VIRY.CZ

Dobrý den, prosím o kontrolu logu. Mám velmi pomalé PC,nejde už skoro oni běžné věci jako internet a Word. Vše se strašně seká. Jedná se o Acer aspire ONE. Vím že se o tom nedá říci že je to PC ale používáme to jen na internet, poslední dobou už ale moc nejde.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Monča at 2016-03-13 19:25:28
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 133 GB (45%) free of 292 GB
Total RAM: 1012 MB (22% free)

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default

prefs.js - "browser.startup.homepage" - "http://www.mystartsearch.com/?type=hp&t ... AJASTAJAST"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-03 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-30 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-30 168960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-30 161280]
"GfxServiceInstall"=C:\Windows\system32\GfxCUIServiceInstall.vbs [2011-12-30 131]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-05-18 10082920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-06 5515496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON SX125 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [2012-10-20 200704]
"EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII3E.EXE [2012-02-27 249440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-12-30 224768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-13 19:14:50 ----D---- C:\Program Files\trend micro
2016-03-13 19:14:44 ----D---- C:\rsit
2016-03-13 17:18:56 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-03-13 17:06:46 ----D---- C:\Windows\OEMTemp
2016-02-24 18:38:42 ----SHD---- C:\found.004

======List of files/folders modified in the last 1 month======

2016-03-13 19:25:37 ----D---- C:\Windows\Temp
2016-03-13 19:14:50 ----D---- C:\Program Files
2016-03-13 19:14:25 ----D---- C:\Windows\system32\config
2016-03-13 19:04:55 ----D---- C:\Windows
2016-03-13 19:04:41 ----D---- C:\Program Files\Acer
2016-03-13 18:47:29 ----D---- C:\Windows\inf
2016-03-13 18:47:16 ----D---- C:\Windows\Minidump
2016-03-13 18:35:29 ----SHD---- C:\System Volume Information
2016-03-13 17:19:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-03-13 17:18:56 ----D---- C:\Windows\System32
2016-03-13 17:14:24 ----SHD---- C:\Windows\Installer
2016-03-13 17:14:24 ----RSD---- C:\Windows\assembly
2016-03-13 17:12:36 ----D---- C:\Users\Monča\AppData\Roaming\SoftGrid Client
2016-03-13 17:08:23 ----HD---- C:\Program Files\InstallShield Installation Information
2016-03-13 17:06:48 ----D---- C:\Windows\system32\Tasks
2016-03-13 17:04:16 ----HD---- C:\ProgramData
2016-03-13 16:55:37 ----D---- C:\Windows\Prefetch
2016-03-13 16:55:21 ----D---- C:\ProgramData\WildTangent
2016-03-13 16:54:14 ----D---- C:\Program Files\WildTangent Games
2016-03-13 16:50:59 ----D---- C:\Users\Monča\AppData\Roaming\ICQ
2016-03-13 16:47:39 ----D---- C:\Windows\system32\FxsTmp
2016-03-03 19:03:31 ----D---- C:\Program Files\Opera
2016-02-28 14:22:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-28 03:03:49 ----D---- C:\Windows\winsxs
2016-02-28 03:03:39 ----SD---- C:\Windows\system32\GWX
2016-02-27 17:57:02 ----D---- C:\Users\Monča\AppData\Roaming\vlc
2016-02-25 16:23:59 ----D---- C:\Windows\system32\catroot2
2016-02-16 15:35:32 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-03 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-03 209048]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-03 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-03 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-06 428120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-06 242240]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-12-16 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-12-16 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-12-16 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-03 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-03 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-03 106912]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-08-18 4268096]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2011-12-30 1338368]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-12-30 418816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-05-18 3501032]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-03 343336]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-04-29 1564368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-13 269504]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-01 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Zdravim

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\Program Files (x86)\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Starter SP1 [6.1 Build 7601] (x86)
Date : 2016/03/13 20:44:27

