Kontrola logu RSIT

Zpráva

BijViry · #1 Příspěvek od **BijViry** » 26 črc 2013 07:33

Zduř chlapi,

chci poprosit jestli nemáte někdo při pátku náladu podívat se na jeden log z RSITu.

Díky za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Boura at 2013-07-26 08:29:18
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 20 GB (14%) free of 148 GB
Total RAM: 3069 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:29:58, on 26.7.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Petr Boura\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr Boura.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - (no file)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - (no file)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.5.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9298 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-07-25 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-01-03 155184]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-07-25 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-01-08 858632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe [2011-10-30 247968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-04 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\decryption.exe:*:Enabled:decryption"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe"="C:\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=vdrcodec.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.MJPG"=Pvmjpg30.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-07-26 08:29:19 ----D---- C:\Program Files\trend micro
2013-07-26 08:29:18 ----D---- C:\rsit
2013-07-25 14:02:39 ----D---- C:\ProgramData\Google
2013-07-25 13:59:48 ----D---- C:\Program Files\Google
2013-07-25 13:55:12 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-07-25 13:55:12 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-07-25 13:55:12 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-07-24 14:36:08 ----D---- C:\Users\Petr Boura\AppData\Roaming\Malwarebytes
2013-07-24 14:35:48 ----D---- C:\ProgramData\Malwarebytes
2013-07-24 14:35:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-07-24 14:35:46 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-07-24 14:25:33 ----A---- C:\cleanup.exe
2013-07-24 14:25:25 ----A---- C:\zip.exe
2013-07-24 14:10:48 ----SHD---- C:\RECYCLER
2013-07-24 13:45:40 ----D---- C:\Windows\system32\MRT
2013-07-12 03:16:54 ----A---- C:\Windows\system32\vbscript.dll
2013-07-12 03:16:54 ----A---- C:\Windows\system32\mshtmled.dll
2013-07-12 03:16:52 ----A---- C:\Windows\system32\ieui.dll
2013-07-12 03:16:51 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-12 03:16:50 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-12 03:16:50 ----A---- C:\Windows\system32\ieUnatt.exe
2013-07-12 03:16:48 ----A---- C:\Windows\system32\wininet.dll
2013-07-12 03:16:48 ----A---- C:\Windows\system32\jscript.dll
2013-07-12 03:16:46 ----A---- C:\Windows\system32\url.dll
2013-07-12 03:16:46 ----A---- C:\Windows\system32\jscript9.dll
2013-07-12 03:16:44 ----A---- C:\Windows\system32\iertutil.dll
2013-07-12 03:16:42 ----A---- C:\Windows\system32\urlmon.dll
2013-07-12 03:16:37 ----A---- C:\Windows\system32\ieframe.dll
2013-07-12 03:16:35 ----A---- C:\Windows\system32\mshtml.dll
2013-07-11 09:11:31 ----A---- C:\Windows\system32\win32k.sys
2013-07-11 09:11:04 ----A---- C:\Windows\system32\DWrite.dll
2013-07-11 09:11:03 ----A---- C:\Windows\system32\FntCache.dll
2013-07-11 09:11:03 ----A---- C:\Windows\system32\d3d10level9.dll
2013-07-11 09:11:03 ----A---- C:\Windows\system32\d3d10core.dll
2013-07-11 09:11:03 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-07-11 09:11:02 ----A---- C:\Windows\system32\d3d10warp.dll
2013-07-11 09:11:02 ----A---- C:\Windows\system32\d3d10.dll
2013-07-11 09:11:01 ----A---- C:\Windows\system32\d3d10_1.dll
2013-07-11 09:11:01 ----A---- C:\Windows\system32\d2d1.dll
2013-07-11 09:10:58 ----A---- C:\Windows\system32\qedit.dll
2013-07-11 09:10:56 ----A---- C:\Windows\system32\WMVDECOD.DLL

