Dobrý den,
prosím o kontrolu logu. Můj noťas už při startu systému má nějakou prodlevu (černá obrazovka) a po naběhnutí systému se do cca. 5 min procesor vytíží na 99% a je to pomalý jak šnek. Dále to hlásí, že služba RST není spuštěna (a nevím jak jí spustit). Zkusil jsem udělat obnovení systému, ale to nešlo, protože to skončilo na nějaké chybě.
Předem díky za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Linda at 2016-08-15 23:07:31
Microsoft Windows 10 Home
System drive C: has 337 GB (71%) free of 473 GB
Total RAM: 3912 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:07:50, on 15.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0420)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Linda\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Linda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [ManicTimeC34F57B2DA6E6758] C:\Program Files (x86)\ManicTime\ManicTime.exe /minimized /name:
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
--
End of file - 10766 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
dashost.exe {f6752873-c4e0-44b7-8a8f8c7359d73c77}
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\mqsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
sihost.exe
taskeng.exe {45EF2E2A-4388-48C5-BF18-47A27705757C}
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Linda\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\InstallAgent.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b95a584e-f252-4769-a810-56449f3a8706 -SystemEventPortName:HostProcess-8c226af5-ad22-4557-afde-46043ba752d6 -IoCancelEventPortName:HostProcess-74ed927e-99bd-4e99-b45e-5c00ede4fa12 -NonStateChangingEventPortName:HostProcess-1ffc1690-3832-466a-a82a-0953c78e2bcd -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eb597cb8-4430-42cd-b77f-1b39d1c00041 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files (x86)\ManicTime\ManicTime.exe" /minimized /name:
"C:\Users\Linda\Desktop\RSITx64.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{7006698D-2974-4091-A424-85DD0B909E23}
C:\windows\system32\MusNotification.exe Display
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\wermgr.exe -upload
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "https://www.google.com/search?q="
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\searchplugins\
Google.xml
yahoo-lavasoft.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30 255088]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-02-14 2868496]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2016-06-14 1767944]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-05-21 16475392]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
"hshhsaaaws"= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2014-09-19 89600]
"ManicTimeC34F57B2DA6E6758"=C:\Program Files (x86)\ManicTime\ManicTime.exe [2016-08-01 58824]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25 1110232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-06-14 1767944]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemExplorerAutoStart]
C:\Program Files (x86)\System Explorer\SystemExplorer.exe /TRAY []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-15 8900328]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll, C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 451584]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-08-15 22:53:28 ----D---- C:\rsit
2016-08-15 21:55:58 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-08-15 21:53:39 ----D---- C:\Program Files (x86)\GUM7B4B.tmp
2016-08-15 21:53:39 ----A---- C:\Program Files (x86)\GUT7B4C.tmp
2016-08-15 20:49:17 ----D---- C:\Users\Linda\AppData\Roaming\Solvusoft
2016-08-14 20:35:42 ----D---- C:\ProgramData\ProductData
2016-08-14 20:35:40 ----D---- C:\WINDOWS\IObit
2016-08-14 20:35:37 ----D---- C:\ProgramData\IObit
2016-08-14 20:35:36 ----D---- C:\Users\Linda\AppData\Roaming\IObit
2016-08-14 20:12:40 ----D---- C:\Users\Linda\AppData\Roaming\Local
2016-07-20 11:07:47 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2016-07-20 11:07:47 ----A---- C:\WINDOWS\system32\drivers\mbam(3876).sys
======List of files/folders modified in the last 1 month======
2016-08-15 23:07:41 ----D---- C:\Program Files\trend micro
2016-08-15 23:07:15 ----D---- C:\Windows
2016-08-15 23:05:07 ----D---- C:\WINDOWS\Temp
2016-08-15 23:04:46 ----D---- C:\WINDOWS\system32\sru
2016-08-15 22:54:30 ----HD---- C:\Program Files\WindowsApps
2016-08-15 22:53:37 ----D---- C:\WINDOWS\Prefetch
2016-08-15 22:53:14 ----D---- C:\WINDOWS\AppReadiness
2016-08-15 22:31:17 ----HD---- C:\ProgramData
2016-08-15 22:19:24 ----D---- C:\WINDOWS\system32\config
2016-08-15 22:17:22 ----D---- C:\WINDOWS\CbsTemp
2016-08-15 22:16:40 ----D---- C:\WINDOWS\system32\drivers
2016-08-15 22:07:52 ----SHD---- C:\WINDOWS\Installer
2016-08-15 22:07:47 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-15 22:07:27 ----D---- C:\Program Files (x86)\ManicTime
2016-08-15 21:58:10 ----D---- C:\WINDOWS\system32\Tasks
2016-08-15 21:55:58 ----D---- C:\WINDOWS\System32
2016-08-15 21:53:39 ----RD---- C:\Program Files (x86)
2016-08-15 21:49:36 ----D---- C:\WINDOWS\WinSxS
2016-08-15 21:49:32 ----D---- C:\WINDOWS\system32\wbem
2016-08-15 21:47:44 ----D---- C:\WINDOWS\system32\migration
2016-08-15 21:47:44 ----D---- C:\WINDOWS\system32\drivers\etc
2016-08-15 21:47:30 ----D---- C:\WINDOWS\SYSWOW64\wbem
2016-08-15 21:47:30 ----D---- C:\WINDOWS\SysWOW64
2016-08-15 21:47:29 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-08-15 21:47:29 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-15 21:47:26 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-15 21:47:26 ----D---- C:\WINDOWS\system32\oobe
2016-08-15 21:47:25 ----D---- C:\WINDOWS\system32\en-US
2016-08-15 21:47:25 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-08-15 21:47:25 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2016-08-15 21:47:21 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-15 21:47:20 ----RD---- C:\WINDOWS\PrintDialog
2016-08-15 21:47:20 ----D---- C:\WINDOWS\system32\appraiser
2016-08-15 21:47:20 ----D---- C:\WINDOWS\ShellNew
2016-08-15 21:47:20 ----D---- C:\WINDOWS\Provisioning
2016-08-15 21:47:20 ----D---- C:\WINDOWS\PolicyDefinitions
2016-08-15 21:47:20 ----D---- C:\WINDOWS\L2Schemas
2016-08-15 21:47:11 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-15 21:47:11 ----RD---- C:\WINDOWS\DevicesFlow
2016-08-15 21:47:11 ----D---- C:\WINDOWS\INF
2016-08-15 21:47:11 ----D---- C:\WINDOWS\bcastdvr
2016-08-15 21:47:11 ----D---- C:\WINDOWS\AppPatch
2016-08-15 21:47:11 ----D---- C:\Program Files\Windows Photo Viewer
2016-08-15 21:47:11 ----D---- C:\Program Files\Windows Media Player
2016-08-15 21:47:11 ----D---- C:\Program Files\Windows Mail
2016-08-15 21:47:11 ----D---- C:\Program Files\Windows Journal
2016-08-15 21:47:11 ----D---- C:\Program Files\Windows Defender