-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- WDC WD3200BPVT-22JJ5T0

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BPVT-22JJ5T0 : 320,0 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD3200BPVT-22JJ5T0
----------------------------------------------------------------------------
Model : WDC WD3200BPVT-22JJ5T0
Firmware : 01.01A01
Serial Number : WD-WXK1E81AJAST
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 8492 hod.
Power On Count : 2487 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 145 117 _21 0000000006AC Čas na roztočení ploten
04 _86 _86 __0 0000000038A2 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _89 _89 __0 00000000212C Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 0000000009B7 Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000056E Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 00000000008F Počet vypnutí disku
C1 112 112 __0 000000040952 Počet cyklů načítání/vymazání
C2 107 _75 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4B31 4538 3141 4A41 5354
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3332 3030 4250 5654 2D32 324A 4A35 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 0044 0044
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 0029
090: 0029 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 0212 9651 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0167 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8DA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 91 75 AC 06 00 00 00 00 00 04 32 00 56 56 A2
020: 38 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 59 59 2C 21 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 B7 09 00 00 00 00 00 BF 32
070: 00 01 01 6E 05 00 00 00 00 00 C0 32 00 C8 C8 8F
080: 00 00 00 00 00 00 C1 32 00 70 70 52 09 04 00 00
090: 00 00 C2 22 00 6B 4B 24 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 A4 1F 01 7B
170: 03 00 01 00 02 52 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DC

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE

# AdwCleaner v5.102 - Logfile created 13/03/2016 at 20:51:14
# Updated 13/03/2016 by Xplode
# Database : 2016-03-13.2 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : Monča - MONČA-PC
# Running from : C:\Users\Monča\Downloads\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : Guard.Mail.ru

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Guard-ICQ
[-] Folder Deleted : C:\ProgramData\IHProtectUpDate
[-] Folder Deleted : C:\Users\Monča\Documents\PC Speed Maximizer

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Opera.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\Mail.Ru
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\IHProtect
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SupTab
[-] Key Deleted : HKLM\SOFTWARE\Mail.Ru
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[#] Value Deleted : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?type=nt&ts= ... AJASTAJAST");
[-] [C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[-] [C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=14297 ... AJASTAJAST");
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mystartsearch
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14297 ... AJASTAJAST
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14297 ... AJASTAJAST

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [8212 bytes] - [13/03/2016 20:51:14]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [13165 bytes] - [13/03/2016 20:46:56]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [8387 bytes] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

test jsem provedl už 2x , jeden trval celou noc. našlo to jednu věc, jenom nevím kam se to uložilo. mám ho provést znovu?

Ulozeno by to melo byt v protokolech. Nevite aspon priblizne co to bylo? Pokud ne, zopakujte ten test. Potrebuju vedet co to je a umisteni. Kdyz to tam nechame, muze to delat problemy.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.3.2016
Čas skenování: 4:21
Protokol: malvare.txt
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2016.03.23.01
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Monča

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 322607
Uplynulý čas: 27 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Tohle je jen sken hrozeb, ten nekontroluje cely pocitac. Musite udelat Vlastni sken vsech disku.

nevím co dělám špatně ale nejde mi to ukončit

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 9.4.2016 0:32, SYSTEM, MONČA-PC, Scheduler, program, 2.2.0.1024, 2.2.1.0,
Update, 9.4.2016 0:32, SYSTEM, MONČA-PC, Scheduler, Malware Database, 2016.4.8.5, 2016.4.8.6,
Update, 9.4.2016 0:35, SYSTEM, MONČA-PC, Scheduler, program, 2.2.0.1024, 2.2.1.0,
Error, 9.4.2016 0:57, SYSTEM, MONČA-PC, Protection, IsLicensed, 13,
Protection, 9.4.2016 0:57, SYSTEM, MONČA-PC, Protection, Malware Protection, Stopping,
Protection, 9.4.2016 0:57, SYSTEM, MONČA-PC, Protection, Malware Protection, Stopped,
Update, 9.4.2016 1:24, SYSTEM, MONČA-PC, Scheduler, program, 2.2.0.1024, 2.2.1.0,

(end)

Zkuste to spustit v nouzovem rezimu.

Kdyby to neslo ani v nem...

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

tak se snad povedlo

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9.4.2016
Čas skenování: 15:29
Protokol: xxxx.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.04.09.03
Databáze rootkitů: v2016.04.03.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Monča

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 442860
Uplynulý čas: 3 hod, 11 min, 57 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [d0f74864debb0531228342060103ec14],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[8245c7e5465339fdb9d236f825e0f50b]

