VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Luke at 2016-08-29 18:31:10
Microsoft® Windows Vista™ Ultimate Service Pack 2
System drive C: has 261 GB (56%) free of 467 GB
Total RAM: 3325 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:31:21, on 29.8.2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16789)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\TVPaint Developpement\TVP Animation 9 Pro\TVP Animation 9 Pro.exe
C:\Program Files\OpenOffice 4\program\soffice.exe
C:\Program Files\OpenOffice 4\program\soffice.bin
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\Luke\Downloads\RSIT.exe
C:\Program Files\trend micro\Luke.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Internet Explorer: Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 6269 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sdianvx9.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.92.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.92.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05 472128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-29 713440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05 186432]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-08-29 9103976]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2016-08-01 14737664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2016-01-15 6628056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 9]
C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2015-11-30 2010912]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-29 18:31:10 ----D---- C:\rsit
2016-08-29 18:31:10 ----D---- C:\Program Files\trend micro
2016-08-29 15:13:49 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-29 11:46:10 ----A---- C:\Windows\system32\aswBoot.exe
2016-08-29 11:45:54 ----A---- C:\Windows\avastSS.scr
2016-08-29 11:19:06 ----D---- C:\Users\Luke\AppData\Roaming\Mozilla
2016-08-29 11:18:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-08-29 11:18:43 ----D---- C:\Program Files\Mozilla Firefox
2016-08-29 11:10:41 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-08-29 11:10:13 ----D---- C:\ProgramData\Malwarebytes
2016-08-29 11:10:13 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2016-08-29 11:10:13 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-08-29 11:10:13 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-08-29 11:10:13 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-08-01 19:26:50 ----D---- C:\Program Files\Synaptics
2016-08-01 19:25:42 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2016-08-01 19:25:42 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2016-08-01 19:20:52 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2016-08-01 19:20:51 ----A---- C:\Windows\system32\SRSWOW.dll
2016-08-01 19:20:51 ----A---- C:\Windows\system32\SRSTSXT.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkPgExt.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkCoInstII.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkApoApi.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEEP32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEEL32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEEG32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RTEED32A.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RP3DHT32.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RP3DAA32.dll
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RltkAPO.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBWrp32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBppld32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBPPCn32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBAPO32.dll
2016-08-01 19:20:47 ----A---- C:\Windows\system32\MBAPO232.dll
2016-08-01 19:20:46 ----A---- C:\Windows\system32\FMAPO.dll
2016-08-01 19:20:43 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-08-01 19:20:43 ----A---- C:\Windows\system32\AERTARen.dll
2016-08-01 19:20:43 ----A---- C:\Windows\system32\AERTACap.dll
2016-08-01 19:20:35 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

======List of files/folders modified in the last 1 month======

2016-08-29 18:31:10 ----RD---- C:\Program Files
2016-08-29 18:31:04 ----D---- C:\Windows\Temp
2016-08-29 18:16:08 ----D---- C:\Windows
2016-08-29 18:12:46 ----SD---- C:\Users\Luke\AppData\Roaming\Microsoft
2016-08-29 18:12:45 ----SD---- C:\ProgramData\Microsoft
2016-08-29 17:05:29 ----D---- C:\Windows\System32
2016-08-29 17:05:29 ----D---- C:\Windows\inf
2016-08-29 17:05:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-08-29 15:35:38 ----D---- C:\Windows\SoftwareDistribution
2016-08-29 15:33:44 ----D---- C:\Windows\system32\catroot2
2016-08-29 15:32:04 ----D---- C:\Windows\Debug
2016-08-29 15:32:00 ----D---- C:\Program Files\IObit
2016-08-29 15:24:31 ----D---- C:\Users\Luke\AppData\Roaming\IObit
2016-08-29 15:19:36 ----SHD---- C:\Boot
2016-08-29 15:19:35 ----D---- C:\Windows\system32\config
2016-08-29 15:15:08 ----D---- C:\Windows\system32\drivers
2016-08-29 15:13:49 ----HD---- C:\ProgramData
2016-08-29 15:13:28 ----D---- C:\ProgramData\ProductData
2016-08-29 12:09:12 ----D---- C:\Windows\system32\Tasks
2016-08-29 11:48:30 ----D---- C:\Windows\winsxs
2016-08-29 10:53:15 ----D---- C:\Windows\Minidump
2016-08-07 14:10:03 ----D---- C:\Windows\Prefetch
2016-08-01 22:07:58 ----D---- C:\Windows\system32\catroot
2016-08-01 19:46:57 ----SHD---- C:\System Volume Information
2016-08-01 19:23:01 ----D---- C:\Windows\system32\RTCOM
2016-08-01 19:20:50 ----A---- C:\Windows\system32\RtkCoLDR.dll
2016-07-30 12:01:40 ----D---- C:\ProgramData\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2016-02-13 12112]
R0 aswNdis2;avast! Firewall NDIS Driver; C:\Windows\system32\drivers\aswNdis2.sys [2016-08-29 295840]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-08-29 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-29 224616]
R0 fvevol;BitLocker Drive Encryption Filter Driver; C:\Windows\System32\DRIVERS\fvevol.sys [2009-04-11 143848]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-08-29 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2016-08-29 64272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-08-29 735352]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-08-29 434144]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2016-02-22 23840]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-08-29 92256]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2008-03-07 27648]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2016-08-29 184592]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2015-11-30 11968]
R3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV32.sys [2009-10-27 105984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2016-08-01 3798272]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-04-07 10718264]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2016-02-22 603928]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-08-01 26792]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2015-11-30 88768]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2015-11-30 12992]
R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-08-29 34008]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2016-08-29 66688]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2013-10-17 23040]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-02-11 13368]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-02-01 308248]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [2015-11-04 827680]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [2016-08-01 96712]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-29 197128]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2016-08-29 223600]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2008-07-11 328992]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2008-07-11 226592]
R2 WTabletServicePro;Wacom Professional Service; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2014-12-22 578328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-12 45744]
S3 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-13 915600]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11 154440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11 154440]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-12-17 147624]
S3 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 678968]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-04-12 772296]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Zdravim

Co konkretne je pomale? Start, internet, prace se slozkama, vsechno, dela to porad, nebo obcas....?


Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows Vista Ultimate SP2 [6.0 Build 6002] (x86)
Date : 2016/08/31 18:11:06

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9R/DO/DH 4 port Serial ATA Storage Controller 1 - 2920 [ATA]
+ Kanál IDE (0)
- SAMSUNG HD502IJ ATA Device
+ Kanál IDE (1)
- PLDS DVD+-RW DH-16A6S ATA Device
+ Intel(R) ICH9 Family 2 port Serial ATA Storage Controller 2 - 2926 [ATA]
- Kanál IDE (0)
- Kanál IDE (1)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502IJ : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD502IJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502IJ
Firmware : 1AA01113
Serial Number : S1GYJ1KQ703508
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 29359 hod.
Power On Count : 4586 krát
Temperature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE80h [ON]
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _85 _85 _11 0000000014C8 Čas na roztočení ploten
04 _95 _95 __0 0000000011F2 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 __0 000000000000 Počet chybných hledání
08 100 100 __0 000000002DE8 Čas potřebný na vyhledání
09 _94 _94 __0 0000000072AF Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 0000000011EA Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _82 _61 __0 0000120F0012 Teplota toku vzduchu
C2 _76 _60 __0 0000180F0018 Teplota
C3 100 100 __0 000000013643 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 2020 2020 2020 5331 4759 4A31 4B51 3730 3335 3038
020: 0003 8000 0004 3141 4130 3131 3133 5341 4D53 554E
030: 4720 4844 3530 3249 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1506 0000 0044 0040
080: 00F8 0052 746B 7F69 4133 7469 BE41 4123 20FF 0039
090: 0039 0000 FFFE 0000 FE80 0008 0005 005D 86A0 0001
100: 6030 3A38 0000 0000 0064 0000 0000 0000 5000 0F00
110: 0B00 10BA 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 8BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 55 55 C8 14 00 00 00 00 00 04 32 00 5F 5F F2
020: 11 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0E 00 64 64 00 00 00 00 00 00 00 08 24
040: 00 64 64 E8 2D 00 00 00 00 00 09 32 00 5E 5E AF
050: 72 00 00 00 00 00 0A 32 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 5F 5F EA 11 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 52 3D 12 00 0F 12 00
0C0: 00 00 C2 22 00 4C 3C 18 00 0F 18 00 00 00 C3 1A
0D0: 00 64 64 43 36 01 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 0A 1E 00 7B
170: 03 00 01 00 02 81 0E 81 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8D

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 00 00 00 00 00 00 00 00 00 00 00 08 00
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 00 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 22

# AdwCleaner v6.010 - Log soubor vytvořen 31/08/2016 na 19:02:44
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-08-30.2 [Server]
# Operační systém : Windows Vista (TM) Ultimate Service Pack 2 (X86)
# Uživatelské jméno : Luke - LUKE-PC
# Beží od : C:\Users\Luke\Downloads\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

[-] Služby smazány:swdumon


***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Luke\AppData\Local\slimware utilities inc
[-] Adresář smazán:C:\ProgramData\SecTaskMan
[-] Adresář smazán:C:\ProgramData\SlimWare Utilities, Inc
[-] Adresář smazán:C:\Users\Public\Documents\Downloaded Installers


***** [ Soubory ] *****

[-] Soubor smazán:C:\Windows\system32\drivers\swdumon.sys
[#] Soubor smazán:C:\Windows\system32\drivers\SWDUMon.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\SlimWare Utilities Inc
[#] Klíč smazán po restartování:HKCU\Software\SlimWare Utilities Inc
[-] Klíč smazán:HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč smazán:HKLM\SOFTWARE\SlimWare Utilities Inc


***** [ Prohlížeče ] *****

[-] [crawler.com] [Search Provider] Smazání:crawler.com
[-] [search.icq.com] [Search Provider] Smazání:search.icq.com


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1629 Bajtů] - [31/08/2016 19:02:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [2011 Bajtů] - [31/08/2016 18:15:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1777 Bajtů] ##########

diky za pomoc, trapi me ale tohle, pocitac i nadale neco chrousta ackoli se zjevne nic nedeje, nic neni zapnuto, taky me prijde divna teplota cpu na 82 a gpu na 71, RAM je po spusteni na26% posleze vystoupa " sama" na 45-50 a zustane tak

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 1.9.2016
Čas skenování: 20:59:10
Protokol: textresult.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.01.09
Databáze rootkitů: v2016.08.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Luke

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 429078
Uplynulý čas: 1 hod, 17 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Spustte spravce uloh a podivejte se, ktery proces vytezuje tu pamet.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

po startu se objevuje tato hlaska

jinak to zpomaluje ciste asi uz jen internet, celkove se to zlepsilo

lukas21 píše:po startu se objevuje tato hlaska

Po startu ceho? Pocitace? Nebo po startu FRST?

pocitace

OK, dejte logy z FRST a uvidime, co ukazou. Po uprave registru by ta hlaska mela zmizet.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2016
Ran by Luke (administrator) on LUKE-PC (07-09-2016 14:16:59)
Running from C:\Users\Luke\Downloads
Loaded Profiles: Luke (Available Profiles: Luke)
Platform: Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-01] (AVAST Software)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14737664 2016-08-01] (Realtek Semiconductor)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {09eca58a-e05d-11e5-aaff-00219b0e5a1f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {38ae83d9-e6bc-11e5-bcfe-022d4305027d} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {6ea42782-e05e-11e5-aaff-00219b0e5a1f} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\MountPoints2: {f3d1f318-d12d-11e5-a361-00219b0e5a1f} - J:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-08-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0FC26D2B-DDB1-487D-8F9E-BD76E6173A61}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{57E700FF-46A1-4672-A738-C1E9E3C76775}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{648D6EE5-8D22-41E8-9677-1C57D5986844}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_92\bin\ssv.dll [2016-05-05] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-29] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-05-05] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sdianvx9.default
FF Plugin: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-05-05] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-11] (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF user.js: detected! => C:\Users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\sdianvx9.default\user.js [2016-08-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-29]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-02-12] [not signed]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-29]

Chrome:
=======
CHR Profile: C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-11]
CHR Extension: (Dokumenty Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-11]
CHR Extension: (Disk Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-11]
CHR Extension: (YouTube) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-11]
CHR Extension: (Avast SafePrice) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-29]
CHR Extension: (Tabulky Google) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-22]
CHR Extension: (Click by Voice) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\njnogpkbdogcgciecomlojjoapemfgei [2016-08-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Luke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-11]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-08-29] (AVAST Software)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [328992 2008-07-11] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [226592 2008-07-11] (SafeNet, Inc)
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [69632 2007-07-11] (MicroVision Development, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [578328 2014-12-22] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-29] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-29] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2016-02-13] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [295840 2016-08-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-08-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-08-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735352 2016-08-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [434144 2016-08-29] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-08-29] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-08-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224616 2016-08-29] (AVAST Software)
R3 cpuz138; C:\Users\Luke\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [27832 2016-09-07] (CPUID)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [11968 2015-11-30] (Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-02-22] (REALiX(tm))
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-03-07] (Windows (R) Codename Longhorn DDK provider)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26792 2016-08-01] (Synaptics Incorporated)
R3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [88768 2015-11-30] (Wacom Technology)
R3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [12992 2015-11-30] (Wacom Technology)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-07 14:11 - 2016-09-07 14:16 - 00015951 _____ C:\Users\Luke\Downloads\FRST.txt
2016-09-07 14:11 - 2016-09-07 14:12 - 00018458 _____ C:\Users\Luke\Downloads\Addition.txt
2016-09-07 14:09 - 2016-09-07 14:16 - 00000000 ____D C:\FRST
2016-09-07 14:07 - 2016-09-07 14:07 - 01747968 _____ (Farbar) C:\Users\Luke\Downloads\FRST.exe
2016-09-07 12:29 - 2016-09-07 12:29 - 00000005 _____ C:\Windows\system32\lMMLDeleteUserData42107612FX.tmp
2016-08-31 18:13 - 2016-08-31 19:02 - 00000000 ____D C:\AdwCleaner
2016-08-31 18:12 - 2016-08-31 18:12 - 03826240 _____ C:\Users\Luke\Downloads\adwcleaner_6.010.exe
2016-08-31 18:07 - 2016-08-31 18:08 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2016-08-31 18:07 - 2016-08-31 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-08-31 18:03 - 2016-08-31 18:03 - 11407001 _____ C:\Users\Luke\Downloads\CrystalDiskInfo7_0_3-en.exe
2016-08-29 18:55 - 2016-08-29 18:55 - 03124352 _____ (ESET) C:\Users\Luke\Downloads\eset_nod32_antivirus_live_installer.exe
2016-08-29 18:31 - 2016-08-29 18:31 - 00000000 ____D C:\rsit
2016-08-29 18:31 - 2016-08-29 18:31 - 00000000 ____D C:\Program Files\trend micro
2016-08-29 18:29 - 2016-08-29 18:29 - 01107968 _____ C:\Users\Luke\Downloads\RSIT.exe
2016-08-29 17:04 - 2016-08-29 17:04 - 38965447 _____ C:\Users\Luke\Downloads\zasilka-KPZRKMBZ36GV8JSJ.zip
2016-08-29 17:03 - 2016-08-29 19:53 - 04129314 _____ C:\Users\Luke\Downloads\hanusproject.tvpp
2016-08-29 15:13 - 2016-08-29 15:13 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-08-29 11:46 - 2016-08-29 11:45 - 00319760 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-29 11:45 - 2016-08-29 11:45 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-08-29 11:19 - 2016-08-29 11:19 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Mozilla
2016-08-29 11:19 - 2016-08-29 11:19 - 00000000 ____D C:\Users\Luke\AppData\Local\Mozilla
2016-08-29 11:18 - 2016-08-29 11:18 - 00000860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-29 11:18 - 2016-08-29 11:18 - 00000848 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-29 11:18 - 2016-08-29 11:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-29 11:18 - 2016-08-29 11:18 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-29 11:10 - 2016-09-01 20:58 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-29 11:10 - 2016-08-29 11:10 - 00000901 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-29 11:10 - 2016-08-29 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-29 11:10 - 2016-08-29 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-29 11:10 - 2016-08-29 11:10 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-08-29 11:10 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-29 11:10 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-29 11:10 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-07 14:15 - 2006-11-02 15:00 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-07 14:15 - 2006-11-02 14:46 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-07 14:15 - 2006-11-02 14:46 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-07 14:14 - 2006-11-02 15:00 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-07 12:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-09-07 12:33 - 2016-02-11 18:18 - 00067048 _____ C:\Users\Luke\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-07 12:33 - 2006-11-02 14:46 - 00296048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-07 12:30 - 2016-04-28 20:32 - 00000000 ____D C:\Program Files\Seznam.cz
2016-09-07 12:30 - 2016-04-28 20:31 - 00000000 ____D C:\Users\Luke\AppData\Roaming\Seznam.cz
2016-09-07 12:30 - 2016-04-20 14:05 - 00000000 ____D C:\Users\Luke\AppData\Roaming\HTC
2016-09-07 12:30 - 2016-03-02 12:02 - 00000000 ____D C:\ProgramData\HTC
2016-09-07 12:29 - 2016-04-20 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2016-09-07 11:55 - 2016-02-15 19:29 - 00000000 ____D C:\Windows\Minidump
2016-09-05 15:52 - 2016-02-15 19:47 - 00000000 ____D C:\ProgramData\ProductData
2016-09-05 09:59 - 2016-02-15 19:48 - 00001946 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-09-03 12:21 - 2008-01-21 08:12 - 01576186 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-03 12:21 - 2008-01-21 08:11 - 00659288 _____ C:\Windows\system32\perfh005.dat
2016-09-03 12:21 - 2008-01-21 08:11 - 00145164 _____ C:\Windows\system32\perfc005.dat
2016-09-02 21:39 - 2016-03-06 12:01 - 39403520 _____ C:\Windows\system32\config\components.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 37994496 _____ C:\Windows\system32\config\software.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 00176128 _____ C:\Windows\system32\config\default.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 00065536 _____ C:\Windows\system32\config\sam.iobit
2016-09-02 21:39 - 2016-03-06 12:01 - 00020480 _____ C:\Windows\system32\config\security.iobit
2016-08-31 18:12 - 2016-04-28 20:32 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-08-31 18:12 - 2016-04-28 20:32 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-08-29 15:32 - 2016-02-15 19:47 - 00000000 ____D C:\Program Files\IObit
2016-08-29 15:24 - 2016-02-15 19:47 - 00000000 ____D C:\Users\Luke\AppData\Roaming\IObit
2016-08-29 11:46 - 2016-02-11 19:42 - 00434144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00224616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00184592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00092256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00066688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-29 11:46 - 2016-02-11 19:42 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-29 11:45 - 2016-02-13 12:26 - 00295840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2016-08-29 11:45 - 2016-02-13 12:26 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-29 11:45 - 2016-02-11 19:42 - 00735352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

==================== Files in the root of some directories =======

2016-02-24 18:16 - 2016-04-15 20:24 - 0004608 _____ () C:\Users\Luke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\Luke\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-07 13:16

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-08-2016
Ran by Luke (07-09-2016 14:40:00)
Running from C:\Users\Luke\Downloads
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86) (2008-09-20 11:39:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1443009734-1096153861-1703218636-500 - Administrator - Disabled)
Guest (S-1-5-21-1443009734-1096153861-1703218636-501 - Limited - Enabled)
Luke (S-1-5-21-1443009734-1096153861-1703218636-1000 - Administrator - Enabled) => C:\Users\Luke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advanced SystemCare 9 (HKLM\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
AMP Font Viewer (HKLM\...\AMP Font Viewer) (Version: - )
Avast Premier (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CrystalDiskInfo 7.0.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )
Google Drive (HKLM\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Krita Desktop (x86) "2.9.11.0" (HKLM\...\{18A66C86-EC47-4736-9690-85EEB66407CA}) (Version: 2.9.11.0 - Krita Foundation)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 341.95 (Version: 341.95 - NVIDIA Corporation) Hidden
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7770 - Realtek Semiconductor Corp.)
Roxio Activation Module (HKLM\...\{07159635-9DFE-4105-BFC0-2817DB540C68}) (Version: 1.0 - Roxio)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41C6-8752-958A45325C82}) (Version: 3.5.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.5.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}) (Version: 3.5.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4C52-84D5-77E344289F87}) (Version: 3.5.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.5.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ED8-B104-03393876DFDF}) (Version: 3.5.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)
SafeZone Stable 1.48.2066.120 (Version: 1.48.2066.120 - Avast Software) Hidden
Security Task Manager 2.1f (HKLM\...\Security Task Manager) (Version: 2.1f - Neuber Software)
Sentinel Protection Installer 7.5.0 (HKLM\...\{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}) (Version: 7.5.0 - SafeNet, Inc.)
Sonic CinePlayer Decoder Pack (HKLM\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.2.0 - Sonic Solutions)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TVP Animation 9.5 Professional Edition (remove only) (HKLM\...\TVP Animation 9 Pro) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11w3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Zoner Photo Studio 13 FREE (HKLM\...\ZonerPhotoStudio13_EN_is1) (Version: 13.0.1.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2146BDF0-63DC-4289-94C2-0E26E90A6BF2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-29] (AVAST Software)
Task: {67FF8C20-5066-4F72-BC65-754C1EB9F9C9} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {6AC28FDC-3C2E-4697-8451-8814E3B64596} - System32\Tasks\SafeZone scheduled Autoupdate 1455359297 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-12] (Avast Software)
Task: {89E7F427-1F4D-4D2B-B8C2-1E20986B44DF} - System32\Tasks\ASC9_SkipUac_Luke => C:\Program Files\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)
Task: {AF5269DD-B211-4B4E-BE71-AA0F75238C51} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {C8D54F16-5BF7-44D8-B666-D84343E51C5F} - System32\Tasks\Driver Booster SkipUAC (Luke) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {C9FAFEC3-9D00-43B9-9A0D-22A782F6BF67} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11] (Google Inc.)
Task: {CC433333-4AAD-4A60-9FD2-1184D90E5A6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-02-11] (Google Inc.)
Task: {D7159F95-121B-4CE4-AB4E-7D3C1A2F4FC3} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {FF9A9D30-96B1-4CCC-A3DD-97357592796B} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare\Monitor.exe [2015-12-03] (IObit)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-08-29 11:45 - 2016-08-29 11:45 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-07 11:50 - 2016-09-07 11:50 - 03084464 _____ () C:\Program Files\AVAST Software\Avast\defs\16090700\algo.dll
2016-08-29 11:45 - 2016-08-29 11:45 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-15 19:48 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare\madExcept_.bpl
2016-02-15 19:48 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare\madBasic_.bpl
2016-02-15 19:48 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare\madDisAsm_.bpl
2013-10-17 16:27 - 2013-10-17 16:27 - 00166912 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2016-07-01 13:23 - 2016-07-01 13:23 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-11 19:07 - 2014-12-22 22:42 - 01019672 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-09-07 12:04 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-07 12:04 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Luke\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1443009734-1096153861-1703218636-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Advanced SystemCare 9 => "C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe" /Auto

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{50AA5D92-B8FC-4B05-A9D6-38BFDF8105DE}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D6DB7EEE-B4C8-4C57-8934-EE6536121A1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D9EE90DB-8B2E-4B54-AF93-E66813464E58}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1D0D1B83-A7EC-4974-8836-EF63502AA71C}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{0FFD317F-91D0-4F4C-89D9-AC99BCE56695}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{667D87D3-3778-4746-943B-FECA1FB7E139}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{97331641-0755-414A-BC50-37A1E0754835}] => (Allow) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{C93CD3E5-ABD2-42FE-A54F-F0F3BFA8B50D}] => (Allow) LPort=80
FirewallRules: [{2E3AB3CC-0AF5-4CBB-94C4-B364BDD08E35}] => (Allow) LPort=80
FirewallRules: [{5EEEA751-2331-433C-8863-B95593C1F25B}] => (Allow) LPort=80
FirewallRules: [{71C615E7-50FC-4851-9352-ADD0E5EA1785}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{37708CEE-ED25-4A0E-81EF-6F66BDC79128}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EB3A1015-C9CC-41F7-870B-4C72D6B19800}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

05-06-2016 11:00:09 Naplánovaný kontrolní bod
06-06-2016 16:38:39 Naplánovaný kontrolní bod
07-06-2016 13:25:40 Windows Update
10-06-2016 12:15:09 Naplánovaný kontrolní bod
14-06-2016 14:03:16 Windows Update
15-06-2016 21:23:30 Windows Update
17-06-2016 21:38:50 Naplánovaný kontrolní bod
18-06-2016 19:22:50 Naplánovaný kontrolní bod
19-06-2016 13:23:31 Naplánovaný kontrolní bod
21-06-2016 15:54:57 Windows Update
22-06-2016 14:08:05 Naplánovaný kontrolní bod
23-06-2016 13:14:21 Naplánovaný kontrolní bod
25-06-2016 18:25:38 Naplánovaný kontrolní bod
01-07-2016 13:25:51 Windows Update
02-07-2016 20:19:56 Naplánovaný kontrolní bod
03-07-2016 16:39:35 Naplánovaný kontrolní bod
05-07-2016 13:39:33 Windows Update
06-07-2016 15:16:28 Naplánovaný kontrolní bod
07-07-2016 15:06:06 Naplánovaný kontrolní bod
08-07-2016 15:01:38 Naplánovaný kontrolní bod
12-07-2016 11:58:28 Windows Update
20-07-2016 16:20:13 Naplánovaný kontrolní bod
21-07-2016 06:42:17 Naplánovaný kontrolní bod
01-08-2016 19:13:54 Driver Booster : Realtek High Definition Audio
01-08-2016 19:21:32 Instalace balíčku ovladače zařízení: Realtek Semiconductor Corp. Řadiče zvuku, videa a her
01-08-2016 19:25:59 Instalace balíčku ovladače zařízení: Synaptics Systémová zařízení
29-08-2016 19:00:20 Instalace balíčku ovladače zařízení: Eset spol s r. o.
29-08-2016 19:01:11 Instalace balíčku ovladače zařízení: Eset spol s r. o.
29-08-2016 19:01:12 Instalace balíčku ovladače zařízení: Eset spol s r. o.
07-09-2016 12:28:15 Removed HTC Sync Manager.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2016 02:15:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/07/2016 01:10:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/07/2016 12:33:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/07/2016 11:49:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/06/2016 10:06:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/05/2016 03:58:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/05/2016 03:51:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/05/2016 09:59:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/04/2016 10:16:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (09/03/2016 10:00:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (09/05/2016 03:52:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LiveUpdate byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/05/2016 03:50:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:49:29, 5.9.2016) bylo neočekávané.

Error: (09/01/2016 06:32:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:31:20, 1.9.2016) bylo neočekávané.

Error: (08/31/2016 06:15:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sentinel Protection Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sentinel Keys Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HTCMonitorService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/31/2016 06:15:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Andrea RT Filters Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================
Date: 2016-09-07 14:39:57.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:57.125
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:56.937
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:56.735
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:39:56.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:17:46.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-09-07 14:17:46.748
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 3325.27 MB
Available physical RAM: 1630.08 MB
Total Virtual: 6867.53 MB
Available Virtual: 5057.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:455.68 GB) (Free:256.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.72 GB) NTFS
Drive j: (HTC Sync Manager) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 30000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=455.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================