2016-08-15 21:47:11 ----D---- C:\Program Files\Internet Explorer
2016-08-15 21:47:11 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2016-08-15 21:47:11 ----D---- C:\Program Files (x86)\Windows Media Player
2016-08-15 21:47:11 ----D---- C:\Program Files (x86)\Windows Mail
2016-08-15 21:47:11 ----D---- C:\Program Files (x86)\Windows Defender
2016-08-15 21:47:11 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-15 21:46:34 ----D---- C:\WINDOWS\Tasks
2016-08-15 21:46:33 ----D---- C:\WINDOWS\system32\Sysprep
2016-08-15 21:46:33 ----D---- C:\WINDOWS\system32\spp
2016-08-15 21:46:31 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-08-15 21:46:31 ----D---- C:\WINDOWS\system32\catroot2
2016-08-15 21:46:31 ----D---- C:\WINDOWS\servicing
2016-08-15 21:45:32 ----D---- C:\ProgramData\Oracle
2016-08-15 21:45:23 ----D---- C:\Program Files\Java
2016-08-15 21:45:07 ----D---- C:\Program Files (x86)\Scan Assistant
2016-08-15 21:45:07 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2016-08-15 21:45:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-15 21:45:07 ----AD---- C:\Program Files (x86)\TeamViewer
2016-08-15 21:45:07 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-08-15 21:45:01 ----AD---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-15 21:45:00 ----AD---- C:\Program Files (x86)\Atheros
2016-08-15 21:30:39 ----D---- C:\WINDOWS\registration
2016-08-15 21:26:02 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-15 21:18:02 ----RD---- C:\Program Files
2016-08-15 21:17:45 ----D---- C:\Program Files\Easeware
2016-08-15 21:14:55 ----D---- C:\Program Files (x86)\Common Files
2016-08-14 23:45:27 ----D---- C:\WINDOWS\Minidump
2016-08-14 23:24:59 ----SHD---- C:\System Volume Information
2016-08-14 23:22:30 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-14 21:10:26 ----D---- C:\WINDOWS\Logs
2016-07-20 10:18:04 ----D---- C:\WINDOWS\debug
2016-07-20 10:06:44 ----SHD---- C:\Boot
2016-07-19 19:45:24 ----D---- C:\WINDOWS\system32\MRT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-07-11 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-08-15 292704]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2016-05-21 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-07-13 47048]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2013-09-30 19152]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-07-11 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-07-11 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-07-11 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-08-15 473592]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-07-11 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-07-11 108304]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-07-11 162904]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2011-03-14 11576]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R3 athr;@oem31.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2016-05-21 4316456]
R3 b57xdbd;@oem56.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2011-11-04 68648]
R3 b57xdmp;@oem56.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2011-11-04 19496]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2011-09-02 51752]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-05-03 81928]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-06-01 5384176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-05-21 5026560]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\System32\drivers\k57nd60a.sys [2015-10-30 446464]
R3 MEIx64;@oem35.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-05-21 195152]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-03-05 175616]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-07-13 13675576]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;@oem11.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 SynTP;@oem0.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2012-02-14 412944]
S0 iaStor;@oem47.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\WINDOWS\System32\drivers\iaStor.sys [2012-02-01 568600]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 aswTap;@oem44.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2014-07-16 44640]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-03-05 117248]
S3 cpuz139;cpuz139; \??\C:\Users\Linda\AppData\Local\Temp\cpuz139\cpuz139_x64.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2016-04-15 22200]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HWHandSet;HUAWEISPMODEM; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [2016-05-25 223232]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 SmbDrv;SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver.sys [2012-02-14 22800]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2016-04-15 16056]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-11 197128]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe [2009-08-24 544768]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2000-01-01 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2000-01-01 390616]
R2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-03-05 26624]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-07-11 1362880]
R2 OneSyncSvc_28978;Hostitel synchronizace_28978; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe -/service []
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_239eb9;Hostitel synchronizace_239eb9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2d1adef;Hostitel synchronizace_2d1adef; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_346c5;Hostitel synchronizace_346c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3db5c;Hostitel synchronizace_3db5c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4ab717a;Hostitel synchronizace_4ab717a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4eb42ee;Hostitel synchronizace_4eb42ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_77a54;Hostitel synchronizace_77a54; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2014-02-23 1436424]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-23 194032]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_239eb9;Služba zasílání zpráv_239eb9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_28978;Služba zasílání zpráv_28978; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2d1adef;Služba zasílání zpráv_2d1adef; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_346c5;Služba zasílání zpráv_346c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3db5c;Služba zasílání zpráv_3db5c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4ab717a;Služba zasílání zpráv_4ab717a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4eb42ee;Služba zasílání zpráv_4eb42ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_77a54;Služba zasílání zpráv_77a54; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-07-05 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_239eb9;Data kontaktů_239eb9; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_28978;Data kontaktů_28978; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2d1adef;Data kontaktů_2d1adef; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_346c5;Data kontaktů_346c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3db5c;Data kontaktů_3db5c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4ab717a;Data kontaktů_4ab717a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4eb42ee;Data kontaktů_4eb42ee; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_77a54;Data kontaktů_77a54; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-10-30 51376]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu - procesor na běží na 99%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - procesor na běží na 99%