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
PUP.Optional.Delta.ShrtCln, C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml, , [398ecfdd38618fa742c7ae9a08fbf20e],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Monča\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.mystartsearch.com_0.localstorage, , [76513973623769cd33903c16b35125db],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Monča\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [06c1d6d6128742f4ad1693bf18ece917],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Vsechny nalezy nechte odstranit, pak muzete MBAM odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Monča (administrator) on MONČA-PC (10-04-2016 13:14:28)
Running from C:\Users\Monča\AppData\Local\Temp\scoped_dir4900_22764
Loaded Profiles: Monča (Available Profiles: Monča)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Farbar) C:\Users\Monča\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-06] (Avast Software s.r.o.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\Run: [EPSON SX125 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [200704 2012-10-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: D - D:\Setup.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {449f98ad-281e-11e2-a9f4-047d7b53ce8d} - D:\Setup.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {5d5cb478-6a56-11e5-9ea3-047d7b53ce8d} - E:\autorun.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {5d5cb481-6a56-11e5-9ea3-047d7b53ce8d} - E:\autorun.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {d2c14209-1e91-11e2-bd3e-047d7b53ce8d} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-03] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3651929139-1614469722-131421925-1000] => http=;ftp=;https=;
AutoConfigURL: [S-1-5-21-3651929139-1614469722-131421925-1000] => http=;ftp=;https=;
Winsock: Catalog5 05 C:\Windows\system32\networkdlllsp.dll [433520 2015-01-15] (Network Tunnel Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.125
Tcpip\..\Interfaces\{9EB73F6F-EA0A-4BAD-A04B-ADED5CBAFCC3}: [DhcpNameServer] 192.168.100.125
Tcpip\..\Interfaces\{D5EC3A30-57FB-4732-BDCA-4EBD8CDAA6C1}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3651929139-1614469722-131421925-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3651929139-1614469722-131421925-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-03] (Avast Software s.r.o.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-30]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Disk Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-28]
CHR Extension: (YouTube) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (Avast Online Security) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-03] (Avast Software s.r.o.)
S3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. )
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-07-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-07-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-07-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-07-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-06] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-07-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-07-03] ()
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2011-12-16] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2011-12-16] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2011-12-16] (Egis Technology Inc.)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-10 13:14 - 2016-04-10 13:14 - 00000000 ____D C:\FRST
2016-04-10 13:13 - 2016-04-10 13:13 - 01725440 _____ (Farbar) C:\Users\Monča\Downloads\FRST (1).exe
2016-04-10 13:12 - 2016-04-10 13:12 - 00112640 _____ (forum.viry.cz) C:\Users\Monča\Downloads\FRSTLauncher.exe
2016-04-10 13:08 - 2016-04-10 13:08 - 01725440 _____ (Farbar) C:\Users\Monča\Downloads\FRST.exe
2016-04-10 09:56 - 2016-04-10 12:55 - 00206734 _____ C:\Windows\ntbtlog.txt
2016-04-09 20:51 - 2016-04-09 20:51 - 00001998 _____ C:\Users\Monča\Desktop\xxxx.txt
2016-04-09 20:49 - 2016-04-09 20:49 - 00001997 _____ C:\xxx.txt
2016-04-09 01:44 - 2016-04-09 01:44 - 00000655 _____ C:\Users\Monča\Desktop\uz.txt
2016-04-09 01:41 - 2016-04-09 01:41 - 00002072 _____ C:\uu.txt
2016-04-09 01:35 - 2016-04-09 01:35 - 00000655 _____ C:\Users\Monča\Desktop\i.txt
2016-03-26 00:25 - 2016-03-26 00:25 - 00000020 _____ C:\Windows\@÷6
2016-03-23 07:04 - 2016-03-23 07:04 - 00001151 _____ C:\Users\Monča\Desktop\malvare.txt
2016-03-15 21:33 - 2016-02-12 20:39 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-15 21:33 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-15 21:33 - 2016-02-12 20:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-15 21:33 - 2016-02-12 20:07 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-15 21:33 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-15 21:33 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-15 21:33 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-15 21:33 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-15 21:33 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-15 21:33 - 2016-02-11 20:44 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-15 21:33 - 2016-02-11 20:44 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-15 21:33 - 2016-02-11 20:41 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-15 21:33 - 2016-02-11 20:37 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-15 21:33 - 2016-02-11 20:37 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-15 21:33 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-15 21:33 - 2016-02-11 20:33 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-15 21:33 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-15 21:33 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-15 21:33 - 2016-02-11 19:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-15 21:33 - 2016-02-11 19:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-15 21:33 - 2016-02-11 19:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-15 21:33 - 2016-02-09 11:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-15 21:33 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-15 