pomaly pocitac, pomuze nekdo, diky

[lukas21]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Luke at 2016-08-29 18:31:10
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 261 GB (56%) free of 467 GB
Total RAM: 3325 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:31:21, on 29.8.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16789)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\TVPaint Developpement\TVP Animation 9 Pro\TVP Animation 9 Pro.exe
C:\Program Files\OpenOffice 4\program\soffice.exe
C:\Program Files\OpenOffice 4\program\soffice.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Luke\Downloads\RSIT.exe
C:\Program Files\trend micro\Luke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Internet Explorer: Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 6269 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sdianvx9.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.92.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05 472128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-29 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05 186432]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-29 9103976]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2016-08-01 14737664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-01-15 6628056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9]
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2015-11-30 2010912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-29 18:31:10 ----D---- C:\rsit
2016-08-29 18:31:10 ----D---- C:\Program Files\trend micro
2016-08-29 15:13:49 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-29 11:46:10 ----A---- C:\Windows\system32\aswBoot.exe
2016-08-29 11:45:54 ----A---- C:\Windows\avastSS.scr
2016-08-29 11:19:06 ----D---- C:\Users\Luke\AppData\Roaming\Mozilla
2016-08-29 11:18:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-08-29 11:18:43 ----D---- C:\Program Files\Mozilla Firefox
2016-08-29 11:10:41 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-08-29 11:10:13 ----D---- C:\ProgramData\Malwarebytes
2016-08-29 11:10:13 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-08-29 11:10:13 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-08-29 11:10:13 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-08-29 11:10:13 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-08-01 19:26:50 ----D---- C:\Program Files\Synaptics
2016-08-01 19:25:42 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2016-08-01 19:25:42 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2016-08-01 19:20:52 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2016-08-01 19:20:51 ----A---- C:\Windows\system32\SRSWOW.dll
2016-08-01 19:20:51 ----A---- C:\Windows\system32\SRSTSXT.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkPgExt.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkCoInstII.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkApoApi.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEEP32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEEL32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEEG32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEED32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RP3DHT32.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RP3DAA32.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RltkAPO.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBWrp32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBppld32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBPPCn32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBAPO32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBAPO232.dll
2016-08-01 19:20:46 ----A---- C:\Windows\system32\FMAPO.dll
2016-08-01 19:20:43 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-08-01 19:20:43 ----A---- C:\Windows\system32\AERTARen.dll
2016-08-01 19:20:43 ----A---- C:\Windows\system32\AERTACap.dll
2016-08-01 19:20:35 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

======List of files/folders modified in the last 1 month======

2016-08-29 18:31:10 ----RD---- C:\Program Files
2016-08-29 18:31:04 ----D---- C:\Windows\Temp
2016-08-29 18:16:08 ----D---- C:\Windows
2016-08-29 18:12:46 ----SD---- C:\Users\Luke\AppData\Roaming\Microsoft
2016-08-29 18:12:45 ----SD---- C:\ProgramData\Microsoft
2016-08-29 17:05:29 ----D---- C:\Windows\System32
2016-08-29 17:05:29 ----D---- C:\Windows\inf
2016-08-29 17:05:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-29 15:35:38 ----D---- C:\Windows\SoftwareDistribution
2016-08-29 15:33:44 ----D---- C:\Windows\system32\catroot2
2016-08-29 15:32:04 ----D---- C:\Windows\Debug
2016-08-29 15:32:00 ----D---- C:\Program Files\IObit
2016-08-29 15:24:31 ----D---- C:\Users\Luke\AppData\Roaming\IObit
2016-08-29 15:19:36 ----SHD---- C:\Boot
2016-08-29 15:19:35 ----D---- C:\Windows\system32\config
2016-08-29 15:15:08 ----D---- C:\Windows\system32\drivers
2016-08-29 15:13:49 ----HD---- C:\ProgramData
2016-08-29 15:13:28 ----D---- C:\ProgramData\ProductData
2016-08-29 12:09:12 ----D---- C:\Windows\system32\Tasks
2016-08-29 11:48:30 ----D---- C:\Windows\winsxs
2016-08-29 10:53:15 ----D---- C:\Windows\Minidump
2016-08-07 14:10:03 ----D---- C:\Windows\Prefetch
2016-08-01 22:07:58 ----D---- C:\Windows\system32\catroot
2016-08-01 19:46:57 ----SHD---- C:\System Volume Information
2016-08-01 19:23:01 ----D---- C:\Windows\system32\RTCOM
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkCoLDR.dll
2016-07-30 12:01:40 ----D---- C:\ProgramData\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2016-02-13 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2016-08-29 295840]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-08-29 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-29 224616]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-08-29 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2016-08-29 64272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-08-29 735352]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-08-29 434144]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2016-02-22 23840]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-08-29 92256]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2008-03-07 27648]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2016-08-29 184592]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2015-11-30 11968]
R3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV32.sys [2009-10-27 105984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2016-08-01 3798272]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-04-07 10718264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2016-02-22 603928]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-08-01 26792]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2015-11-30 88768]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2015-11-30 12992]
R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-08-29 34008]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2016-08-29 66688]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2013-10-17 23040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-02-11 13368]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-02-01 308248]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [2015-11-04 827680]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [2016-08-01 96712]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-29 197128]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2016-08-29 223600]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2008-07-11 328992]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2008-07-11 226592]
R2 WTabletServicePro;Wacom Professional Service; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2014-12-22 578328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-13 915600]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11 154440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11 154440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-17 147624]
S3 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 678968]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Márty84]