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - procesor na běží na 99%
Dobrý den - provedeno
# AdwCleaner v6.000 - *Logfile created 16/08/2016 *at 21:09:48
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-16.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Linda - LINDA-PC
# *Running from : C:\Users\Linda\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum
***** [ *Services ] *****
[-] *Service deleted: swdumon
***** [ *Folders ] *****
[-] *Folder deleted: C:\Users\Linda\AppData\Local\eSupport.com
[-] *Folder deleted: C:\Users\Linda\AppData\Local\slimware utilities inc
[-] *Folder deleted: C:\Users\Linda\AppData\Roaming\Solvusoft
[-] *Folder deleted: C:\Program Files\DriverSetupUtility
[-] *Folder deleted: C:\ProgramData\DriverSetupUtility
[-] *Folder deleted: C:\ProgramData\SlimWare Utilities, Inc
[-] *Folder deleted: C:\ProgramData\Application Data\lavasoft\web companion
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] *Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] *Folder deleted: C:\Program Files (x86)\eSupport.com
[-] *Folder deleted: C:\Program Files (x86)\myfree codec
[-] *Folder deleted: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp
***** [ *Files ] *****
[-] *File deleted: C:\Users\Linda\Desktop\Find Drivers with DriverAgent.lnk
[-] *File deleted: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] *File deleted: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\WINDOWS\SysNative\drivers\swdumon.sys
[-] *File deleted: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] *File deleted: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\eSupport.com
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\Myfree Codec
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\Reg\Clean
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\SlimWare Utilities Inc
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] *Key deleted on reboot: HKCU\Software\eSupport.com
[#] *Key deleted on reboot: HKCU\Software\Myfree Codec
[#] *Key deleted on reboot: HKCU\Software\Reg\Clean
[#] *Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[-] *Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] *Key deleted: HKLM\SOFTWARE\Myfree Codec
[-] *Key deleted: HKLM\SOFTWARE\Reg\Clean
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
[-] *Key deleted: HKLM\SOFTWARE\Classes\f
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ *Browsers ] *****
[-] *Firefox preferences cleaned: "browser.newtab.url" - "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0415__yaff"
[-] *Firefox preferences cleaned: "browser.newtabpage.url" - "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0415__yaff"
[-] [C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default] [extension] *Deleted: leenkjhmbcgekojlkimcbodmniopgfnp
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4354 *Bytes] - [16/08/2016 21:09:48]
C:\AdwCleaner\AdwCleaner[R0].txt - [5892 *Bytes] - [20/03/2015 19:20:16]
C:\AdwCleaner\AdwCleaner[R1].txt - [934 *Bytes] - [29/03/2015 00:57:20]
C:\AdwCleaner\AdwCleaner[R2].txt - [21809 *Bytes] - [01/05/2015 21:51:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [6127 *Bytes] - [20/03/2015 19:22:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [999 *Bytes] - [29/03/2015 00:59:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [2216 *Bytes] - [01/05/2015 21:53:06]
C:\AdwCleaner\AdwCleaner[S3].txt - [4830 *Bytes] - [16/08/2016 21:08:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4945 *Bytes] ##########
# AdwCleaner v6.000 - *Logfile created 16/08/2016 *at 21:09:48
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-16.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Linda - LINDA-PC
# *Running from : C:\Users\Linda\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum
***** [ *Services ] *****
[-] *Service deleted: swdumon
***** [ *Folders ] *****
[-] *Folder deleted: C:\Users\Linda\AppData\Local\eSupport.com
[-] *Folder deleted: C:\Users\Linda\AppData\Local\slimware utilities inc
[-] *Folder deleted: C:\Users\Linda\AppData\Roaming\Solvusoft
[-] *Folder deleted: C:\Program Files\DriverSetupUtility
[-] *Folder deleted: C:\ProgramData\DriverSetupUtility
[-] *Folder deleted: C:\ProgramData\SlimWare Utilities, Inc
[-] *Folder deleted: C:\ProgramData\Application Data\lavasoft\web companion
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] *Folder deleted: C:\Users\Public\Documents\Downloaded Installers
[-] *Folder deleted: C:\Program Files (x86)\eSupport.com
[-] *Folder deleted: C:\Program Files (x86)\myfree codec
[-] *Folder deleted: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp
***** [ *Files ] *****
[-] *File deleted: C:\Users\Linda\Desktop\Find Drivers with DriverAgent.lnk
[-] *File deleted: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] *File deleted: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\WINDOWS\SysNative\drivers\swdumon.sys
[-] *File deleted: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] *File deleted: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\searchplugins\yahoo-lavasoft.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\eSupport.com
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\Myfree Codec
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\Reg\Clean
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\SlimWare Utilities Inc
[-] *Key deleted: HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] *Key deleted on reboot: HKCU\Software\eSupport.com
[#] *Key deleted on reboot: HKCU\Software\Myfree Codec
[#] *Key deleted on reboot: HKCU\Software\Reg\Clean
[#] *Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[-] *Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] *Key deleted: HKLM\SOFTWARE\Myfree Codec
[-] *Key deleted: HKLM\SOFTWARE\Reg\Clean
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverAgent_is1
[-] *Key deleted: HKLM\SOFTWARE\Classes\f
