - 2014-11-06 12:24 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-14 13:48 - 2014-11-06 12:31 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2015-10-14 13:48 - 2014-11-06 12:24 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-10-14 13:48 - 2014-11-06 12:24 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-10-13 13:54 - 2015-08-24 08:50 - 00000000 ____D C:\Users\Admin\Desktop\Databáze
2015-10-06 05:19 - 2006-11-02 13:47 - 00440800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-03 19:13 - 2009-01-01 00:26 - 00116056 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-03 14:55 - 2015-03-10 10:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TeamViewer
2015-09-28 19:10 - 2015-09-16 10:10 - 00789296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00434184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00157888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00107984 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-28 19:10 - 2015-09-16 10:10 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys

==================== Files in the root of some directories =======

2009-01-01 00:26 - 2014-11-03 17:43 - 0000680 _____ () C:\Users\Admin\AppData\Local\d3d9caps.dat
2014-12-14 22:55 - 2015-09-20 19:14 - 0027648 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-13 14:05 - 2015-10-13 14:05 - 0000850 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-10-18 19:43 - 2015-10-18 19:43 - 0000107 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Admin\AppData\Local\Temp\ssins.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Admin\Desktop" je 10056 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Admin\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Admin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion
C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter
Re�im ECHO je vypnut.


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Vypnete trvale Windows Defender.

Odinstalujte McAfee Security Scan.


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Admin\Desktop" je 10056 MB.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2812501099-2658016741-2431437663-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

FF NewTab: hxxps://www.yahoo.com/?fr=vmn&type=vmn_ ... 0317__yaff
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "198.71.82.108"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "198.71.82.108"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "198.71.82.108"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "198.71.82.108"
FF NetworkProxy: "ssl_port", 3128

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [235696 2015-07-31] (McAfee, Inc.)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-06 107848]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-06 107848]

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Web Companion

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.




20.2. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975