Zdravim

Co konkretne je pomale? Start, internet, prace se slozkama, vsechno, dela to porad, nebo obcas....?


Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[lukas21]

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Ultimate SP2 [6.0 Build 6002] (x86)
Date : 2016/08/31 18:11:06

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9R/DO/DH 4 port Serial ATA Storage Controller 1 - 2920 [ATA]
+ Kanál IDE (0)
- SAMSUNG HD502IJ ATA Device
+ Kanál IDE (1)
- PLDS DVD+-RW DH-16A6S ATA Device
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 2 - 2926 [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502IJ : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD502IJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502IJ
Firmware : 1AA01113
Serial Number : S1GYJ1KQ703508
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 29359 hod.
Power On Count : 4586 krát
Temperature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE80h [ON]
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _85 _85 _11 0000000014C8 Čas na roztočení ploten
04 _95 _95 __0 0000000011F2 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 __0 000000000000 Počet chybných hledání
08 100 100 __0 000000002DE8 Čas potřebný na vyhledání
09 _94 _94 __0 0000000072AF Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 0000000011EA Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _82 _61 __0 0000120F0012 Teplota toku vzduchu
C2 _76 _60 __0 0000180F0018 Teplota
C3 100 100 __0 000000013643 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 2020 2020 2020 5331 4759 4A31 4B51 3730 3335 3038
020: 0003 8000 0004 3141 4130 3131 3133 5341 4D53 554E
030: 4720 4844 3530 3249 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1506 0000 0044 0040
080: 00F8 0052 746B 7F69 4133 7469 BE41 4123 20FF 0039
090: 0039 0000 FFFE 0000 FE80 0008 0005 005D 86A0 0001
100: 6030 3A38 0000 0000 0064 0000 0000 0000 5000 0F00
110: 0B00 10BA 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 55 55 C8 14 00 00 00 00 00 04 32 00 5F 5F F2
020: 11 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0E 00 64 64 00 00 00 00 00 00 00 08 24
040: 00 64 64 E8 2D 00 00 00 00 00 09 32 00 5E 5E AF
050: 72 00 00 00 00 00 0A 32 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 5F 5F EA 11 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 52 3D 12 00 0F 12 00
0C0: 00 00 C2 22 00 4C 3C 18 00 0F 18 00 00 00 C3 1A
0D0: 00 64 64 43 36 01 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 0A 1E 00 7B
170: 03 00 01 00 02 81 0E 81 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8D

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 00 00 00 00 00 00 00 00 00 00 00 08 00
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 00 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22

[lukas21]

# AdwCleaner v6.010 - Log soubor vytvořen 31/08/2016 na 19:02:44
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-08-30.2 [Server]
# Operační systém : Windows Vista (TM) Ultimate Service Pack 2 (X86)
# Uživatelské jméno : Luke - LUKE-PC
# Beží od : C:\Users\Luke\Downloads\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

[-] Služby smazány:swdumon


***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Luke\AppData\Local\slimware utilities inc
[-] Adresář smazán:C:\ProgramData\SecTaskMan
[-] Adresář smazán:C:\ProgramData\SlimWare Utilities, Inc
[-] Adresář smazán:C:\Users\Public\Documents\Downloaded Installers