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ *Browsers ] *****
[-] *Firefox preferences cleaned: "browser.newtab.url" - "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0415__yaff"
[-] *Firefox preferences cleaned: "browser.newtabpage.url" - "hxxps://www.yahoo.com/?fr=vmn&type=vmn__webcomp ... 0415__yaff"
[-] [C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default] [extension] *Deleted: leenkjhmbcgekojlkimcbodmniopgfnp
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4354 *Bytes] - [16/08/2016 21:09:48]
C:\AdwCleaner\AdwCleaner[R0].txt - [5892 *Bytes] - [20/03/2015 19:20:16]
C:\AdwCleaner\AdwCleaner[R1].txt - [934 *Bytes] - [29/03/2015 00:57:20]
C:\AdwCleaner\AdwCleaner[R2].txt - [21809 *Bytes] - [01/05/2015 21:51:28]
C:\AdwCleaner\AdwCleaner[S0].txt - [6127 *Bytes] - [20/03/2015 19:22:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [999 *Bytes] - [29/03/2015 00:59:44]
C:\AdwCleaner\AdwCleaner[S2].txt - [2216 *Bytes] - [01/05/2015 21:53:06]
C:\AdwCleaner\AdwCleaner[S3].txt - [4830 *Bytes] - [16/08/2016 21:08:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4945 *Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - procesor na běží na 99%
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - procesor na běží na 99%
Provedeno
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2016 01
Ran by Linda (administrator) on LINDA-PC (16-08-2016 22:22:39)
Running from C:\Users\Linda\Desktop
Loaded Profiles: Linda (Available Profiles: Linda & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfSdkS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Linda\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-21] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-15] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] ()
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [58824 2016-08-01] (Finkit d.o.o.)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155952 2016-07-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-11] (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.76.70.1 10.77.1.1
Tcpip\..\Interfaces\{1102fe2b-3051-45a7-b056-75d4455eaf8c}: [DhcpNameServer] 10.76.70.1 10.109.255.254
Tcpip\..\Interfaces\{de81124a-3e44-4234-94ee-28d1bde1c731}: [DhcpNameServer] 10.76.70.1 10.77.1.1
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxps://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin HKU\S-1-5-21-1612883148-2583429519-3809380632-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Linda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Extension: DownThemAll! - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-15]
FF Extension: Screengrab (fix version) - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2016-07-19]
FF Extension: Video DownloadHelper - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-06]
FF Extension: Adblock Plus - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-23]
CHR Extension: (AdBlock Premium) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Avast Online Security) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Opera:
=======
OPR Extension: (Fast search v3.5) - C:\Users\Linda\AppData\Roaming\Opera Software\Opera Stable\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp [2016-08-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-11] (AVAST Software)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-08-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-11] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-07-16] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-15] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-05-21] (Qualcomm Atheros Communications, Inc.)
S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-05-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195152 2016-05-21] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz139; \??\C:\Users\Linda\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 22:22 - 2016-08-16 22:22 - 00018323 _____ C:\Users\Linda\Desktop\FRST.txt
2016-08-16 22:22 - 2016-08-16 22:22 - 00000000 ____D C:\FRST
2016-08-16 22:22 - 2016-08-16 22:16 - 02394624 _____ (Farbar) C:\Users\Linda\Desktop\FRST64.exe
2016-08-16 22:12 - 2016-08-16 22:12 - 00015327 _____ C:\Users\Linda\Desktop\LM.bat
2016-08-16 22:08 - 2016-08-16 22:12 - 00029696 _____ C:\Users\Linda\AppData\Local\MSGBOX.EXE
2016-08-16 21:04 - 2016-08-16 20:59 - 03784256 _____ C:\Users\Linda\Desktop\adwcleaner_6.000.exe
2016-08-15 23:20 - 2016-08-15 23:20 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-15 23:20 - 2016-08-15 23:20 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-15 22:53 - 2016-08-15 22:53 - 00000000 ____D C:\rsit
2016-08-15 21:55 - 2016-07-11 20:06 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-15 21:53 - 2016-08-15 21:53 - 07065600 _____ C:\Program Files (x86)\GUT7B4C.tmp
2016-08-15 21:53 - 2016-08-15 21:53 - 00000000 ____D C:\Program Files (x86)\GUM7B4B.tmp
2016-08-15 20:55 - 2016-08-15 20:55 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup
2016-08-14 20:35 - 2016-08-14 23:45 - 00000000 ____D C:\ProgramData\ProductData
2016-08-14 20:35 - 2016-08-14 23:45 - 00000000 ____D C:\ProgramData\IObit
2016-08-14 20:35 - 2016-08-14 20:35 - 00000000 ____D C:\WINDOWS\IObit
2016-08-14 20:35 - 2016-08-14 20:35 - 00000000 ____D C:\Users\Linda\AppData\Roaming\IObit
2016-08-06 22:16 - 2016-08-06 23:08 - 00000000 ____D C:\Users\Linda\Desktop\Jeseníky 1.-.6.8.2016
2016-08-03 20:53 - 2016-08-03 14:38 - 00009649 _____ C:\Users\Linda\Desktop\Autoscan-TMBKE21Z278022869-235370km-146252mi.txt
2016-08-03 14:47 - 2016-08-03 14:47 - 00027551 _____ C:\Users\Linda\Documents\Autoscan-TMBKE21Z278022869-235370km-146252mi – Poznámkový blok.pdf
2016-07-20 11:07 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-20 11:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam(3876).sys
2016-07-20 10:31 - 2016-07-20 10:31 - 00007933 _____ C:\Users\Linda\Downloads\block.malwarebytes.org.html
2016-07-20 10:31 - 2015-03-13 20:47 - 00017138 _____ C:\Users\Linda\Downloads\attachment.php.html
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 22:23 - 2015-05-17 08:18 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-16 22:20 - 2015-05-17 08:18 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-16 22:19 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-16 22:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-16 22:14 - 2016-03-05 13:53 - 02039710 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-16 22:14 - 2015-10-30 20:31 - 00844784 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-16 22:14 - 2015-10-30 20:31 - 00192762 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-16 22:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-16 22:04 - 2013-10-23 15:10 - 00004036 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-16 22:04 - 2013-10-23 15:09 - 00003804 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-16 21:11 - 2016-03-05 14:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-16 21:10 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-16 21:09 - 2015-03-20 19:20 - 00000000 ____D C:\AdwCleaner
