VIRY.CZ

Ahoj. Notebook se mi po 20 min zasekne a nejde nic jiného, než restart.. Děje se to při práci v excelu, prohlížení internetu
Přikládám log z Crystal disk info

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/12/12 15:11:08

-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- ST500LT012-1DG142
- Slimtype DVD A DA8A6SH
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST500LT012-1DG142 : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST500LT012-1DG142
----------------------------------------------------------------------------
Model : ST500LT012-1DG142
Firmware : 0003SDM1
Serial Number : W3PCWV6A
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 436 hod.
Power On Count : 703 krát
Temperature : 26 C (78 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _99 __6 000003DC8BC0 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 0000000002BE Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _71 _60 _30 00020180FFF8 Počet chybných hledání
09 100 100 __0 BD48000001B4 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 0000000002BF Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _74 _53 _45 00001A15001A Teplota toku vzduchu
BF 100 100 __0 000000000040 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000009 Počet vypnutí disku
C1 _94 _94 __0 000000002FF0 Počet cyklů načítání/vymazání
C2 _26 _47 __0 00040000001A Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 100 __0 FBBA0000018B Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000EDE4D5CC Total Host Writes
F2 100 253 __0 000112B6FC1B Total Host Reads
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5733 5043 5756 3641
020: 0000 0000 0004 3030 3033 5344 4D31 5354 3530 304C
030: 5430 3132 2D31 4447 3134 3220 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0004 0048 0040
080: 01F0 0029 746B 7D69 6163 7469 BC49 6163 207F 0032
090: 0032 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 C500
110: 7D81 7226 0000 0000 0000 0000 0000 0000 0000 401E
120: 401E 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 7CFF 0280 0000 0000
150: 0008 0000 0000 0000 1028 0000 4000 0000 7500 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0002 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9EA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 72 63 C0 8B DC 03 00 00 00 03 03
010: 00 63 63 00 00 00 00 00 00 00 04 32 00 64 64 BE
020: 02 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 47 3C F8 FF 80 01 02 00 00 09 32
040: 00 64 64 B4 01 00 00 48 BD 28 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 BF 02 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
080: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
090: 00 00 BE 22 00 4A 35 1A 00 15 1A 00 00 00 BF 32
0A0: 00 64 64 40 00 00 00 00 00 00 C0 32 00 64 64 09
0B0: 00 00 00 00 00 00 C1 32 00 5E 5E F0 2F 00 00 00
0C0: 00 00 C2 22 00 1A 2F 1A 00 00 00 04 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 F0 00 00 64 64 8B 01 00 00 BA FB 04 F1 00
100: 00 64 FD CC D5 E4 ED 00 00 00 F2 00 00 64 FD 1B
110: FC B6 12 01 00 00 FE 32 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 68 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 06 01 01 01 01 01 01 01
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 40 00 00 00 49 B4 96 12 6E 01 00 00
1B0: 00 00 00 00 01 00 88 02 CC D5 E4 ED 00 00 00 00
1C0: 1B FC B6 12 01 00 00 00 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 0A 03 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 71

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F0 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 FE 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9C

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 . Disk je OK.

Zároveň přesouvám thread do správné sekce.