***** [ Soubory ] *****

[-] Soubor smazán:C:\Windows\system32\drivers\swdumon.sys
[#] Soubor smazán:C:\Windows\system32\drivers\SWDUMon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartování:HKCU\Software\SlimWare Utilities Inc
[-] Klíč smazán:HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč smazán:HKLM\SOFTWARE\SlimWare Utilities Inc


***** [ Prohlížeče ] *****

[-] [crawler.com] [Search Provider] Smazání:crawler.com
[-] [search.icq.com] [Search Provider] Smazání:search.icq.com


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1629 Bajtů] - [31/08/2016 19:02:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [2011 Bajtů] - [31/08/2016 18:15:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1777 Bajtů] ##########

[lukas21]

diky za pomoc, trapi me ale tohle, pocitac i nadale neco chrousta ackoli se zjevne nic nedeje, nic neni zapnuto, taky me prijde divna teplota cpu na 82 a gpu na 71, RAM je po spusteni na26% posleze vystoupa " sama" na 45-50 a zustane tak

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[lukas21]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1.9.2016
Čas skenování: 20:59:10
Protokol: textresult.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.01.09
Databáze rootkitů: v2016.08.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Luke

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 429078
Uplynulý čas: 1 hod, 17 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Spustte spravce uloh a podivejte se, ktery proces vytezuje tu pamet.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

[lukas21]

po startu se objevuje tato hlaska

[lukas21]

jinak to zpomaluje ciste asi uz jen internet, celkove se to zlepsilo

[Márty84]

po startu se objevuje tato hlaska

Po startu ceho? Pocitace? Nebo po startu FRST?

[lukas21]

pocitace

[Márty84]

OK, dejte logy z FRST a uvidime, co ukazou. Po uprave registru by ta hlaska mela zmizet.

[lukas21]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Luke (administrator) on LUKE-PC (07-09-2016 14:16:59)
Running from C:\Users\Luke\Downloads
Loaded Profiles: Luke (Available Profiles: Luke)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14737664 2016-08-01] (Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {09eca58a-e05d-11e5-aaff-00219b0e5a1f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {38ae83d9-e6bc-11e5-bcfe-022d4305027d} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {6ea42782-e05e-11e5-aaff-00219b0e5a1f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {f3d1f318-d12d-11e5-a361-00219b0e5a1f} - J:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-08-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0FC26D2B-DDB1-487D-8F9E-BD76E6173A61}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{57E700FF-46A1-4672-A738-C1E9E3C76775}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{648D6EE5-8D22-41E8-9677-1C57D5986844}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-29] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sdianvx9.default
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF user.js: detected! => C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sdianvx9.default\user.js [2016-08-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-02-12] [not signed]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-29]

Chrome:
=======
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-11]
CHR Extension: (Dokumenty Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-11]
CHR Extension: (Disk Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-11]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-11]
CHR Extension: (Avast SafePrice) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-29]
CHR Extension: (Tabulky Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-22]
CHR Extension: (Click by Voice) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\njnogpkbdogcgciecomlojjoapemfgei [2016-08-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-11]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-08-29] (AVAST Software)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [578328 2014-12-22] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-29] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2016-02-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [295840 2016-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-08-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735352 2016-08-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [434144 2016-08-29] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-08-29] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224616 2016-08-29] (AVAST Software)
R3 cpuz138; C:\Users\Luke\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [27832 2016-09-07] (CPUID)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11968 2015-11-30] (Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-02-22] (REALiX(tm))
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-03-07] (Windows (R) Codename Longhorn DDK provider)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-08-01] (Synaptics Incorporated)
R3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [88768 2015-11-30] (Wacom Technology)
R3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [12992 2015-11-30] (Wacom Technology)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-07 14:11 - 2016-09-07 14:16 - 00015951 _____ C:\Users\Luke\Downloads\FRST.txt
2016-09-07 14:11 - 2016-09-07 14:12 - 00018458 _____ C:\Users\Luke\Downloads\Addition.txt
2016-09-07 14:09 - 2016-09-07 14:16 - 00000000 ____D C:\FRST
2016-09-07 14:07 - 2016-09-07 14:07 - 01747968 _____ (Farbar) C:\Users\Luke\Downloads\FRST.exe
2016-09-07 12:29 - 2016-09-07 12:29 - 00000005 _____ C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2016-08-31 18:13 - 2016-08-31 19:02 - 00000000 ____D C:\AdwCleaner
2016-08-31 18:12 - 2016-08-31 18:12 - 03826240 _____ C:\Users\Luke\Downloads\adwcleaner_6.010.exe
2016-08-31 18:07 - 2016-08-31 18:08 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2016-08-31 18:07 - 2016-08-31 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-08-31 18:03 - 2016-08-31 18:03 - 11407001 _____ C:\Users\Luke\Downloads\CrystalDiskInfo7_0_3-en.exe
2016-08-29 18:55 - 2016-08-29 18:55 - 03124352 _____ (ESET) C:\Users\Luke\Downloads\eset_nod32_antivirus_live_installer.exe
2016-08-29 18:31 - 2016-08-29 18:31 - 00000000 ____D C:\rsit
2016-08-29 18:31 - 2016-08-29 18:31 - 00000000 ____D C:\Program Files\trend micro
2016-08-29 18:29 - 2016-08-29 18:29 - 01107968 _____ C:\Users\Luke\Downloads\RSIT.exe
2016-08-29 17:04 - 2016-08-29 17:04 - 38965447 _____ C:\Users\Luke\Downloads\zasilka-KPZRKMBZ36GV8JSJ.zip
2016-08-29 17:03 - 2016-08-29 19:53 - 04129314 _____ C:\Users\Luke\Downloads\hanusproject.tvpp
2016-08-29 15:13 - 2016-08-29 15:13 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-29 11:46 - 2016-08-29 11:45 - 00319760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-29 11:45 - 2016-08-29 11:45 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-08-29 11:19 - 2016-08-29 11:19 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Mozilla
2016-08-29 11:19 - 2016-08-29 11:19 - 00000000 ____D C:\Users\Luke\AppData\Local\Mozilla
2016-08-29 11:18 - 2016-08-29 11:18 - 00000860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-29 11:18 - 2016-08-29 11:18 - 00000848 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-29 11:18 - 2016-08-29 11:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-29 11:18 - 2016-08-29 11:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-29 11:10 - 2016-09-01 20:58 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-29 11:10 - 2016-08-29 11:10 - 00000901 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-29 11:10 - 2016-08-29 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-29 11:10 - 2016-08-29 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-29 11:10 - 2016-08-29 11:10 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-08-29 11:10 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-29 11:10 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-29 11:10 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-07 14:15 - 2006-11-02 15:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-07 14:15 - 2006-11-02 14:46 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-07 14:15 - 2006-11-02 14:46 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-07 14:14 - 2006-11-02 15:00 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-07 12:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-09-07 12:33 - 2016-02-11 18:18 - 00067048 _____ C:\Users\Luke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-07 12:33 - 2006-11-02 14:46 - 00296048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-07 12:30 - 2016-04-28 20:32 - 00000000 ____D C:\Program Files\Seznam.cz
2016-09-07 12:30 - 2016-04-28 20:31 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Seznam.cz
2016-09-07 12:30 - 2016-04-20 14:05 - 00000000 ____D C:\Users\Luke\AppData\Roaming\HTC
2016-09-07 12:30 - 2016-03-02 12:02 - 00000000 ____D C:\ProgramData\HTC
2016-09-07 12:29 - 2016-04-20 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2016-09-07 11:55 - 2016-02-15 19:29 - 00000000 ____D C:\Windows\Minidump
2016-09-05 15:52 - 2016-02-15 19:47 - 00000000 ____D C:\ProgramData\ProductData
2016-09-05 09:59 - 2016-02-15 19:48 - 00001946 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-09-03 12:21 - 2008-01-21 08:12 - 01576186 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-03 12:21 - 2008-01-21 08:11 - 00659288 _____ C:\Windows\system32\perfh005.dat
2016-09-03 12:21 - 2008-01-21 08:11 - 00145164 _____ C:\Windows\system32\perfc005.dat
2016-09-02 21:39 - 2016-03-06 12:01 - 39403520 _____ C:\Windows\system32\config\components.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 37994496 _____ C:\Windows\system32\config\software.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 00176128 _____ C:\Windows\system32\config\default.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 00065536 _____ C:\Windows\system32\config\sam.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 00020480 _____ C:\Windows\system32\config\security.iobit
2016-08-31 18:12 - 2016-04-28 20:32 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-31 18:12 - 2016-04-28 20:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-08-29 15:32 - 2016-02-15 19:47 - 00000000 ____D C:\Program Files\IObit
2016-08-29 15:24 - 2016-02-15 19:47 - 00000000 ____D C:\Users\Luke\AppData\Roaming\IObit
2016-08-29 11:46 - 2016-02-11 19:42 - 00434144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00224616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00184592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00092256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00066688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-29 11:45 - 2016-02-13 12:26 - 00295840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2016-08-29 11:45 - 2016-02-13 12:26 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-29 11:45 - 2016-02-11 19:42 - 00735352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2016-02-24 18:16 - 2016-04-15 20:24 - 0004608 _____ () C:\Users\Luke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-07 13:16

==================== End of FRST.txt ============================

[lukas21]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Luke (07-09-2016 14:40:00)
Running from C:\Users\Luke\Downloads
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) (2008-09-20 11:39:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1443009734-1096153861-1703218636-500 - Administrator - Disabled)
Guest (S-1-5-21-1443009734-1096153861-1703218636-501 - Limited - Enabled)
Luke (S-1-5-21-1443009734-1096153861-1703218636-1000 - Administrator - Enabled) => C:\Users\Luke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
AMP Font Viewer (HKLM\...\AMP Font Viewer) (Version: - )
Avast Premier (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CrystalDiskInfo 7.0.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
Google Drive (HKLM\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Krita Desktop (x86) "2.9.11.0" (HKLM\...\{18A66C86-EC47-4736-9690-85EEB66407CA}) (Version: 2.9.11.0 - Krita Foundation)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7770 - Realtek Semiconductor Corp.)
Roxio Activation Module (HKLM\...\{07159635-9DFE-4105-BFC0-2817DB540C68}) (Version: 1.0 - Roxio)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41C6-8752-958A45325C82}) (Version: 3.5.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.5.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}) (Version: 3.5.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4C52-84D5-77E344289F87}) (Version: 3.5.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.5.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ED8-B104-03393876DFDF}) (Version: 3.5.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
SafeZone Stable 1.48.2066.120 (Version: 1.48.2066.120 - Avast Software) Hidden
Security Task Manager 2.1f (HKLM\...\Security Task Manager) (Version: 2.1f - Neuber Software)
Sentinel Protection Installer 7.5.0 (HKLM\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Sonic CinePlayer Decoder Pack (HKLM\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TVP Animation 9.5 Professional Edition (remove only) (HKLM\...\TVP Animation 9 Pro) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11w3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Zoner Photo Studio 13 FREE (HKLM\...\ZonerPhotoStudio13_EN_is1) (Version: 13.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2146BDF0-63DC-4289-94C2-0E26E90A6BF2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-29] (AVAST Software)
Task: {67FF8C20-5066-4F72-BC65-754C1EB9F9C9} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {6AC28FDC-3C2E-4697-8451-8814E3B64596} - System32\Tasks\SafeZone scheduled Autoupdate 1455359297 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-12] (Avast Software)
Task: {89E7F427-1F4D-4D2B-B8C2-1E20986B44DF} - System32\Tasks\ASC9_SkipUac_Luke => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)
Task: {AF5269DD-B211-4B4E-BE71-AA0F75238C51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {C8D54F16-5BF7-44D8-B666-D84343E51C5F} - System32\Tasks\Driver Booster SkipUAC (Luke) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {C9FAFEC3-9D00-43B9-9A0D-22A782F6BF67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11] (Google Inc.)
Task: {CC433333-4AAD-4A60-9FD2-1184D90E5A6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11] (Google Inc.)
Task: {D7159F95-121B-4CE4-AB4E-7D3C1A2F4FC3} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {FF9A9D30-96B1-4CCC-A3DD-97357592796B} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2015-12-03] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-08-29 11:45 - 2016-08-29 11:45 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-07 11:50 - 2016-09-07 11:50 - 03084464 _____ () C:\Program Files\AVAST Software\Avast\defs\16090700\algo.dll
2016-08-29 11:45 - 2016-08-29 11:45 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-15 19:48 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl
2016-02-15 19:48 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl
2016-02-15 19:48 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2016-07-01 13:23 - 2016-07-01 13:23 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-11 19:07 - 2014-12-22 22:42 - 01019672 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-09-07 12:04 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 12:04 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Advanced SystemCare 9 => "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{50AA5D92-B8FC-4B05-A9D6-38BFDF8105DE}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D6DB7EEE-B4C8-4C57-8934-EE6536121A1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D9EE90DB-8B2E-4B54-AF93-E66813464E58}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1D0D1B83-A7EC-4974-8836-EF63502AA71C}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{0FFD317F-91D0-4F4C-89D9-AC99BCE56695}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{667D87D3-3778-4746-943B-FECA1FB7E139}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{97331641-0755-414A-BC50-37A1E0754835}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{C93CD3E5-ABD2-42FE-A54F-F0F3BFA8B50D}] => (Allow) LPort=80
FirewallRules: [{2E3AB3CC-0AF5-4CBB-94C4-B364BDD08E35}] => (Allow) LPort=80
FirewallRules: [{5EEEA751-2331-433C-8863-B95593C1F25B}] => (Allow) LPort=80
FirewallRules: [{71C615E7-50FC-4851-9352-ADD0E5EA1785}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{37708CEE-ED25-4A0E-81EF-6F66BDC79128}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EB3A1015-C9CC-41F7-870B-4C72D6B19800}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

05-06-2016 11:00:09 Naplánovaný kontrolní bod
06-06-2016 16:38:39 Naplánovaný kontrolní bod
07-06-2016 13:25:40 Windows Update
10-06-2016 12:15:09 Naplánovaný kontrolní bod
14-06-2016 14:03:16 Windows Update
15-06-2016 21:23:30 Windows Update
17-06-2016 21:38:50 Naplánovaný kontrolní bod
18-06-2016 19:22:50 Naplánovaný kontrolní bod
19-06-2016 13:23:31 Naplánovaný kontrolní bod
21-06-2016 15:54:57 Windows Update
22-06-2016 14:08:05 Naplánovaný kontrolní bod
23-06-2016 13:14:21 Naplánovaný kontrolní bod
25-06-2016 18:25:38 Naplánovaný kontrolní bod
01-07-2016 13:25:51 Windows Update
02-07-2016 20:19:56 Naplánovaný kontrolní bod
03-07-2016 16:39:35 Naplánovaný kontrolní bod
05-07-2016 13:39:33 Windows Update
06-07-2016 15:16:28 Naplánovaný kontrolní bod
07-07-2016 15:06:06 Naplánovaný kontrolní bod
08-07-2016 15:01:38 Naplánovaný kontrolní bod
12-07-2016 11:58:28 Windows Update
20-07-2016 16:20:13 Naplánovaný kontrolní bod
21-07-2016 06:42:17 Naplánovaný kontrolní bod
01-08-2016 19:13:54 Driver Booster : Realtek High Definition Audio
01-08-2016 19:21:32 Instalace balíčku ovladače zařízení: Realtek Semiconductor Corp. Řadiče zvuku, videa a her
01-08-2016 19:25:59 Instalace balíčku ovladače zařízení: Synaptics Systémová zařízení
29-08-2016 19:00:20 Instalace balíčku ovladače zařízení: Eset spol s r. o.
29-08-2016 19:01:11 Instalace balíčku ovladače zařízení: Eset spol s r. o.
29-08-2016 19:01:12 Instalace balíčku ovladače zařízení: Eset spol s r. o.
07-09-2016 12:28:15 Removed HTC Sync Manager.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2016 02:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/07/2016 01:10:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/07/2016 12:33:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/07/2016 11:49:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/06/2016 10:06:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/05/2016 03:58:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/05/2016 03:51:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/05/2016 09:59:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/04/2016 10:16:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/03/2016 10:00:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (09/05/2016 03:52:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LiveUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2016 03:50:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:49:29, 5.9.2016) bylo neočekávané.

Error: (09/01/2016 06:32:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:31:20, 1.9.2016) bylo neočekávané.

Error: (08/31/2016 06:15:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sentinel Protection Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sentinel Keys Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HTCMonitorService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Andrea RT Filters Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-09-07 14:39:57.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.125
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:56.937
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:56.735
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:56.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:17:46.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:17:46.748
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 3325.27 MB
Available physical RAM: 1630.08 MB
Total Virtual: 6867.53 MB
Available Virtual: 5057.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.68 GB) (Free:256.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.72 GB) NTFS
Drive j: (HTC Sync Manager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 30000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=455.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================