======List of files/folders modified in the last 1 month======

2013-07-26 08:29:33 ----D---- C:\Windows\Prefetch
2013-07-26 08:29:19 ----RD---- C:\Program Files
2013-07-26 08:26:34 ----D---- C:\Windows\Temp
2013-07-26 08:21:39 ----SHD---- C:\System Volume Information
2013-07-26 08:18:54 ----D---- C:\Windows\pss
2013-07-26 07:13:11 ----D---- C:\Users\Petr Boura\AppData\Roaming\Skype
2013-07-25 14:30:26 ----D---- C:\Program Files\Defraggler
2013-07-25 14:10:01 ----SHD---- C:\Windows\Installer
2013-07-25 14:02:39 ----HD---- C:\ProgramData
2013-07-25 14:00:30 ----D---- C:\Windows\Tasks
2013-07-25 14:00:30 ----D---- C:\Windows\system32\Tasks
2013-07-25 13:55:22 ----D---- C:\Windows\system32\drivers
2013-07-25 13:55:05 ----D---- C:\Windows
2013-07-25 13:47:16 ----D---- C:\Windows\inf
2013-07-25 11:55:07 ----D---- C:\Windows\PCHEALTH
2013-07-25 06:57:55 ----D---- C:\Windows\System32
2013-07-25 06:57:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-07-24 13:45:39 ----D---- C:\Windows\Debug
2013-07-24 13:38:07 ----D---- C:\Windows\Panther
2013-07-24 13:38:05 ----D---- C:\Windows\Logs
2013-07-24 13:37:19 ----D---- C:\Program Files\CCleaner
2013-07-17 22:59:27 ----D---- C:\FOXTMP
2013-07-12 04:17:11 ----D---- C:\Windows\Microsoft.NET
2013-07-12 04:16:01 ----RSD---- C:\Windows\assembly
2013-07-12 03:57:24 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-12 03:53:58 ----D---- C:\Windows\system32\XPSViewer
2013-07-12 03:53:57 ----D---- C:\Windows\system32\migration
2013-07-12 03:53:57 ----D---- C:\Program Files\Internet Explorer
2013-07-12 03:29:07 ----D---- C:\Windows\winsxs
2013-07-12 03:26:52 ----D---- C:\ProgramData\Microsoft Help
2013-07-12 03:17:33 ----D---- C:\Windows\system32\catroot2
2013-07-12 03:17:33 ----D---- C:\Windows\system32\catroot
2013-07-12 03:01:15 ----D---- C:\Program Files\Windows Journal
2013-07-08 22:40:22 ----D---- C:\Lucka

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-25 175176]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-09-29 308248]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-01-03 18480]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-25 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-25 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-03-12 37040]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-03-12 38576]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-11-30 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-29 8192]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-09 3552256]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-22 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-09 2044896]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
R3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-27 6144]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-09-07 192816]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-22 659968]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-03-12 118064]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-08-30 81448]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-08-30 99880]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-05-18 28464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-08-30 17448]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 Dot4Scan;Ovladač třídy skeneru standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-21 10752]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 IpwP;IPWireless 3G Network Adapter; C:\Windows\system32\DRIVERS\ipw3gnet.sys [2008-10-10 51040]
S3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WisINT15;WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-09 671744]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-01-03 506416]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-03-12 931376]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-10-14 98304]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-29 386560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-25 116648]
S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-25 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-07-25 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 26 črc 2013 16:05

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Vidim nainstalovany MBAM, delal jste sken, nasel neco?

BijViry · #3 Příspěvek od **BijViry** » 26 črc 2013 16:31

Díky, MBAM našel jednu škodinu, ale bohužel jsem si nenapsal jak se to jmenovalo. On ten počítač hrozně dlouho přemýšlí. Než jsem to začal skenovat, tak jsem to vyčistil od všech zbytečností na disku a v registrech a stejně je to líný jak sviňa. Na to že to má 4GB paměti, nic moc. Sice jsou tam Visty, ale stejně bych to čekal živější. Bohužel jsem to nechal v práci tak budu pokračovat v pondělí. Sorry

A díky

#4 Příspěvek od **vyosek** » 26 črc 2013 18:01

No Visty celkove jsou kram, ale tak bezet by mely...

V pondeli tu snad tez budu

BijViry · #5 Příspěvek od **BijViry** » 29 črc 2013 08:50

No je to fakt, Vi$ty jsou shit. Tak posílám log :

Díky

# AdwCleaner v2.306 - Log vytvooen 29/07/2013 v 09:40:29
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows Vista (TM) Business Service Pack 2 (32 bits)
# Uživatel : Petr Boura - PETRBOURA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Petr Boura\Desktop\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\ProgramData\DriverCure
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Složka Nalezeno : C:\ProgramData\ParetoLogic
Složka Nalezeno : C:\Users\Petr Boura\AppData\Roaming\DriverCure

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Klíe Nalezeno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16496