Dělal jsem přes noc memtest a je to bez chyby

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Petr (administrator) on DRUZSTEVNÍK (18-12-2016 10:58:56)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-12] (AVAST Software)
HKLM-x32\...\Run: [Launcher3010] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2570752 2011-04-19] (Xerox)
HKLM-x32\...\Run: [3010 RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2013-07-30] (Xerox)
HKLM-x32\...\Run: [StatusAutoRun3010] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4277760 2013-07-30] (Xerox)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\...\MountPoints2: {d617b333-fa3a-11e4-8261-acb57dab8288} - "F:\SETUP.EXE"
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-01-16]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{156DB70C-120A-494A-9534-DC9E0ECF6972}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{552E1823-0C1C-4903-A45B-543801626145}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1603821597-3673966844-1391376131-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1603821597-3673966844-1391376131-1001 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-29] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-29] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mb8k4623.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default [2016-10-10]
FF NewTab: Mozilla\Firefox\Profiles\mb8k4623.default -> about:newtab
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mb8k4623.default -> Ask Web Search
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\mb8k4623.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mb8k4623.default -> Seznam
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mb8k4623.default -> Ask Web Search
FF Homepage: Mozilla\Firefox\Profiles\mb8k4623.default -> hxxp://home.tb.ask.com/index.jhtml?ptb=1C7B16DC-DA83-45CB-82A8-467C8CA3E69C&n=782a34a3&p2=^BA5^xdm067^YYA^cz&si=CKbV9-GvzcsCFQo6GwodOL8OPQ
FF Keyword.URL: Mozilla\Firefox\Profiles\mb8k4623.default -> hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=1C7B16DC-DA83-45CB-82A8-467C8CA3E69C&n=782a34a3&ind=2016031907&p2=^BA5^xdm067^YYA^cz&si=CKbV9-GvzcsCFQo6GwodOL8OPQ&searchfor=
FF Extension: (OnlineMapFinder) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\Extensions\_9pMembers_@free.onlinemapfinder.com [2016-03-19]
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\searchplugins\ask-web-search.xml [2016-01-18]
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\searchplugins\seznam-avast.xml [2016-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2016-12-18]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-18]
CHR Extension: (A. Powerups) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2016-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-18]
CHR Extension: (Avast SafePrice) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-12-18]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-18]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-13] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [141824 2013-07-30] (Xerox) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-16] (AVAST Software)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-01-16] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [254528 2015-05-16] (DT Soft Ltd)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-12-12] () [File not signed]
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-18 10:58 - 2016-12-18 10:59 - 00018718 _____ C:\Users\Petr\Desktop\FRST.txt
2016-12-18 10:58 - 2016-12-18 10:58 - 00000000 ____D C:\FRST
2016-12-18 10:57 - 2016-12-18 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2016-12-18 10:57 - 2016-12-18 10:57 - 02420224 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2016-12-12 15:20 - 2016-12-12 15:21 - 04676017 _____ C:\Users\Petr\Downloads\memtest86-iso.zip
2016-12-12 15:20 - 2016-12-12 15:20 - 00834544 _____ C:\Windows\system32\Drivers\sptd.sys
2016-12-12 15:20 - 2016-12-12 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
2016-12-12 15:20 - 2016-12-12 15:20 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2016-12-12 15:19 - 2016-12-12 15:19 - 04097491 _____ C:\Users\Petr\Downloads\Iso-burner.zip
2016-12-12 15:19 - 2016-12-12 15:19 - 00705024 _____ C:\Users\Petr\Downloads\FreeISOBurner.exe
2016-12-12 15:09 - 2016-12-12 15:10 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-12-12 15:09 - 2016-12-12 15:09 - 00001218 _____ C:\Users\Petr\Desktop\CrystalDiskInfo.lnk
2016-12-12 15:09 - 2016-12-12 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-12-12 15:08 - 2016-12-12 15:08 - 03956368 _____ (Crystal Dew World ) C:\Users\Petr\Downloads\CrystalDiskInfo7_0_4-en.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-18 11:00 - 2015-05-14 13:39 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1603821597-3673966844-1391376131-1001
2016-12-18 11:00 - 2014-10-28 22:03 - 00742562 _____ C:\Windows\system32\perfh00E.dat
2016-12-18 11:00 - 2014-10-28 22:03 - 00177650 _____ C:\Windows\system32\perfc00E.dat
2016-12-18 11:00 - 2014-10-28 21:53 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-12-18 11:00 - 2014-10-28 21:53 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-12-18 11:00 - 2014-03-18 16:25 - 02666374 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-18 10:54 - 2015-05-18 13:51 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-18 10:54 - 2015-05-14 13:35 - 00000093 _____ C:\Users\Petr\AppData\Roaming\sp_data.sys
2016-12-18 10:54 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-12 15:26 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-12-12 15:20 - 2015-01-16 21:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 15:13 - 2016-06-17 17:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-12 15:13 - 2016-02-29 18:44 - 00032768 ___SH C:\Users\Petr\Desktop\Thumbs.db
2016-12-12 15:13 - 2014-10-28 16:01 - 00000000 ____D C:\ProgramData\Skype
2016-12-12 15:12 - 2015-05-18 13:51 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