21:33 - 2016-02-04 19:46 - 02387456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-15 21:33 - 2016-02-03 19:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-15 21:32 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-15 21:32 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-15 21:32 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-15 21:32 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-15 21:32 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-15 21:32 - 2016-02-11 20:31 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-15 21:32 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-15 21:32 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-15 21:32 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-15 21:32 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-15 21:32 - 2016-02-11 19:37 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-15 21:32 - 2016-02-11 19:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-15 21:32 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-15 21:32 - 2016-02-11 19:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-15 21:32 - 2016-02-11 19:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-15 21:32 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-15 21:32 - 2016-02-03 20:49 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-15 21:32 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-15 21:29 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-15 21:29 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-15 21:29 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-15 21:29 - 2016-02-08 22:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-15 21:29 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-15 21:29 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-15 21:29 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-15 21:29 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-15 21:29 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-15 21:29 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-15 21:29 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-15 21:29 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-15 21:29 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-15 21:29 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-15 21:29 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-15 21:29 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-15 21:29 - 2016-02-08 22:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-15 21:29 - 2016-02-08 22:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-15 21:29 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-15 21:29 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-15 21:29 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-15 21:29 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-15 21:29 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-15 21:29 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-15 21:29 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-15 21:29 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-15 21:29 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-15 21:29 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-15 21:29 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-15 21:29 - 2016-02-08 22:02 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-15 21:29 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-15 21:29 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-15 21:29 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-15 21:29 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-15 21:29 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-15 21:28 - 2016-02-19 20:50 - 00034240 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-15 21:28 - 2016-02-19 20:41 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-15 21:28 - 2016-02-19 16:07 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-15 21:28 - 2016-02-11 16:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-15 21:28 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-15 21:28 - 2016-02-05 20:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-15 21:28 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-15 21:28 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-15 21:28 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-15 21:28 - 2016-02-05 16:07 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-15 21:28 - 2016-02-05 16:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-15 21:28 - 2016-02-05 16:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-15 21:27 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-15 21:27 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-15 21:27 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-15 21:27 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-15 21:27 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-15 21:27 - 2016-01-11 20:54 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-15 18:50 - 2016-03-15 18:51 - 00263737 _____ C:\Users\Monča\Desktop\nabidka174662admin@stawebniny.com.PDF
2016-03-14 22:11 - 2016-03-14 22:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-14 22:05 - 2016-03-14 22:06 - 22908888 _____ (Malwarebytes ) C:\Users\Monča\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-13 21:46 - 2016-03-13 21:51 - 00000000 ____D C:\Program Files\AdwCleaner
2016-03-13 21:45 - 2016-03-13 21:45 - 01527296 _____ C:\Users\Monča\Downloads\adwcleaner_5.102.exe
2016-03-13 21:40 - 2016-03-13 21:41 - 04657896 _____ C:\Users\Monča\Downloads\CrystalDiskInfo6_7_4.zip
2016-03-13 20:25 - 2016-03-13 20:25 - 01107968 _____ C:\Users\Monča\Downloads\RSIT (1).exe
2016-03-13 20:14 - 2016-03-13 20:26 - 00000000 ____D C:\rsit
2016-03-13 20:14 - 2016-03-13 20:25 - 00000000 ____D C:\Program Files\trend micro
2016-03-13 20:12 - 2016-03-13 20:12 - 01107968 _____ C:\Users\Monča\Downloads\RSIT.exe
2016-03-13 19:26 - 2016-03-13 19:26 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (6).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu.xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (5).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (4).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (3).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (2).xls