2016-08-15 23:52 - 2016-03-05 13:58 - 00000000 ____D C:\Users\Linda
2016-08-15 23:47 - 2016-04-12 19:15 - 00000000 ____D C:\Users\Linda\AppData\Local\CrashDumps
2016-08-15 23:26 - 2013-10-23 19:38 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-15 23:22 - 2015-12-28 21:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-15 23:07 - 2015-03-20 16:22 - 00000000 ____D C:\Program Files\trend micro
2016-08-15 22:53 - 2015-03-20 16:21 - 01222144 _____ C:\Users\Linda\Desktop\RSITx64.exe
2016-08-15 22:17 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-15 22:07 - 2015-06-12 17:15 - 00002044 _____ C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2016-08-15 22:07 - 2015-06-12 17:15 - 00000000 ____D C:\Program Files (x86)\ManicTime
2016-08-15 21:58 - 2016-04-15 15:48 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk
2016-08-15 21:58 - 2015-12-19 15:09 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1450530590
2016-08-15 21:58 - 2015-12-19 15:09 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-15 21:58 - 2015-08-18 22:01 - 00001967 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2016-08-15 21:57 - 2013-11-14 21:23 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-15 21:57 - 2013-10-23 15:09 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.147129105239005
2016-08-15 21:57 - 2013-10-23 15:09 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-08-15 21:57 - 2013-10-23 15:09 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147129105378107
2016-08-15 21:57 - 2013-10-23 15:09 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-15 21:55 - 2014-04-15 21:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-15 21:55 - 2013-10-23 15:09 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.147129104960902
2016-08-15 21:47 - 2016-03-05 14:33 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-15 21:47 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-15 21:47 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-15 21:46 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-15 21:46 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-08-15 21:45 - 2016-05-21 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2016-08-15 21:45 - 2016-04-15 15:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-15 21:45 - 2016-03-05 14:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-15 21:45 - 2014-08-27 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-15 21:45 - 2014-08-27 19:40 - 00000000 ____D C:\Program Files\Java
2016-08-15 21:45 - 2014-04-15 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-15 21:45 - 2014-04-15 21:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-15 21:45 - 2013-11-17 22:42 - 00000000 ____D C:\ProgramData\Oracle
2016-08-15 21:45 - 2013-10-23 20:35 - 00000000 ____D C:\Program Files (x86)\Scan Assistant
2016-08-15 21:45 - 2013-10-23 20:33 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2016-08-15 21:45 - 2013-10-23 17:06 - 00000000 ____D C:\Program Files (x86)\Atheros
2016-08-15 21:45 - 2013-10-23 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-15 21:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-08-15 21:17 - 2016-05-21 13:52 - 00000000 ____D C:\Program Files\Easeware
2016-08-15 21:09 - 2014-04-15 21:47 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy(3877).sys
2016-08-15 20:44 - 2016-05-21 18:00 - 04317112 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x(3875).sys
2016-08-14 23:45 - 2016-04-06 20:18 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 23:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 20:46 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI(347)
2016-07-29 19:09 - 2015-08-18 22:00 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd(3869).sys
2016-07-29 19:09 - 2014-05-06 23:44 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid(3868).sys
2016-07-29 19:09 - 2014-01-15 23:44 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm(3874).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00968536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx(3872).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP(3873).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt(3870).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2(3871).sys
2016-07-22 20:26 - 2015-08-22 11:19 - 00000000 ____D C:\Users\Linda\.oracle_jre_usage
2016-07-19 19:45 - 2013-10-22 21:19 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Files in the root of some directories =======
2016-08-15 21:53 - 2016-08-15 21:53 - 7065600 _____ () C:\Program Files (x86)\GUT7B4C.tmp
2016-08-10 18:11 - 2016-08-10 18:11 - 0000310 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-10.log
2016-08-11 00:12 - 2016-08-11 17:22 - 0000620 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-11.log
2016-08-13 19:33 - 2016-08-13 19:34 - 0000310 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-13.log
2016-08-14 13:22 - 2016-08-14 23:54 - 0001550 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-14.log
2016-08-15 00:12 - 2016-08-15 23:07 - 0003483 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-15.log
2016-08-16 21:03 - 2016-08-16 22:21 - 0001249 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-16.log
2016-08-16 22:08 - 2016-08-16 22:12 - 0029696 _____ () C:\Users\Linda\AppData\Local\MSGBOX.EXE
2016-03-05 12:04 - 2016-03-05 12:04 - 0007601 _____ () C:\Users\Linda\AppData\Local\Resmon.ResmonCfg
2016-04-06 20:40 - 2016-04-06 20:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-12 17:16 - 2015-06-12 17:16 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-06-12 17:16 - 2015-06-12 17:16 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
Some files in TEMP:
====================
C:\Users\Linda\AppData\Local\Temp\libeay32.dll
C:\Users\Linda\AppData\Local\Temp\msvcr120.dll
C:\Users\Linda\AppData\Local\Temp\sqlite3.dll
C:\Users\Linda\AppData\Local\Temp\zkntnmqj.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-21 13:10
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-08-2016 01
Ran by Linda (administrator) on LINDA-PC (16-08-2016 22:22:39)
Running from C:\Users\Linda\Desktop
Loaded Profiles: Linda (Available Profiles: Linda & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfSdkS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Linda\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Finkit d.o.o.) C:\Program Files (x86)\ManicTime\ManicTime.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2012-02-14] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-21] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-08-15] (AVAST Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] ()
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\Run: [ManicTimeC34F57B2DA6E6758] => C:\Program Files (x86)\ManicTime\ManicTime.exe [58824 2016-08-01] (Finkit d.o.o.)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155952 2016-07-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-11] (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.76.70.1 10.77.1.1
Tcpip\..\Interfaces\{1102fe2b-3051-45a7-b056-75d4455eaf8c}: [DhcpNameServer] 10.76.70.1 10.109.255.254
Tcpip\..\Interfaces\{de81124a-3e44-4234-94ee-28d1bde1c731}: [DhcpNameServer] 10.76.70.1 10.77.1.1
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-21] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.seznam.cz/
FF Keyword.URL: hxxps://www.google.com/search?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2000-01-01] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
FF Plugin HKU\S-1-5-21-1612883148-2583429519-3809380632-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Linda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF Extension: DownThemAll! - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-15]
FF Extension: Screengrab (fix version) - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2016-07-19]
FF Extension: Video DownloadHelper - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-06]
FF Extension: Adblock Plus - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\3znkgufj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Disk Google) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Vyhledávání Google) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-23]
CHR Extension: (AdBlock Premium) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2016-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Avast Online Security) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Gmail) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Opera:
=======
OPR Extension: (Fast search v3.5) - C:\Users\Linda\AppData\Roaming\Opera Software\Opera Stable\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp [2016-08-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-11] (AVAST Software)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2016\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2000-01-01] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
S2 HuaweiHiSuiteService64.exe; "C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-08-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-11] (AVAST Software)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2014-07-16] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-15] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316456 2016-05-21] (Qualcomm Atheros Communications, Inc.)
S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [223232 2016-05-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [195152 2016-05-21] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [22800 2012-02-14] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 cpuz139; \??\C:\Users\Linda\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 22:22 - 2016-08-16 22:22 - 00018323 _____ C:\Users\Linda\Desktop\FRST.txt
2016-08-16 22:22 - 2016-08-16 22:22 - 00000000 ____D C:\FRST
2016-08-16 22:22 - 2016-08-16 22:16 - 02394624 _____ (Farbar) C:\Users\Linda\Desktop\FRST64.exe
2016-08-16 22:12 - 2016-08-16 22:12 - 00015327 _____ C:\Users\Linda\Desktop\LM.bat
2016-08-16 22:08 - 2016-08-16 22:12 - 00029696 _____ C:\Users\Linda\AppData\Local\MSGBOX.EXE
2016-08-16 21:04 - 2016-08-16 20:59 - 03784256 _____ C:\Users\Linda\Desktop\adwcleaner_6.000.exe
2016-08-15 23:20 - 2016-08-15 23:20 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-15 23:20 - 2016-08-15 23:20 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-15 22:53 - 2016-08-15 22:53 - 00000000 ____D C:\rsit
2016-08-15 21:55 - 2016-07-11 20:06 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-15 21:53 - 2016-08-15 21:53 - 07065600 _____ C:\Program Files (x86)\GUT7B4C.tmp
2016-08-15 21:53 - 2016-08-15 21:53 - 00000000 ____D C:\Program Files (x86)\GUM7B4B.tmp
2016-08-15 20:55 - 2016-08-15 20:55 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup
2016-08-14 20:35 - 2016-08-14 23:45 - 00000000 ____D C:\ProgramData\ProductData
2016-08-14 20:35 - 2016-08-14 23:45 - 00000000 ____D C:\ProgramData\IObit
2016-08-14 20:35 - 2016-08-14 20:35 - 00000000 ____D C:\WINDOWS\IObit
2016-08-14 20:35 - 2016-08-14 20:35 - 00000000 ____D C:\Users\Linda\AppData\Roaming\IObit
2016-08-06 22:16 - 2016-08-06 23:08 - 00000000 ____D C:\Users\Linda\Desktop\Jeseníky 1.-.6.8.2016
2016-08-03 20:53 - 2016-08-03 14:38 - 00009649 _____ C:\Users\Linda\Desktop\Autoscan-TMBKE21Z278022869-235370km-146252mi.txt
2016-08-03 14:47 - 2016-08-03 14:47 - 00027551 _____ C:\Users\Linda\Documents\Autoscan-TMBKE21Z278022869-235370km-146252mi – Poznámkový blok.pdf
2016-07-20 11:07 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-20 11:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam(3876).sys
2016-07-20 10:31 - 2016-07-20 10:31 - 00007933 _____ C:\Users\Linda\Downloads\block.malwarebytes.org.html
2016-07-20 10:31 - 2015-03-13 20:47 - 00017138 _____ C:\Users\Linda\Downloads\attachment.php.html
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-16 22:23 - 2015-05-17 08:18 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-16 22:20 - 2015-05-17 08:18 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-16 22:19 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-16 22:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-16 22:14 - 2016-03-05 13:53 - 02039710 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-16 22:14 - 2015-10-30 20:31 - 00844784 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-16 22:14 - 2015-10-30 20:31 - 00192762 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-16 22:14 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-16 22:04 - 2013-10-23 15:10 - 00004036 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-16 22:04 - 2013-10-23 15:09 - 00003804 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-16 21:11 - 2016-03-05 14:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-16 21:10 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-16 21:09 - 2015-03-20 19:20 - 00000000 ____D C:\AdwCleaner
2016-08-15 23:52 - 2016-03-05 13:58 - 00000000 ____D C:\Users\Linda
2016-08-15 23:47 - 2016-04-12 19:15 - 00000000 ____D C:\Users\Linda\AppData\Local\CrashDumps
2016-08-15 23:26 - 2013-10-23 19:38 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-08-15 23:22 - 2015-12-28 21:56 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-15 23:07 - 2015-03-20 16:22 - 00000000 ____D C:\Program Files\trend micro
2016-08-15 22:53 - 2015-03-20 16:21 - 01222144 _____ C:\Users\Linda\Desktop\RSITx64.exe
2016-08-15 22:17 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-15 22:07 - 2015-06-12 17:15 - 00002044 _____ C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ManicTime.lnk
2016-08-15 22:07 - 2015-06-12 17:15 - 00000000 ____D C:\Program Files (x86)\ManicTime
2016-08-15 21:58 - 2016-04-15 15:48 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk
2016-08-15 21:58 - 2015-12-19 15:09 - 00004006 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1450530590
2016-08-15 21:58 - 2015-12-19 15:09 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-15 21:58 - 2015-08-18 22:01 - 00001967 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2016-08-15 21:57 - 2013-11-14 21:23 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-15 21:57 - 2013-10-23 15:09 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.147129105239005
2016-08-15 21:57 - 2013-10-23 15:09 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-08-15 21:57 - 2013-10-23 15:09 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147129105378107
2016-08-15 21:57 - 2013-10-23 15:09 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-15 21:55 - 2014-04-15 21:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-15 21:55 - 2013-10-23 15:09 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.147129104960902
2016-08-15 21:47 - 2016-03-05 14:33 - 00000000 ____D C:\Users\DefaultAppPool
2016-08-15 21:47 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-15 21:47 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-15 21:47 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-15 21:46 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-15 21:46 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-08-15 21:45 - 2016-05-21 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2016-08-15 21:45 - 2016-04-15 15:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-15 21:45 - 2016-03-05 14:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-15 21:45 - 2014-08-27 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-15 21:45 - 2014-08-27 19:40 - 00000000 ____D C:\Program Files\Java
2016-08-15 21:45 - 2014-04-15 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-15 21:45 - 2014-04-15 21:46 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-15 21:45 - 2013-11-17 22:42 - 00000000 ____D C:\ProgramData\Oracle
2016-08-15 21:45 - 2013-10-23 20:35 - 00000000 ____D C:\Program Files (x86)\Scan Assistant
2016-08-15 21:45 - 2013-10-23 20:33 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2016-08-15 21:45 - 2013-10-23 17:06 - 00000000 ____D C:\Program Files (x86)\Atheros
2016-08-15 21:45 - 2013-10-23 15:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-15 21:30 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-08-15 21:17 - 2016-05-21 13:52 - 00000000 ____D C:\Program Files\Easeware
2016-08-15 21:09 - 2014-04-15 21:47 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy(3877).sys
2016-08-15 20:44 - 2016-05-21 18:00 - 04317112 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athw10x(3875).sys
2016-08-14 23:45 - 2016-04-06 20:18 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-14 23:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 20:46 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI(347)
2016-07-29 19:09 - 2015-08-18 22:00 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd(3869).sys
2016-07-29 19:09 - 2014-05-06 23:44 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid(3868).sys
2016-07-29 19:09 - 2014-01-15 23:44 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm(3874).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00968536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx(3872).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP(3873).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt(3870).sys
2016-07-29 19:09 - 2013-10-23 15:09 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2(3871).sys
2016-07-22 20:26 - 2015-08-22 11:19 - 00000000 ____D C:\Users\Linda\.oracle_jre_usage
2016-07-19 19:45 - 2013-10-22 21:19 - 00000000 ____D C:\WINDOWS\system32\MRT
==================== Files in the root of some directories =======
2016-08-15 21:53 - 2016-08-15 21:53 - 7065600 _____ () C:\Program Files (x86)\GUT7B4C.tmp
2016-08-10 18:11 - 2016-08-10 18:11 - 0000310 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-10.log
2016-08-11 00:12 - 2016-08-11 17:22 - 0000620 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-11.log
2016-08-13 19:33 - 2016-08-13 19:34 - 0000310 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-13.log
2016-08-14 13:22 - 2016-08-14 23:54 - 0001550 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-14.log
2016-08-15 00:12 - 2016-08-15 23:07 - 0003483 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-15.log
2016-08-16 21:03 - 2016-08-16 22:21 - 0001249 _____ () C:\Users\Linda\AppData\Local\ManicTime_2016-08-16.log
2016-08-16 22:08 - 2016-08-16 22:12 - 0029696 _____ () C:\Users\Linda\AppData\Local\MSGBOX.EXE
2016-03-05 12:04 - 2016-03-05 12:04 - 0007601 _____ () C:\Users\Linda\AppData\Local\Resmon.ResmonCfg
2016-04-06 20:40 - 2016-04-06 20:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-06-12 17:16 - 2015-06-12 17:16 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-06-12 17:16 - 2015-06-12 17:16 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
Some files in TEMP:
====================
C:\Users\Linda\AppData\Local\Temp\libeay32.dll
C:\Users\Linda\AppData\Local\Temp\msvcr120.dll
C:\Users\Linda\AppData\Local\Temp\sqlite3.dll
C:\Users\Linda\AppData\Local\Temp\zkntnmqj.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-21 13:10
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - procesor na běží na 99%
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files (x86)\GU*.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Linda\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - procesor na běží na 99%
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2016 01
Ran by Linda (16-08-2016 23:05:20) Run:1
Running from C:\Users\Linda\Desktop
Loaded Profiles: Linda (Available Profiles: Linda & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files (x86)\GU*.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Linda\AppData\Local\Temp
End
*****************
Ran by Linda (16-08-2016 23:05:20) Run:1
Running from C:\Users\Linda\Desktop
Loaded Profiles: Linda (Available Profiles: Linda & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files (x86)\GU*.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Linda\AppData\Local\Temp
End
*****************
Re: Prosím o kontrolu logu - procesor na běží na 99%
Dobrý den, jen ještě doupřesnění aktuálního stavu. Dle mého subjektivního pocitu bych řekl, že náběh systému po zapnutí se zrychlil, ale po cca. 5 minutách se zapne proces WMI Provider host, který si vezme přes 60% kapacity procesoru a noťas tím vlastně umrtví - tento problém přetrvává.
Re: Prosím o kontrolu logu - procesor na běží na 99%
Ještě jednou dobrý den, pravděpodobně se mi amatérsky podařilo jeden problém odstranit. Začal jsem odinstalovávat SW, který nutně nepotřebuji a jako první jsem odinstaloval (pomocí REVO uninstaler) SW Manictime. Situace se výrazně zlepšila. Co se tam stalo nevím, měl jsem tam ten SW cca. 1/2 roku a nikdy jsem tento problém neměl.
Teď je největší žrout procesoru proces IAStorDataSVc. Bere si výkon v rozmezí 15 - 25% (neustále). Někde jsem dohledal, že je to proces k službě Intel RST, která stále hlásí, že není spuštěna. S tím už si opravdu rady nevím a prosím o pomoc co s tím.
Předem díky.
Teď je největší žrout procesoru proces IAStorDataSVc. Bere si výkon v rozmezí 15 - 25% (neustále). Někde jsem dohledal, že je to proces k službě Intel RST, která stále hlásí, že není spuštěna. S tím už si opravdu rady nevím a prosím o pomoc co s tím.
Předem díky.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - procesor na běží na 99%
Především log, který jste dal, není kompletní, nebo FRST nemazal. Pokud služba IAStorDataSVc není spuštěna, nemůže spotřebovávat žádné systémové prostředky. Zkuste aktualizovat všechny ovladače Intel.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - procesor na běží na 99%
Tak pokus č.2, teď je tam toho opravdu více. Na ty ovladače se podívám co nejdříve, ale dnes to nestíhám. Stav je ale opravdu RST není spuštěna a IAStorDataSvc si bere 15 - 25%. Ale už se nechá alespoň noťas používat.
Díky za pomoc.
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2016 01
Ran by Linda (17-08-2016 17:32:24) Run:2
Running from C:\Users\Linda\Desktop
Loaded Profiles: Linda (Available Profiles: Linda & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files (x86)\GU*.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Linda\AppData\Local\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hshhsaaaws => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a53f4106-2414-11e5-9679-2cd05a4221c6} => key not found.
HKCR\CLSID\{a53f4106-2414-11e5-9679-2cd05a4221c6} => key not found.
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b63d3fe6-f74c-11e4-a20d-2089845e0ced} => key not found.
HKCR\CLSID\{b63d3fe6-f74c-11e4-a20d-2089845e0ced} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending => key not found.
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced => key not found.
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => key not found.
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending => key not found.
HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced => key not found.
HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => key not found.
HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
"C:\Program Files (x86)\Google\Google Toolbar" => not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader => key not found.
idsvc => service not found.
wpcsvc => service not found.
=========== "C:\Program Files (x86)\GU*.tmp" ==========
not found
========= End -> "C:\Program Files (x86)\GU*.tmp" ========
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\ProgramData\DP45977C.lfl" => not found.
C:\Users\Linda\AppData\Local\Temp => moved successfully
==== End of Fixlog 17:32:26 ====
Díky za pomoc.
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-08-2016 01
Ran by Linda (17-08-2016 17:32:24) Run:2
Running from C:\Users\Linda\Desktop
Loaded Profiles: Linda (Available Profiles: Linda & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [hshhsaaaws] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {a53f4106-2414-11e5-9679-2cd05a4221c6} - "F:\iLinker.exe"
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\...\MountPoints2: {b63d3fe6-f74c-11e4-a20d-2089845e0ced} - "F:\iStudio.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-30] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-30] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [No File]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
C:\Program Files (x86)\GU*.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Linda\AppData\Local\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hshhsaaaws => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a53f4106-2414-11e5-9679-2cd05a4221c6} => key not found.
HKCR\CLSID\{a53f4106-2414-11e5-9679-2cd05a4221c6} => key not found.
HKU\S-1-5-21-1612883148-2583429519-3809380632-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b63d3fe6-f74c-11e4-a20d-2089845e0ced} => key not found.
HKCR\CLSID\{b63d3fe6-f74c-11e4-a20d-2089845e0ced} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending => key not found.
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced => key not found.
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => key not found.
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending => key not found.
HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced => key not found.
HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => key not found.
HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
"C:\Program Files (x86)\Google\Google Toolbar" => not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value not found.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader => key not found.
idsvc => service not found.
wpcsvc => service not found.
=========== "C:\Program Files (x86)\GU*.tmp" ==========
not found
========= End -> "C:\Program Files (x86)\GU*.tmp" ========
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found.
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found.
"C:\ProgramData\DP45977C.lfl" => not found.
C:\Users\Linda\AppData\Local\Temp => moved successfully
==== End of Fixlog 17:32:26 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - procesor na běží na 99%
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu - procesor na běží na 99%
Zcela bezpochyby je noťas při náběhu systému výrazně rychlejší a už mi zbývá se jenom poprat s těmi ovladači Intel, abych rozchodil RST a bude to úplně OK.
Díky moc.
Díky moc.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu - procesor na běží na 99%
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?