==================== Files in the root of some directories =======

2015-05-14 13:35 - 2016-12-18 10:54 - 0000093 _____ () C:\Users\Petr\AppData\Roaming\sp_data.sys
2015-01-16 21:38 - 2015-01-16 21:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-28 16:00 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-28 16:00 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-28 16:00 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\Deldevice.dll
C:\Users\Petr\AppData\Local\Temp\DelVista.dll
C:\Users\Petr\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Petr\AppData\Local\Temp\ose00000.exe
C:\Users\Petr\AppData\Local\Temp\ose00001.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 9 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v6.041 - Log vytvořen 18/12/2016 v 15:41:22
# Aktualizováno dne 16/12/2016 z Malwarebytes
# Databáze : 2016-12-18.1 [Místní]
# Operační systém : Windows 8.1 Connected (X64)
# Uživatelské jméno : Petr - DRUZSTEVNÍK
# Spuštěno z : C:\Users\Petr\Downloads\adwcleaner_6.041.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka smazána: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\extensions\_9pMembers_@free.onlinemapfinder.com
[-] Složka smazána: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\PConverter_dz
[-] Složka smazána: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\OnlineMapFinder_9p
[-] Složka smazána: C:\Program Files (x86)\DAEMON Tools Toolbar

***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\searchplugins\ask-web-search.xml

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[-] Klíč smazán: HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[-] Klíč smazán: HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
[-] Klíč smazán: HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\izito.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pestryjidelnicek.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.izito.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.pestryjidelnicek.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\izito.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pestryjidelnicek.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.izito.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.pestryjidelnicek.cz

***** [ Prohlížeče ] *****

[-] Firefox předvolby vyčištěny: "browser.search.defaultenginename" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "browser.search.selectedEngine" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "browser.startup.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=1C7B16DC-DA83-45CB-82A8-467C8CA3E69C&n=782a34a3&p2=^BA5^xdm067^YYA^cz&si=CKbV9-GvzcsCFQo6GwodOL8OPQ"
[-] Firefox předvolby vyčištěny: "extensions.mywebsearch.prevKwdEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.mywebsearch.prevKwdURL" - "hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.BUTTON_STRUCTURE" - "[{\"b\":224541277,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224541278,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":224541280,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":224541284,\"c\":\"mindspark.image\",\"p\":\"L.0.2\"},{\"b\":224541287,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":224541290,\"c\":\"mindspark.directorysearch\",\"p\":\"L.0.4\"},{\"b\":224541230,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":225082861,\"c\":\"mindspark.mapsearch\",\"v\":\"1.5.3\",\"p\":\"L.2\"},{\"b\":224541234,\"c\":\"mindspark.maplinks\",\"p\":\"L.3\"},{\"b\":224541235,\"c\":\"mindspark.satellitemaps\",\"p\":\"L.3.0\"},{\"b\":224541236,\"c\":\"mindspark.flashearth\",\"p\":\"L.3.0.0\"},{\"b\":224541237,\"c\":\"mindspark.interactivesatellitemap\",\"p\":\"L.3.0.1\"},{\"b\":224541238,\"c\":\"mindspark.satellitemapsearch\",\"p\":\"L.3.0.2\"},{\"b\":224541239,\"c\":\"mindspark.nasamaps\",\"p\":\"L.3.0.3\"},{\"b\":224541240,\"c\":\"mindspark.weathermaps\",\"p\":\"L.3.0.4\"},{\"b\":224541241,\"c\":\"mindspark.aerialmaps\",\"p\":\"L.3.1\"},{\"b\":224541242,\"c\":\"mindspark.aerialmaps\",\"p\":\"L.3.1.0\"},{\"b\":224541243,\"c\":\"mindspark.historicalaerialmaps\",\"p\":\"L.3.1.1\"},{\"b\":224541244,\"c\":\"mindspark.aerialimages\",\"p\":\"L.3.1.2\"},{\"b\":224541245,\"c\":\"mindspark.searchaerialmaps\",\"p\":\"L.3.1.3\"},{\"b\":224541246,\"c\":\"mindspark.directions\",\"p\":\"L.3.2\"},{\"b\":224541247,\"c\":\"mindspark.drivingdirections\",\"p\":\"L.3.2.0\"},{\"b\":224541248,\"c\":\"mindspark.mapquest\",\"p\":\"L.3.2.1\"},{\"b\":224541249,\"c\":\"mindspark.traffic\",\"p\":\"L.4\"},{\"b\":224541250,\"c\":\"mindspark.localtraffic\",\"p\":\"L.4.0\"},{\"b\":224541251,\"c\":\"mindspark.trafficcameras\",\"p\":\"L.4.1\"},{\"b\":224541252,\"c\":\"mindspark.trafficmap\",\"p\":\"L.4.2\"},{\"b\":224541253,\"c\":\"mindspark.yellowpages\",\"p\":\"L.5\"},{\"b\":224541255,\"c\":\"mindspark.tools\",\"p\":\"L.6\"},{\"b\":224541256,\"c\":\"mindspark.worldclock\",\"p\":\"L.6.0\"},{\"b\":224541257,\"c\":\"mindspark.definitions\",\"p\":\"L.6.1\"},{\"b\":224541258,\"c\":\"mindspark.calculator\",\"p\":\"L.6.2\"},{\"b\":224541259,\"c\":\"mindspark.converter\",\"p\":\"L.6.3\"},{\"b\":224541260,\"c\":\"mindspark.calendar\",\"p\":\"L.6.4\"},{\"b\":224541261,\"c\":\"mindspark.facebook\",\"p\":\"L.7\"},{\"b\":224541262,\"c\":\"mindspark.radio\",\"v\":\"1.0.3\",\"p\":\"L.8\"},{\"b\":224541263,\"c\":\"mindspark.weather\",\"v\":\"1.2.3\",\"p\":\"L.9\"},{\"b\":224541232,\"c\":\"mindspark.ask\",\"p\":\"R.0\"},{\"b\":224541294,\"c\":\"mindspark.wrench\",\"p\":\"R.1\"},{\"b\":224541300,\"c\":\"mindspark.tboptions\",\"p\":\"R.1.0\"},{\"b\":224541301,\"c\":\"mindspark.enabledisable\",\"p\":\"R.1.0.0\"},{\"b\":224541319,\"c\":\"mindspark.uninstall\",\"p\":\"R.1.0.1\"},{\"b\":224541328,\"c\":\"mindspark.notspyware\",\"p\":\"R.1.1\"},{\"b\":224541335,\"c\":\"mindspark.help\",\"p\":\"R.1.2\"},{\"b\":224541341,\"c\":\"mindspark.version\",\"p\":\"R.1.3\"}]"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.search.defaultenginename.prev" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.search.defaultenginename.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.search.defaultenginename.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.search.selectedEngine.prev" - "Seznam"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.search.selectedEngine.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.search.selectedEngine.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.prev" - "hxxps://www.seznam.cz/?clid=22668"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb" - "hxxp://home.tb.ask.com/index.jhtml?ptb=1C7B16DC-DA83-45CB-82A8-467C8CA3E69C&n=782a34a3&p2=^BA5^xdm067^YYA^cz&si=CKbV9-GvzcsCFQo6GwodOL8OPQ"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.startup.page.savedPrev" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.startup.page.tb" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.browser.version.last" - "47.0"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.coId" - "cd39a389edf74f839a3828084fc78a62"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.competitorDNS" - "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/index.php\",\"p\":\" ... ":\"domain\"}],\"expires\":1460731514019,\"retrieveDateStr\":\"Fri Apr 08 2016 16:45:14 GMT+0200\"}"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.firstKnownVersion" - "7.38.8.46548"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=1C7B16DC-DA83-45CB-82A8-467C8CA3E69C&n=782a34a3&p2=^BA5^xdm067^YYA^cz&si=CKbV9-GvzcsCFQo6GwodOL8OPQ"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.hp.guardType" - "HPR"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.hp.user.defined" - false
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.initialized" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installType" - "XPI"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installation.dlpCountryCode" - "CZ"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installation.installDate" - "2016031907"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installation.partnerId" - "^BA5^xdm067^YYA^cz"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installation.partnerSubId" - "CKbV9-GvzcsCFQo6GwodOL8OPQ"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installation.success" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.installation.toolbarId" - "1C7B16DC-DA83-45CB-82A8-467C8CA3E69C"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.lastActivePing" - "1482070550298"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.lastKnownVersion" - "7.38.8.46548"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.lssState" - "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supportedLocale\":\"en\",\"previousLocale\":\"en\"}"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.options.defaultSearch" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.options.homePageEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.options.keywordEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.options.tabEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.productDeliveryOption.language" - "cs"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.productDeliveryOption.type" - "Toolbar"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.searchHistory" - "yutube zápis o utkání ofs jihlava"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.successUrl" - "hxxp://free.onlinemapfinder.com/installComplete.jhtml"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.toolbar.versionChanged" - false
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.toolbarCollapsed" - false
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._9pMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._9pMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Petr\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mb8k4623.default\\\\OnlineMapFinder_9p\\\\1C7B16DC-DA83-45CB-82A8-467C8CA3E69C.sqlite\",\"C:\\\\Users\\\\Petr\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mb8k4623.default\\\\OnlineMapFinder_9p\"]}"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.BUTTON_STRUCTURE" - "[{\"b\":224511887,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224511888,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0\"},{\"b\":224511890,\"c\":\"mindspark.full\",\"p\":\"L.0.1\"},{\"b\":224511894,\"c\":\"mindspark.imagesearch\",\"p\":\"L.0.2\"},{\"b\":224511897,\"c\":\"mindspark.advanced\",\"p\":\"L.0.3\"},{\"b\":224511900,\"c\":\"mindspark.directorysearch\",\"p\":\"L.0.4\"},{\"b\":224511792,\"c\":\"mindspark.search\",\"p\":\"L.1\"},{\"b\":224511805,\"c\":\"mindspark.product\",\"p\":\"L.2\"},{\"b\":224511806,\"c\":\"mindspark.notspyware\",\"p\":\"L.2.0\"},{\"b\":224511813,\"c\":\"mindspark.help\",\"p\":\"L.2.1\"},{\"b\":224511819,\"c\":\"mindspark.version\",\"p\":\"L.2.2\"},{\"b\":225074811,\"c\":\"mindspark.convertfiles\",\"v\":\"1.1.1\",\"p\":\"L.3\"},{\"b\":224511828,\"c\":\"mindspark.shareviaemail\",\"p\":\"L.4\"},{\"b\":224511829,\"c\":\"mindspark.wetransfer\",\"p\":\"L.4.0\"},{\"b\":224511830,\"c\":\"mindspark.sendspace\",\"p\":\"L.4.1\"},{\"b\":224511831,\"c\":\"mindspark.mailbigfile\",\"p\":\"L.4.2\"},{\"b\":224511832,\"c\":\"mindspark.transferbigfiles\",\"p\":\"L.4.3\"},{\"b\":224511833,\"c\":\"mindspark.dropsend\",\"p\":\"L.4.4\"},{\"b\":224511834,\"c\":\"mindspark.measurementconverter\",\"v\":\"1.2.1\",\"p\":\"L.5\"},{\"b\":224511835,\"c\":\"mindspark.share\",\"p\":\"L.6\"},{\"b\":224511836,\"c\":\"mindspark.sendwiththecloud\",\"p\":\"L.6.0\"},{\"b\":224511837,\"c\":\"mindspark.dropbox\",\"p\":\"L.6.0.0\"},{\"b\":224511838,\"c\":\"mindspark.copy\",\"p\":\"L.6.0.1\"},{\"b\":224511839,\"c\":\"mindspark.box\",\"p\":\"L.6.0.2\"},{\"b\":224511840,\"c\":\"mindspark.microsoftonedrive\",\"p\":\"L.6.0.3\"},{\"b\":224511841,\"c\":\"mindspark.spideroak\",\"p\":\"L.6.0.4\"},{\"b\":224511842,\"c\":\"mindspark.sugarsync\",\"p\":\"L.6.0.5\"},{\"b\":224511843,\"c\":\"mindspark.sharewithsocialmedia\",\"p\":\"L.6.1\"},{\"b\":224511844,\"c\":\"mindspark.facebooklink\",\"p\":\"L.6.1.0\"},{\"b\":224511845,\"c\":\"mindspark.twitter\",\"p\":\"L.6.1.1\"},{\"b\":224511846,\"c\":\"mindspark.linkedin\",\"p\":\"L.6.1.2\"},{\"b\":224511847,\"c\":\"mindspark.pinterest\",\"p\":\"L.6.1.3\"},{\"b\":224511848,\"c\":\"mindspark.instagram\",\"p\":\"L.6.1.4\"},{\"b\":224511849,\"c\":\"mindspark.tumblr\",\"p\":\"L.6.1.5\"},{\"b\":224511850,\"c\":\"mindspark.photosharingsites\",\"p\":\"L.6.2\"},{\"b\":224511851,\"c\":\"mindspark.flickr\",\"p\":\"L.6.2.0\"},{\"b\":224511852,\"c\":\"mindspark.photobucket\",\"p\":\"L.6.2.1\"},{\"b\":224511853,\"c\":\"mindspark.smugmug\",\"p\":\"L.6.2.2\"},{\"b\":224511854,\"c\":\"mindspark.fotki\",\"p\":\"L.6.2.3\"},{\"b\":224511855,\"c\":\"mindspark.500px\",\"p\":\"L.6.2.4\"},{\"b\":224511856,\"c\":\"mindspark.deviantart\",\"p\":\"L.6.2.5\"},{\"b\":224511857,\"c\":\"mindspark.facebook\",\"p\":\"L.7\"},{\"b\":224511804,\"c\":\"mindspark.ask\",\"p\":\"R.0\"},{\"b\":224511904,\"c\":\"mindspark.wrench\",\"p\":\"R.1\"},{\"b\":224511910,\"c\":\"mindspark.tboptions\",\"p\":\"R.1.0\"},{\"b\":224511911,\"c\":\"mindspark.enabledisable\",\"p\":\"R.1.0.0\"},{\"b\":224511932,\"c\":\"mindspark.uninstall\",\"p\":\"R.1.0.1\"}]"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.search.defaultenginename.prev" - "Google"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.search.defaultenginename.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.search.defaultenginename.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.search.selectedEngine.prev" - "Google"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.search.selectedEngine.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.search.selectedEngine.tb" - "Ask Web Search"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.startup.homepage.prev" - "hxxps://www.seznam.cz/"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.startup.homepage.savedPrev" - "true"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.startup.homepage.tb" - "hxxp://home.tb.ask.com/index.jhtml?ptb=A10F8F10-10C0-48E2-A77A-45D520D03D2A&n=7829e61b&p2=^BYC^xdm008^YYA^cz"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.startup.page.savedPrev" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.startup.page.tb" - 1
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.browser.version.last" - "43.0"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.coId" - "da96c701d2e84787bdb8b53197ae4ea4"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.competitorDNS" - "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/index.php\",\"p\":\" ... ":\"domain\"}],\"expires\":1453732364861,\"retrieveDateStr\":\"Mon Jan 18 2016 15:32:44 GMT+0100\"}"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.firstKnownVersion" - "7.38.8.46577"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.homepage" - "hxxp://home.tb.ask.com/index.jhtml?ptb=A10F8F10-10C0-48E2-A77A-45D520D03D2A&n=7829e61b&p2=^BYC^xdm008^YYA^cz"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.hp.guardType" - "HPR"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.hp.user.defined" - false
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.initialized" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installType" - "XPI"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installation.dlpCountryCode" - "CZ"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installation.installDate" - "2016011803"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installation.partnerId" - "^BYC^xdm008^YYA^cz"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installation.pixelUrl" - "hxxp://www.pconverter.com/install_pixels.jhtml ... D520D03D2A"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installation.success" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.installation.toolbarId" - "A10F8F10-10C0-48E2-A77A-45D520D03D2A"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.lastActivePing" - "1453127466082"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.lastKnownVersion" - "7.38.8.46577"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.lssState" - "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supportedLocale\":\"en\",\"previousLocale\":\"en\"}"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.options.defaultSearch" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.options.homePageEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.options.keywordEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.options.tabEnabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.partnerPixelFired" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.productDeliveryOption.language" - "cs"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.productDeliveryOption.type" - "Toolbar"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.successUrl" - "hxxp://www.pconverter.com/installComplete.jhtml"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.toolbar.ownSearch" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.toolbarCollapsed" - false
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark._dzMembers_.uninstallTasks" - "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._dzMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Petr\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mb8k4623.default\\\\PConverter_dz\\\\A10F8F10-10C0-48E2-A77A-45D520D03D2A.sqlite\",\"C:\\\\Users\\\\Petr\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\mb8k4623.default\\\\PConverter_dz\"]}"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.hp.enabled" - true
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.hp.enabled.guid" - "onlinemapfinder@mindspark.com"
[-] Firefox předvolby vyčištěny: "extensions.toolbar.mindspark.lastInstalled" - "onlinemapfinder@mindspark.com"
[-] Firefox předvolby vyčištěny: "keyword.URL" - "hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=1C7B16DC-DA83-45CB-82A8-467C8CA3E69C&n=782a34a3&ind=2016031907&p2=^BA5^xdm067^YYA^cz&si=CKbV9-GvzcsCFQo6GwodOL8OPQ&searchfor="

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [22827 Bajty] - [18/12/2016 15:41:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [22057 Bajty] - [18/12/2016 15:20:37]
C:\AdwCleaner\AdwCleaner[S1].txt - [22133 Bajty] - [18/12/2016 15:39:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [23049 Bajty] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
Ran by Petr (administrator) on DRUZSTEVNÍK (21-12-2016 11:33:39)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-18] (AVAST Software)
HKLM-x32\...\Run: [Launcher3010] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2570752 2011-04-19] (Xerox)
HKLM-x32\...\Run: [3010 RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2013-07-30] (Xerox)
HKLM-x32\...\Run: [StatusAutoRun3010] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4277760 2013-07-30] (Xerox)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\...\MountPoints2: {d617b333-fa3a-11e4-8261-acb57dab8288} - "F:\SETUP.EXE"
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-13] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-01-16]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{156DB70C-120A-494A-9534-DC9E0ECF6972}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{552E1823-0C1C-4903-A45B-543801626145}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1603821597-3673966844-1391376131-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-29] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-29] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mb8k4623.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default [2016-12-18]
FF NewTab: Mozilla\Firefox\Profiles\mb8k4623.default -> about:newtab
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\mb8k4623.default -> hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mb8k4623.default -> Seznam
FF SearchPlugin: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\mb8k4623.default\searchplugins\seznam-avast.xml [2016-01-19]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2016-12-18]
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-18]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-18]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-12-18]
CHR Extension: (A. Powerups) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2016-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-12-18]
CHR Extension: (Avast SafePrice) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-12-18]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-18]
CHR Extension: (Avast Online Security) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-30]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-13] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [141824 2013-07-30] (Xerox) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-16] (AVAST Software)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-01-16] (Broadcom Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [254528 2015-05-16] (DT Soft Ltd)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2016-12-12] () [File not signed]
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-18 15:17 - 2016-12-18 15:41 - 00000000 ____D C:\AdwCleaner
2016-12-18 15:17 - 2016-12-18 15:17 - 03977168 _____ C:\Users\Petr\Downloads\adwcleaner_6.041 (1).exe
2016-12-18 15:16 - 2016-12-18 15:17 - 03977168 _____ C:\Users\Petr\Downloads\adwcleaner_6.041.exe
2016-12-18 10:58 - 2016-12-21 11:33 - 00016993 _____ C:\Users\Petr\Desktop\FRST.txt
2016-12-18 10:58 - 2016-12-18 10:58 - 00000000 ____D C:\FRST
2016-12-18 10:57 - 2016-12-18 10:58 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2016-12-18 10:57 - 2016-12-18 10:57 - 02420224 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2016-12-12 15:20 - 2016-12-12 15:21 - 04676017 _____ C:\Users\Petr\Downloads\memtest86-iso.zip
2016-12-12 15:20 - 2016-12-12 15:20 - 00834544 _____ C:\Windows\system32\Drivers\sptd.sys
2016-12-12 15:20 - 2016-12-12 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
2016-12-12 15:20 - 2016-12-12 15:20 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2016-12-12 15:19 - 2016-12-12 15:19 - 04097491 _____ C:\Users\Petr\Downloads\Iso-burner.zip
2016-12-12 15:19 - 2016-12-12 15:19 - 00705024 _____ C:\Users\Petr\Downloads\FreeISOBurner.exe
2016-12-12 15:09 - 2016-12-12 15:10 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-12-12 15:09 - 2016-12-12 15:09 - 00001218 _____ C:\Users\Petr\Desktop\CrystalDiskInfo.lnk
2016-12-12 15:09 - 2016-12-12 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-12-12 15:08 - 2016-12-12 15:08 - 03956368 _____ (Crystal Dew World ) C:\Users\Petr\Downloads\CrystalDiskInfo7_0_4-en.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-18 15:48 - 2015-05-14 13:39 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1603821597-3673966844-1391376131-1001
2016-12-18 15:47 - 2014-10-28 22:03 - 00742562 _____ C:\Windows\system32\perfh00E.dat
2016-12-18 15:47 - 2014-10-28 22:03 - 00177650 _____ C:\Windows\system32\perfc00E.dat
2016-12-18 15:47 - 2014-10-28 21:53 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-12-18 15:47 - 2014-10-28 21:53 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-12-18 15:47 - 2014-03-18 16:25 - 02666374 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-18 15:47 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-12-18 15:43 - 2015-05-14 13:35 - 00000093 _____ C:\Users\Petr\AppData\Roaming\sp_data.sys
2016-12-18 15:43 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-18 15:42 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-12-18 15:41 - 2015-05-14 13:30 - 00000000 ____D C:\Users\Petr
2016-12-18 15:35 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-18 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-12-18 15:20 - 2015-05-18 13:51 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-18 15:20 - 2015-05-18 13:51 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-18 11:23 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-12-12 15:20 - 2015-01-16 21:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-12 15:13 - 2016-06-17 17:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-12 15:13 - 2016-02-29 18:44 - 00032768 ___SH C:\Users\Petr\Desktop\Thumbs.db
2016-12-12 15:13 - 2014-10-28 16:01 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-05-14 13:35 - 2016-12-18 15:43 - 0000093 _____ () C:\Users\Petr\AppData\Roaming\sp_data.sys
2015-01-16 21:38 - 2015-01-16 21:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-28 16:00 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-28 16:00 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-28 16:00 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\Deldevice.dll
C:\Users\Petr\AppData\Local\Temp\DelVista.dll
C:\Users\Petr\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Petr\AppData\Local\Temp\libeay32.dll
C:\Users\Petr\AppData\Local\Temp\msvcr120.dll
C:\Users\Petr\AppData\Local\Temp\ose00000.exe
C:\Users\Petr\AppData\Local\Temp\ose00001.exe
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 9 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\...\MountPoints2: {d617b333-fa3a-11e4-8261-acb57dab8288} - "F:\SETUP.EXE"
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\Petr\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Petr (23-12-2016 13:11:00) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\...\MountPoints2: {d617b333-fa3a-11e4-8261-acb57dab8288} - "F:\SETUP.EXE"
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\Petr\AppData\Local\Temp

EmptyTemp:
End
*****************

"HKU\S-1-5-21-1603821597-3673966844-1391376131-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d617b333-fa3a-11e4-8261-acb57dab8288}" => key removed successfully
HKCR\CLSID\{d617b333-fa3a-11e4-8261-acb57dab8288} => key not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\SetStretch.VBS => moved successfully

"C:\Users\Petr\AppData\Local\Temp" folder move:

Could not move "C:\Users\Petr\AppData\Local\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19056871 B
Java, Flash, Steam htmlcache => 1878 B
Windows/system/drivers => 602817885 B
Edge => 0 B
Chrome => 39988088 B
Firefox => 372768308 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1100695 B
systemprofile32 => 0 B
LocalService => 259378 B
NetworkService => 3364 B
Petr => 355889460 B

RecycleBin => 17928142 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 23-12-2016 13:30:16)

C:\Users\Petr\AppData\Local\Temp => moved successfully

==== End of Fixlog 13:30:16 ====

Po odeslání posledního příspěvku opět zaseknutí = tvrdý restart

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Bez nálezu

Pak je to možná systémová chyba, neo máte v PC nějakou instalaci, která si "nesedla" s těmi ostatními. Zkuste z přík. řádku spustit sfc/scannow. Systém provede sken, případně opraví systémové soubory.

Malá změna.. Něco se objevilo v minidumpu.. Příkaz v cmd se nepodařilo ani jednou dokončit
přikládám

minidump.rar: (41.83 KiB) Staženo 232 x

Něco se objevilo.... Rovnou řekněte, že PC udělal BSOD. Udělejte kontrolu RAM: http://forum.viry.cz/viewtopic.php?f=53&t=106788 .

VIRY.CZ

Zasekávání notebooku

Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku

Re: Zasekávání notebooku