2016-03-13 19:10 - 2016-03-13 19:23 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (1).xls
2016-03-13 18:14 - 2016-03-13 18:14 - 00000020 _____ C:\Windows\ řÄ
2016-03-13 18:06 - 2016-03-13 18:06 - 00000000 ____D C:\Windows\OEMTemp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-10 13:05 - 2009-07-14 06:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-10 13:05 - 2009-07-14 06:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-10 13:01 - 2012-09-26 23:02 - 00669560 _____ C:\Windows\system32\perfh005.dat
2016-04-10 13:01 - 2012-09-26 23:02 - 00141930 _____ C:\Windows\system32\perfc005.dat
2016-04-10 13:01 - 2010-11-20 23:01 - 01586066 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-10 13:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-10 12:59 - 2015-04-02 09:33 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-10 12:59 - 2014-08-04 17:41 - 00002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 12:59 - 2013-11-20 21:40 - 00000904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-10 12:59 - 2012-09-26 13:36 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-04-10 12:59 - 2011-12-16 11:55 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-04-10 12:59 - 2009-07-14 06:46 - 00001503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-10 12:58 - 2015-07-03 19:13 - 00001961 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-10 12:58 - 2015-04-02 09:34 - 00000965 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-10 12:58 - 2015-02-28 11:09 - 00000895 _____ C:\Users\Public\Desktop\Fotor.lnk
2016-04-10 12:58 - 2014-08-04 17:41 - 00002087 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 12:58 - 2013-11-20 21:40 - 00000898 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-10 12:58 - 2013-09-15 21:36 - 00002022 _____ C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk
2016-04-10 12:58 - 2013-04-29 12:35 - 00001757 _____ C:\Users\Public\Desktop\ICQ7M.lnk
2016-04-10 12:58 - 2013-03-01 20:55 - 00001861 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-04-10 12:58 - 2013-03-01 20:45 - 00000963 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 12:58 - 2012-10-20 09:40 - 00000928 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-04-10 12:58 - 2012-10-10 20:20 - 00001022 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-10 12:58 - 2011-12-16 11:18 - 00001486 _____ C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
2016-04-10 12:57 - 2012-10-04 12:49 - 00001086 _____ C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 12:57 - 2009-07-14 06:46 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-10 12:57 - 2009-07-14 06:37 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-10 12:56 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-10 12:53 - 2012-11-06 21:42 - 00000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-04-09 22:57 - 2015-07-28 12:24 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-09 22:18 - 2013-12-15 14:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-09 22:07 - 2011-12-16 11:28 - 00000000 ____D C:\Program Files\Windows Live
2016-04-09 21:51 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-09 20:51 - 2013-09-30 11:41 - 00000000 ____D C:\Users\Monča\AppData\Local\ElevatedDiagnostics
2016-04-09 00:55 - 2015-04-06 20:46 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-08 22:24 - 2013-11-20 21:40 - 00000000 ____D C:\Program Files\Opera
2016-04-08 22:18 - 2013-12-15 14:53 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 22:18 - 2011-12-16 11:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-23 01:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-03-16 05:17 - 2009-07-14 06:33 - 00415600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-16 05:12 - 2014-12-14 11:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-16 05:09 - 2012-10-04 12:59 - 00000000 ____D C:\Users\Monča\AppData\Roaming\SoftGrid Client
2016-03-13 22:33 - 2011-12-16 11:22 - 00000000 ____D C:\ProgramData\Skype
2016-03-13 20:04 - 2011-12-16 11:26 - 00000000 ____D C:\Program Files\Acer
2016-03-13 19:47 - 2013-12-26 12:17 - 00000000 ____D C:\Users\Monča\AppData\Local\CrashDumps
2016-03-13 19:47 - 2012-10-07 17:28 - 00000000 ____D C:\Windows\Minidump
2016-03-13 18:10 - 2014-05-15 17:19 - 00000000 ____D C:\Users\Monča\AppData\Roaming\Kastner software
2016-03-13 18:10 - 2014-05-15 17:18 - 00000000 ____D C:\ProgramData\KASTNER software
2016-03-13 18:09 - 2014-02-16 15:54 - 00000000 ____D C:\Users\Monča\AppData\Local\Deployment
2016-03-13 18:08 - 2011-12-16 11:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-03-13 18:06 - 2011-12-16 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-13 17:56 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-13 17:55 - 2011-12-16 11:18 - 00000000 ____D C:\ProgramData\WildTangent
2016-03-13 17:54 - 2011-12-16 11:18 - 00000000 ____D C:\Program Files\WildTangent Games
2016-03-13 17:50 - 2013-04-29 12:34 - 00000000 ____D C:\Users\Monča\AppData\Roaming\ICQ
2016-03-13 17:47 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Files in the root of some directories =======

2015-12-17 18:40 - 2015-12-17 18:40 - 0000000 _____ () C:\Users\Monča\AppData\Local\{87A71E6C-3D15-47B5-B0F2-9D3538A39351}
2015-06-23 17:47 - 2015-06-23 18:14 - 0000000 _____ () C:\Users\Monča\AppData\Local\{970E244C-C776-4695-83EB-D42A8D31D975}
2015-12-08 20:15 - 2015-12-08 20:15 - 0000000 _____ () C:\Users\Monča\AppData\Local\{D672A4CE-5579-41E4-9DD1-B47E1C2077DC}

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-23 01:47

==================== End of FRST.txt ============================

To teda moc podle navodu nebylo...

Napiste mi velikost adresare plochy

Presunte FRST na plochu, jinak to nebude fungovat!!!

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3651929139-1614469722-131421925-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-04-29 1564368]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

VIRY.CZ

pomalé pc

pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc