pomalé pc

Zpráva

SchelbyGT · #1 Příspěvek od **SchelbyGT** » 13 bře 2016 19:45

Dobrý den, prosím o kontrolu logu. Mám velmi pomalé PC,nejde už skoro oni běžné věci jako internet a Word. Vše se strašně seká. Jedná se o Acer aspire ONE. Vím že se o tom nedá říci že je to PC ale používáme to jen na internet, poslední dobou už ale moc nejde.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Monča at 2016-03-13 19:25:28
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 133 GB (45%) free of 292 GB
Total RAM: 1012 MB (22% free)

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default

prefs.js - "browser.startup.homepage" - "http://www.mystartsearch.com/?type=hp&t ... AJASTAJAST"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-03 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-30 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-30 168960]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-30 161280]
"GfxServiceInstall"=C:\Windows\system32\GfxCUIServiceInstall.vbs [2011-12-30 131]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-05-18 10082920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-06 5515496]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON SX125 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [2012-10-20 200704]
"EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII3E.EXE [2012-02-27 249440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-12-30 224768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-13 19:14:50 ----D---- C:\Program Files\trend micro
2016-03-13 19:14:44 ----D---- C:\rsit
2016-03-13 17:18:56 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-03-13 17:06:46 ----D---- C:\Windows\OEMTemp
2016-02-24 18:38:42 ----SHD---- C:\found.004

======List of files/folders modified in the last 1 month======

2016-03-13 19:25:37 ----D---- C:\Windows\Temp
2016-03-13 19:14:50 ----D---- C:\Program Files
2016-03-13 19:14:25 ----D---- C:\Windows\system32\config
2016-03-13 19:04:55 ----D---- C:\Windows
2016-03-13 19:04:41 ----D---- C:\Program Files\Acer
2016-03-13 18:47:29 ----D---- C:\Windows\inf
2016-03-13 18:47:16 ----D---- C:\Windows\Minidump
2016-03-13 18:35:29 ----SHD---- C:\System Volume Information
2016-03-13 17:19:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-03-13 17:18:56 ----D---- C:\Windows\System32
2016-03-13 17:14:24 ----SHD---- C:\Windows\Installer
2016-03-13 17:14:24 ----RSD---- C:\Windows\assembly
2016-03-13 17:12:36 ----D---- C:\Users\Monča\AppData\Roaming\SoftGrid Client
2016-03-13 17:08:23 ----HD---- C:\Program Files\InstallShield Installation Information
2016-03-13 17:06:48 ----D---- C:\Windows\system32\Tasks
2016-03-13 17:04:16 ----HD---- C:\ProgramData
2016-03-13 16:55:37 ----D---- C:\Windows\Prefetch
2016-03-13 16:55:21 ----D---- C:\ProgramData\WildTangent
2016-03-13 16:54:14 ----D---- C:\Program Files\WildTangent Games
2016-03-13 16:50:59 ----D---- C:\Users\Monča\AppData\Roaming\ICQ
2016-03-13 16:47:39 ----D---- C:\Windows\system32\FxsTmp
2016-03-03 19:03:31 ----D---- C:\Program Files\Opera
2016-02-28 14:22:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-28 03:03:49 ----D---- C:\Windows\winsxs
2016-02-28 03:03:39 ----SD---- C:\Windows\system32\GWX
2016-02-27 17:57:02 ----D---- C:\Users\Monča\AppData\Roaming\vlc
2016-02-25 16:23:59 ----D---- C:\Windows\system32\catroot2
2016-02-16 15:35:32 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-03 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-03 209048]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-03 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-03 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-06 428120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-06 242240]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-12-16 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-12-16 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-12-16 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-03 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-03 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-03 106912]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2011-08-18 4268096]
R3 igddim32;igddim32; C:\Windows\system32\DRIVERS\igddim32.sys [2011-12-30 1338368]
R3 igdkmd32;igdkmd32; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-12-30 418816]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-05-18 3501032]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-05-30 254056]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-09-29 490088]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 19304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-03 343336]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-04-29 1564368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-13 269504]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-01 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4640000]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 1713536]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 13 bře 2016 20:17

Zdravim

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\Program Files (x86)\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

SchelbyGT · #3 Příspěvek od **SchelbyGT** » 13 bře 2016 20:44

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Starter SP1 [6.1 Build 7601] (x86)
Date : 2016/03/13 20:44:27

-- Controller Map ----------------------------------------------------------
+ Intel(R) NM10 Express Chipset [ATA]
- WDC WD3200BPVT-22JJ5T0

-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BPVT-22JJ5T0 : 320,0 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD3200BPVT-22JJ5T0
----------------------------------------------------------------------------
Model : WDC WD3200BPVT-22JJ5T0
Firmware : 01.01A01
Serial Number : WD-WXK1E81AJAST
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 8492 hod.
Power On Count : 2487 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 145 117 _21 0000000006AC Čas na roztočení ploten
04 _86 _86 __0 0000000038A2 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _89 _89 __0 00000000212C Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 0000000009B7 Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000056E Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 00000000008F Počet vypnutí disku
C1 112 112 __0 000000040952 Počet cyklů načítání/vymazání
C2 107 _75 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4B31 4538 3141 4A41 5354
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3332 3030 4250 5654 2D32 324A 4A35 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 0044 0044
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 407F 0029
090: 0029 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 0212 9651 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0167 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8DA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 91 75 AC 06 00 00 00 00 00 04 32 00 56 56 A2
020: 38 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 59 59 2C 21 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 B7 09 00 00 00 00 00 BF 32
070: 00 01 01 6E 05 00 00 00 00 00 C0 32 00 C8 C8 8F
080: 00 00 00 00 00 00 C1 32 00 70 70 52 09 04 00 00
090: 00 00 C2 22 00 6B 4B 24 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 A4 1F 01 7B
170: 03 00 01 00 02 52 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DC

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DE

SchelbyGT · #4 Příspěvek od **SchelbyGT** » 13 bře 2016 20:58

# AdwCleaner v5.102 - Logfile created 13/03/2016 at 20:51:14
# Updated 13/03/2016 by Xplode
# Database : 2016-03-13.2 [Server]
# Operating system : Windows 7 Starter Service Pack 1 (x86)
# Username : Monča - MONČA-PC
# Running from : C:\Users\Monča\Downloads\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : Guard.Mail.ru

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Guard-ICQ
[-] Folder Deleted : C:\ProgramData\IHProtectUpDate
[-] Folder Deleted : C:\Users\Monča\Documents\PC Speed Maximizer

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Opera.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Monča\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Opera.lnk

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\Mail.Ru
[-] Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Key Deleted : HKLM\SOFTWARE\IHProtect
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SupTab
[-] Key Deleted : HKLM\SOFTWARE\Mail.Ru
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[#] Value Deleted : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Data Restored : HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?type=nt&ts= ... AJASTAJAST");
[-] [C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[-] [C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=14297 ... AJASTAJAST");
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mystartsearch
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14297 ... AJASTAJAST
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[-] [C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14297 ... AJASTAJAST

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [8212 bytes] - [13/03/2016 20:51:14]
C:\Program Files\AdwCleaner\AdwCleaner[S1].txt - [13165 bytes] - [13/03/2016 20:46:56]

########## EOF - C:\Program Files\AdwCleaner\AdwCleaner[C1].txt - [8387 bytes] ##########

#5 Příspěvek od **Márty84** » 13 bře 2016 21:46

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

SchelbyGT · #6 Příspěvek od **SchelbyGT** » 22 bře 2016 19:01

test jsem provedl už 2x , jeden trval celou noc. našlo to jednu věc, jenom nevím kam se to uložilo. mám ho provést znovu?

#7 Příspěvek od **Márty84** » 22 bře 2016 19:38

Ulozeno by to melo byt v protokolech. Nevite aspon priblizne co to bylo? Pokud ne, zopakujte ten test. Potrebuju vedet co to je a umisteni. Kdyz to tam nechame, muze to delat problemy.

SchelbyGT · #8 Příspěvek od **SchelbyGT** » 23 bře 2016 06:07

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23.3.2016
Čas skenování: 4:21
Protokol: malvare.txt
Správce: Ano

Verze: 0.0.0.0000
Databáze malwaru: v2016.03.23.01
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Monča

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 322607
Uplynulý čas: 27 min, 18 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#9 Příspěvek od **Márty84** » 23 bře 2016 14:50

Tohle je jen sken hrozeb, ten nekontroluje cely pocitac. Musite udelat Vlastni sken vsech disku.

SchelbyGT · #10 Příspěvek od **SchelbyGT** » 09 dub 2016 00:45

nevím co dělám špatně ale nejde mi to ukončit

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 9.4.2016 0:32, SYSTEM, MONČA-PC, Scheduler, program, 2.2.0.1024, 2.2.1.0,
Update, 9.4.2016 0:32, SYSTEM, MONČA-PC, Scheduler, Malware Database, 2016.4.8.5, 2016.4.8.6,
Update, 9.4.2016 0:35, SYSTEM, MONČA-PC, Scheduler, program, 2.2.0.1024, 2.2.1.0,
Error, 9.4.2016 0:57, SYSTEM, MONČA-PC, Protection, IsLicensed, 13,
Protection, 9.4.2016 0:57, SYSTEM, MONČA-PC, Protection, Malware Protection, Stopping,
Protection, 9.4.2016 0:57, SYSTEM, MONČA-PC, Protection, Malware Protection, Stopped,
Update, 9.4.2016 1:24, SYSTEM, MONČA-PC, Scheduler, program, 2.2.0.1024, 2.2.1.0,

(end)

#11 Příspěvek od **Márty84** » 09 dub 2016 08:25

Zkuste to spustit v nouzovem rezimu.

Kdyby to neslo ani v nem...

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

SchelbyGT · #12 Příspěvek od **SchelbyGT** » 09 dub 2016 20:00

tak se snad povedlo

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9.4.2016
Čas skenování: 15:29
Protokol: xxxx.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.04.09.03
Databáze rootkitů: v2016.04.03.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Monča

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 442860
Uplynulý čas: 3 hod, 11 min, 57 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [d0f74864debb0531228342060103ec14],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[8245c7e5465339fdb9d236f825e0f50b]

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
PUP.Optional.Delta.ShrtCln, C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml, , [398ecfdd38618fa742c7ae9a08fbf20e],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Monča\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.mystartsearch.com_0.localstorage, , [76513973623769cd33903c16b35125db],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Monča\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, , [06c1d6d6128742f4ad1693bf18ece917],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#13 Příspěvek od **Márty84** » 10 dub 2016 07:30

Vsechny nalezy nechte odstranit, pak muzete MBAM odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

SchelbyGT · #14 Příspěvek od **SchelbyGT** » 10 dub 2016 12:19

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Monča (administrator) on MONČA-PC (10-04-2016 13:14:28)
Running from C:\Users\Monča\AppData\Local\Temp\scoped_dir4900_22764
Loaded Profiles: Monča (Available Profiles: Monča)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.46\opera.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Farbar) C:\Users\Monča\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SuiteTray] => C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-30] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-18] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-06] (Avast Software s.r.o.)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\Run: [EPSON SX125 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGGE.EXE [200704 2012-10-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: D - D:\Setup.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {449f98ad-281e-11e2-a9f4-047d7b53ce8d} - D:\Setup.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {5d5cb478-6a56-11e5-9ea3-047d7b53ce8d} - E:\autorun.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {5d5cb481-6a56-11e5-9ea3-047d7b53ce8d} - E:\autorun.exe
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\...\MountPoints2: {d2c14209-1e91-11e2-bd3e-047d7b53ce8d} - D:\LaunchU3.exe -a
HKU\S-1-5-21-3651929139-1614469722-131421925-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-03] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3651929139-1614469722-131421925-1000] => http=;ftp=;https=;
AutoConfigURL: [S-1-5-21-3651929139-1614469722-131421925-1000] => http=;ftp=;https=;
Winsock: Catalog5 05 C:\Windows\system32\networkdlllsp.dll [433520 2015-01-15] (Network Tunnel Lab)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.125
Tcpip\..\Interfaces\{9EB73F6F-EA0A-4BAD-A04B-ADED5CBAFCC3}: [DhcpNameServer] 192.168.100.125
Tcpip\..\Interfaces\{D5EC3A30-57FB-4732-BDCA-4EBD8CDAA6C1}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3651929139-1614469722-131421925-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3651929139-1614469722-131421925-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-03] (Avast Software s.r.o.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Monča\AppData\Roaming\Mozilla\Firefox\Profiles\ac0ztclu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-30]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Disk Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-28]
CHR Extension: (YouTube) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-14]
CHR Extension: (Avast Online Security) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Monča\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-03] (Avast Software s.r.o.)
S3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [173424 2011-06-21] (Egis Technology Inc. )
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-07-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-07-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-07-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-07-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-06] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-07-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-07-03] ()
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [21600 2011-12-16] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16936 2011-12-16] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [62240 2011-12-16] (Egis Technology Inc.)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-10 13:14 - 2016-04-10 13:14 - 00000000 ____D C:\FRST
2016-04-10 13:13 - 2016-04-10 13:13 - 01725440 _____ (Farbar) C:\Users\Monča\Downloads\FRST (1).exe
2016-04-10 13:12 - 2016-04-10 13:12 - 00112640 _____ (forum.viry.cz) C:\Users\Monča\Downloads\FRSTLauncher.exe
2016-04-10 13:08 - 2016-04-10 13:08 - 01725440 _____ (Farbar) C:\Users\Monča\Downloads\FRST.exe
2016-04-10 09:56 - 2016-04-10 12:55 - 00206734 _____ C:\Windows\ntbtlog.txt
2016-04-09 20:51 - 2016-04-09 20:51 - 00001998 _____ C:\Users\Monča\Desktop\xxxx.txt
2016-04-09 20:49 - 2016-04-09 20:49 - 00001997 _____ C:\xxx.txt
2016-04-09 01:44 - 2016-04-09 01:44 - 00000655 _____ C:\Users\Monča\Desktop\uz.txt
2016-04-09 01:41 - 2016-04-09 01:41 - 00002072 _____ C:\uu.txt
2016-04-09 01:35 - 2016-04-09 01:35 - 00000655 _____ C:\Users\Monča\Desktop\i.txt
2016-03-26 00:25 - 2016-03-26 00:25 - 00000020 _____ C:\Windows\@÷6
2016-03-23 07:04 - 2016-03-23 07:04 - 00001151 _____ C:\Users\Monča\Desktop\malvare.txt
2016-03-15 21:33 - 2016-02-12 20:39 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-15 21:33 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-15 21:33 - 2016-02-12 20:26 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-15 21:33 - 2016-02-12 20:07 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-15 21:33 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-15 21:33 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-15 21:33 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-15 21:33 - 2016-02-12 20:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-15 21:33 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-03-15 21:33 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-15 21:33 - 2016-02-11 20:44 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-15 21:33 - 2016-02-11 20:44 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-15 21:33 - 2016-02-11 20:41 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-15 21:33 - 2016-02-11 20:37 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-15 21:33 - 2016-02-11 20:37 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-15 21:33 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-15 21:33 - 2016-02-11 20:33 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-15 21:33 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-15 21:33 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-15 21:33 - 2016-02-11 19:32 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-15 21:33 - 2016-02-11 19:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-15 21:33 - 2016-02-11 19:30 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-15 21:33 - 2016-02-09 11:50 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-15 21:33 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-15 21:33 - 2016-02-04 19:46 - 02387456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-15 21:33 - 2016-02-03 19:59 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-15 21:32 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-15 21:32 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-15 21:32 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-15 21:32 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-15 21:32 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-15 21:32 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-15 21:32 - 2016-02-11 20:31 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-15 21:32 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-15 21:32 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-15 21:32 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-15 21:32 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-15 21:32 - 2016-02-11 19:37 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-15 21:32 - 2016-02-11 19:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-15 21:32 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-15 21:32 - 2016-02-11 19:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-15 21:32 - 2016-02-11 19:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-15 21:32 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-15 21:32 - 2016-02-03 20:49 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2016-03-15 21:32 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-15 21:29 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-15 21:29 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-15 21:29 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-15 21:29 - 2016-02-08 22:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-15 21:29 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-15 21:29 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-15 21:29 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-15 21:29 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-15 21:29 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-15 21:29 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-15 21:29 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-15 21:29 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-15 21:29 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-15 21:29 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-15 21:29 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-15 21:29 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-15 21:29 - 2016-02-08 22:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-15 21:29 - 2016-02-08 22:23 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-15 21:29 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-15 21:29 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-15 21:29 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-15 21:29 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-15 21:29 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-15 21:29 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-15 21:29 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-15 21:29 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-15 21:29 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-15 21:29 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-15 21:29 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-15 21:29 - 2016-02-08 22:02 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-15 21:29 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-15 21:29 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-15 21:29 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-15 21:29 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-15 21:29 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-15 21:28 - 2016-02-19 20:50 - 00034240 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-15 21:28 - 2016-02-19 20:41 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-15 21:28 - 2016-02-19 16:07 - 01206784 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-15 21:28 - 2016-02-11 16:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-15 21:28 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-15 21:28 - 2016-02-05 20:44 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-15 21:28 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-15 21:28 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-15 21:28 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-15 21:28 - 2016-02-05 16:07 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-15 21:28 - 2016-02-05 16:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-15 21:28 - 2016-02-05 16:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-15 21:28 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-15 21:27 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-15 21:27 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-15 21:27 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-15 21:27 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-15 21:27 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-15 21:27 - 2016-01-11 20:54 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-15 18:50 - 2016-03-15 18:51 - 00263737 _____ C:\Users\Monča\Desktop\nabidka174662admin@stawebniny.com.PDF
2016-03-14 22:11 - 2016-03-14 22:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-14 22:05 - 2016-03-14 22:06 - 22908888 _____ (Malwarebytes ) C:\Users\Monča\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-13 21:46 - 2016-03-13 21:51 - 00000000 ____D C:\Program Files\AdwCleaner
2016-03-13 21:45 - 2016-03-13 21:45 - 01527296 _____ C:\Users\Monča\Downloads\adwcleaner_5.102.exe
2016-03-13 21:40 - 2016-03-13 21:41 - 04657896 _____ C:\Users\Monča\Downloads\CrystalDiskInfo6_7_4.zip
2016-03-13 20:25 - 2016-03-13 20:25 - 01107968 _____ C:\Users\Monča\Downloads\RSIT (1).exe
2016-03-13 20:14 - 2016-03-13 20:26 - 00000000 ____D C:\rsit
2016-03-13 20:14 - 2016-03-13 20:25 - 00000000 ____D C:\Program Files\trend micro
2016-03-13 20:12 - 2016-03-13 20:12 - 01107968 _____ C:\Users\Monča\Downloads\RSIT.exe
2016-03-13 19:26 - 2016-03-13 19:26 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (6).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu.xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (5).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (4).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (3).xls
2016-03-13 19:20 - 2016-03-13 19:24 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (2).xls
2016-03-13 19:10 - 2016-03-13 19:23 - 00050176 _____ C:\Users\Monča\Downloads\detailni-prehled-nakladu (1).xls
2016-03-13 18:14 - 2016-03-13 18:14 - 00000020 _____ C:\Windows\ řÄ
2016-03-13 18:06 - 2016-03-13 18:06 - 00000000 ____D C:\Windows\OEMTemp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-10 13:05 - 2009-07-14 06:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-10 13:05 - 2009-07-14 06:34 - 00016160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-10 13:01 - 2012-09-26 23:02 - 00669560 _____ C:\Windows\system32\perfh005.dat
2016-04-10 13:01 - 2012-09-26 23:02 - 00141930 _____ C:\Windows\system32\perfc005.dat
2016-04-10 13:01 - 2010-11-20 23:01 - 01586066 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-10 13:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-04-10 12:59 - 2015-04-02 09:33 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-10 12:59 - 2014-08-04 17:41 - 00002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 12:59 - 2013-11-20 21:40 - 00000904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-10 12:59 - 2012-09-26 13:36 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2016-04-10 12:59 - 2011-12-16 11:55 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-04-10 12:59 - 2009-07-14 06:46 - 00001503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-04-10 12:59 - 2009-07-14 06:42 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-04-10 12:58 - 2015-07-03 19:13 - 00001961 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-10 12:58 - 2015-04-02 09:34 - 00000965 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-10 12:58 - 2015-02-28 11:09 - 00000895 _____ C:\Users\Public\Desktop\Fotor.lnk
2016-04-10 12:58 - 2014-08-04 17:41 - 00002087 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 12:58 - 2013-11-20 21:40 - 00000898 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-10 12:58 - 2013-09-15 21:36 - 00002022 _____ C:\Users\Public\Desktop\Zoo Tycoon Complete Collection.lnk
2016-04-10 12:58 - 2013-04-29 12:35 - 00001757 _____ C:\Users\Public\Desktop\ICQ7M.lnk
2016-04-10 12:58 - 2013-03-01 20:55 - 00001861 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-04-10 12:58 - 2013-03-01 20:45 - 00000963 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 12:58 - 2012-10-20 09:40 - 00000928 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-04-10 12:58 - 2012-10-10 20:20 - 00001022 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-10 12:58 - 2011-12-16 11:18 - 00001486 _____ C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
2016-04-10 12:57 - 2012-10-04 12:49 - 00001086 _____ C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 12:57 - 2009-07-14 06:46 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-04-10 12:57 - 2009-07-14 06:37 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-04-10 12:56 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-10 12:53 - 2012-11-06 21:42 - 00000000 ____D C:\Users\Monča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-04-09 22:57 - 2015-07-28 12:24 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-09 22:18 - 2013-12-15 14:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-09 22:07 - 2011-12-16 11:28 - 00000000 ____D C:\Program Files\Windows Live
2016-04-09 21:51 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-09 20:51 - 2013-09-30 11:41 - 00000000 ____D C:\Users\Monča\AppData\Local\ElevatedDiagnostics
2016-04-09 00:55 - 2015-04-06 20:46 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-08 22:24 - 2013-11-20 21:40 - 00000000 ____D C:\Program Files\Opera
2016-04-08 22:18 - 2013-12-15 14:53 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 22:18 - 2011-12-16 11:55 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-03-23 01:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-03-16 05:17 - 2009-07-14 06:33 - 00415600 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-16 05:12 - 2014-12-14 11:26 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-16 05:09 - 2012-10-04 12:59 - 00000000 ____D C:\Users\Monča\AppData\Roaming\SoftGrid Client
2016-03-13 22:33 - 2011-12-16 11:22 - 00000000 ____D C:\ProgramData\Skype
2016-03-13 20:04 - 2011-12-16 11:26 - 00000000 ____D C:\Program Files\Acer
2016-03-13 19:47 - 2013-12-26 12:17 - 00000000 ____D C:\Users\Monča\AppData\Local\CrashDumps
2016-03-13 19:47 - 2012-10-07 17:28 - 00000000 ____D C:\Windows\Minidump
2016-03-13 18:10 - 2014-05-15 17:19 - 00000000 ____D C:\Users\Monča\AppData\Roaming\Kastner software
2016-03-13 18:10 - 2014-05-15 17:18 - 00000000 ____D C:\ProgramData\KASTNER software
2016-03-13 18:09 - 2014-02-16 15:54 - 00000000 ____D C:\Users\Monča\AppData\Local\Deployment
2016-03-13 18:08 - 2011-12-16 11:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-03-13 18:06 - 2011-12-16 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-13 17:56 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-13 17:55 - 2011-12-16 11:18 - 00000000 ____D C:\ProgramData\WildTangent
2016-03-13 17:54 - 2011-12-16 11:18 - 00000000 ____D C:\Program Files\WildTangent Games
2016-03-13 17:50 - 2013-04-29 12:34 - 00000000 ____D C:\Users\Monča\AppData\Roaming\ICQ
2016-03-13 17:47 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\system32\FxsTmp

==================== Files in the root of some directories =======

2015-12-17 18:40 - 2015-12-17 18:40 - 0000000 _____ () C:\Users\Monča\AppData\Local\{87A71E6C-3D15-47B5-B0F2-9D3538A39351}
2015-06-23 17:47 - 2015-06-23 18:14 - 0000000 _____ () C:\Users\Monča\AppData\Local\{970E244C-C776-4695-83EB-D42A8D31D975}
2015-12-08 20:15 - 2015-12-08 20:15 - 0000000 _____ () C:\Users\Monča\AppData\Local\{D672A4CE-5579-41E4-9DD1-B47E1C2077DC}

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-23 01:47

==================== End of FRST.txt ============================

#15 Příspěvek od **Márty84** » 11 dub 2016 10:28

To teda moc podle navodu nebylo...

Napiste mi velikost adresare plochy

Presunte FRST na plochu, jinak to nebude fungovat!!!

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3651929139-1614469722-131421925-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-04-29 1564368]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01 144200]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

VIRY.CZ

pomalé pc

pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc

Re: pomalé pc