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Petr Boura\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1437 octets] - [29/07/2013 09:40:29]

########## EOF - C:\AdwCleaner[R1].txt - [1497 octets] ##########

#6 Příspěvek od **vyosek** » 30 črc 2013 21:46

Poprosim o spusteni nasledujiciho

Aplikace ke stažení:

Po stažení FRSTLauncher spustte, objevi se mozna varovani od antiviru, ignorujte a nechte FRSTL spustit

Následně dojde ke stažení FRST a inicializaci

Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
Dooznačíme položku Addition.txt - viz obrázek.
Klikneme na tlačítko Scan čímž spustíme skenování.
Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

BijViry · #7 Příspěvek od **BijViry** » 31 črc 2013 08:58

Tak jsem provedl požadované a zde je výsledek.

Stálé díky

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-07-2013 04
Ran by Petr Boura (administrator) on 31-07-2013 09:54:38
Running from C:\Users\Petr Boura\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
(Western Digital) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Acer\Mobility Center\MobilityService.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LManager] - C:\PROGRA~1\LAUNCH~1\LManager.exe [858632 2008-01-08] (Dritek System Inc.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
MountPoints2: {7f2d2deb-0092-11df-a08c-000000000000} - G:\LaunchU3.exe -a
MountPoints2: {86fd29ef-fa21-11de-930b-000000000000} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {b5fecab0-299c-11de-8b9f-000000000000} - G:\DTSP_Launcher.exe
MountPoints2: {d318845d-004e-11df-b765-000000000000} - F:\TrueCrypt\TrueCrypt.exe /q background /e /m rm /v "data.tc"
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={se ... r=chr-acer
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={se ... r=chr-acer
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.4.5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.29.93.1

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.160.1) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U16) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Extension: (Docs) - C:\Users\PETRBO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\PETRBO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\PETRBO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\PETRBO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Gmail) - C:\Users\PETRBO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [506416 2008-01-03] (Egis Incorporated)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [931376 2007-03-12] (Nero AG)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] ()
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [98304 2009-10-14] (WDC)
S2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo)
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-21] (Microsoft Corporation)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-25] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-25] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-25] ()
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-21] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [118064 2007-03-12] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [37040 2007-03-12] (Nero AG)
U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [16304 2007-03-12] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [38576 2007-03-12] (Nero AG)
R2 int15; C:\Windows\system32\drivers\int15.sys [15392 2007-11-30] (Acer, Inc.)
S3 IpwP; C:\Windows\System32\DRIVERS\ipw3gnet.sys [51040 2008-10-10] (IPWireless Inc.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
S3 WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-31 09:53 - 2013-07-31 09:53 - 00000000 ____D C:\Users\PETRBO~1\AppData\Local\qb0830A1.7E
2013-07-31 09:53 - 2013-07-31 09:53 - 00000000 ____D C:\FRST
2013-07-31 09:53 - 2013-07-30 20:47 - 01222064 _____ (Farbar) C:\Users\Petr Boura\Desktop\FRST.exe
2013-07-29 09:51 - 2013-07-29 09:51 - 00001686 _____ C:\AdwCleaner[R3].txt
2013-07-29 09:51 - 2013-07-29 09:51 - 00001626 _____ C:\AdwCleaner[R2].txt
2013-07-29 09:40 - 2013-07-29 09:40 - 00666633 _____ C:\Users\Petr Boura\Desktop\adwcleaner.exe
2013-07-29 09:40 - 2013-07-29 09:40 - 00001566 _____ C:\AdwCleaner[R1].txt
2013-07-26 08:29 - 2013-07-26 08:30 - 00000000 ____D C:\rsit
2013-07-26 08:29 - 2013-07-26 08:29 - 00000000 ____D C:\Program Files\trend micro
2013-07-26 08:28 - 2013-07-26 08:28 - 00781383 _____ C:\Users\Petr Boura\Downloads\RSIT.exe
2013-07-25 14:29 - 2013-07-25 14:30 - 04100432 _____ (Piriform Ltd) C:\Users\Petr Boura\Downloads\dfsetup215.exe
2013-07-25 14:02 - 2013-07-25 14:02 - 00001975 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-25 14:02 - 2013-07-25 14:02 - 00000000 ____D C:\ProgramData\Google
2013-07-25 14:00 - 2013-07-31 09:47 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-25 14:00 - 2013-07-30 08:10 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-25 14:00 - 2013-07-25 14:06 - 00000000 ____D C:\Users\PETRBO~1\AppData\Local\Google
2013-07-25 13:59 - 2013-07-25 14:02 - 00000000 ____D C:\Program Files\Google
2013-07-25 13:55 - 2013-07-25 13:55 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-25 13:55 - 2013-07-25 13:55 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-25 13:55 - 2013-07-25 13:55 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-25 13:55 - 2013-07-25 13:55 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-25 13:55 - 2013-05-09 10:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-07-25 13:55 - 2013-05-09 10:59 - 00021576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-07-24 14:49 - 2013-06-25 11:19 - 00001490 _____ C:\Users\Petr Boura\Desktop\RESET.lnk
2013-07-24 14:49 - 2013-04-30 14:29 - 00001490 _____ C:\Users\Petr Boura\Desktop\OFF.lnk
2013-07-24 14:36 - 2013-07-24 14:36 - 00000000 ____D C:\Users\Petr Boura\AppData\Roaming\Malwarebytes
2013-07-24 14:35 - 2013-07-24 14:35 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-24 14:35 - 2013-07-24 14:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-24 14:35 - 2013-07-24 14:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-24 14:35 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-07-24 14:31 - 2013-07-24 14:31 - 00000000 _____ C:\Windows\setuperr.log
2013-07-24 14:31 - 2013-07-24 14:31 - 00000000 _____ C:\Windows\setupact.log
2013-07-24 14:25 - 2013-07-24 14:25 - 00135168 _____ C:\zip.exe
2013-07-24 14:25 - 2013-07-24 14:25 - 00019286 _____ C:\cleanup.exe
2013-07-24 13:50 - 2013-07-31 09:46 - 00093648 _____ C:\Windows\PFRO.log
2013-07-24 13:45 - 2013-07-24 13:47 - 00000000 ____D C:\Windows\system32\MRT
2013-07-12 03:16 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-12 03:16 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-12 03:16 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-12 03:16 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-12 03:16 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-12 03:16 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-12 03:16 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-12 03:16 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-12 03:16 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-12 03:16 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-12 03:16 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-12 03:16 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-12 03:16 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-12 03:16 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-12 03:16 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-12 03:16 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-11 09:11 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-11 09:11 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-11 09:11 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-11 09:11 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-11 09:11 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-11 09:11 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-11 09:11 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-11 09:11 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-11 09:11 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-11 09:11 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-11 09:10 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-11 09:10 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL

==================== One Month Modified Files and Folders =======

2013-07-31 09:53 - 2013-07-31 09:53 - 00000000 ____D C:\Users\PETRBO~1\AppData\Local\qb0830A1.7E
2013-07-31 09:53 - 2013-07-31 09:53 - 00000000 ____D C:\FRST
2013-07-31 09:52 - 2011-06-02 11:49 - 02000594 _____ C:\Windows\WindowsUpdate.log
2013-07-31 09:47 - 2013-07-25 14:00 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-31 09:46 - 2013-07-24 13:50 - 00093648 _____ C:\Windows\PFRO.log
2013-07-31 09:46 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-31 09:46 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-31 09:46 - 2006-11-02 14:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 20:47 - 2013-07-31 09:53 - 01222064 _____ (Farbar) C:\Users\Petr Boura\Desktop\FRST.exe
2013-07-30 08:52 - 2009-03-31 15:03 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-07-30 08:52 - 2006-11-02 15:01 - 00032604 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-30 08:10 - 2013-07-25 14:00 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-29 09:51 - 2013-07-29 09:51 - 00001686 _____ C:\AdwCleaner[R3].txt
2013-07-29 09:51 - 2013-07-29 09:51 - 00001626 _____ C:\AdwCleaner[R2].txt
2013-07-29 09:40 - 2013-07-29 09:40 - 00666633 _____ C:\Users\Petr Boura\Desktop\adwcleaner.exe
2013-07-29 09:40 - 2013-07-29 09:40 - 00001566 _____ C:\AdwCleaner[R1].txt
2013-07-26 08:30 - 2013-07-26 08:29 - 00000000 ____D C:\rsit
2013-07-26 08:29 - 2013-07-26 08:29 - 00000000 ____D C:\Program Files\trend micro
2013-07-26 08:28 - 2013-07-26 08:28 - 00781383 _____ C:\Users\Petr Boura\Downloads\RSIT.exe
2013-07-26 08:18 - 2011-06-02 11:44 - 00000000 ____D C:\Windows\pss
2013-07-26 07:13 - 2009-12-10 17:10 - 00000000 ____D C:\Users\Petr Boura\AppData\Roaming\Skype
2013-07-25 14:30 - 2013-07-25 14:29 - 04100432 _____ (Piriform Ltd) C:\Users\Petr Boura\Downloads\dfsetup215.exe
2013-07-25 14:30 - 2011-06-02 12:31 - 00001706 _____ C:\Users\Public\Desktop\Defraggler.lnk
2013-07-25 14:30 - 2011-06-02 12:31 - 00000000 ____D C:\Program Files\Defraggler
2013-07-25 14:06 - 2013-07-25 14:00 - 00000000 ____D C:\Users\PETRBO~1\AppData\Local\Google
2013-07-25 14:02 - 2013-07-25 14:02 - 00001975 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-25 14:02 - 2013-07-25 14:02 - 00000000 ____D C:\ProgramData\Google
2013-07-25 14:02 - 2013-07-25 13:59 - 00000000 ____D C:\Program Files\Google
2013-07-25 13:55 - 2013-07-25 13:55 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-07-25 13:55 - 2013-07-25 13:55 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-07-25 13:55 - 2013-07-25 13:55 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-07-25 13:55 - 2013-07-25 13:55 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-07-25 13:55 - 2012-02-01 22:17 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-07-25 13:55 - 2012-02-01 22:16 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-07-25 13:55 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-07-25 11:55 - 2008-04-27 20:24 - 00000000 ____D C:\Windows\PCHEALTH
2013-07-25 06:57 - 2006-11-02 12:33 - 01426990 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-24 14:36 - 2013-07-24 14:36 - 00000000 ____D C:\Users\Petr Boura\AppData\Roaming\Malwarebytes
2013-07-24 14:35 - 2013-07-24 14:35 - 00000910 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-07-24 14:35 - 2013-07-24 14:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-24 14:35 - 2013-07-24 14:35 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-07-24 14:31 - 2013-07-24 14:31 - 00000000 _____ C:\Windows\setuperr.log
2013-07-24 14:31 - 2013-07-24 14:31 - 00000000 _____ C:\Windows\setupact.log
2013-07-24 14:25 - 2013-07-24 14:25 - 00135168 _____ C:\zip.exe
2013-07-24 14:25 - 2013-07-24 14:25 - 00019286 _____ C:\cleanup.exe
2013-07-24 13:47 - 2013-07-24 13:45 - 00000000 ____D C:\Windows\system32\MRT
2013-07-24 13:38 - 2008-02-15 03:41 - 00000000 ____D C:\Windows\Panther
2013-07-24 13:37 - 2011-06-02 08:53 - 00000808 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-07-24 13:37 - 2011-06-02 08:53 - 00000000 ____D C:\Program Files\CCleaner
2013-07-19 00:24 - 2011-09-29 22:43 - 231621632 _____ C:\Users\Petr Boura\Documents\Outlook.pst
2013-07-17 22:59 - 2010-05-11 10:52 - 00000000 ____D C:\FOXTMP
2013-07-17 22:46 - 2011-09-29 22:35 - 00002633 _____ C:\Users\Petr Boura\Desktop\Microsoft Office Outlook 2007.lnk
2013-07-12 04:17 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-12 03:59 - 2006-11-02 14:47 - 00410464 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-12 03:57 - 2010-06-20 22:44 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-12 03:53 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-12 03:26 - 2008-04-27 20:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-12 03:01 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-08 22:40 - 2010-08-09 21:13 - 00000000 ____D C:\Lucka

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-31 09:54

==================== Scheduled Tasks (whitelisted) ===========

Task: {0BA9D0C9-33DA-47B5-B33F-EB1FA9191897} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {123FB7DF-F11C-4EDE-BECC-12333EA36C1F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {155723BA-60E2-4354-93AF-84EAC8D3C2D8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {22E1772E-7DFE-4C5F-841F-1C93FD5D82A4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {2DE18FE4-6467-484F-8431-206702EC5546} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2E5B7D97-F14C-4CFF-864E-620AABA892D1} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {31D0C8A4-B75D-4D62-A659-434925C2BAAA} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {385C7A56-7B50-4C2B-8DC7-D3D208EC6AF6} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {4D72741E-769C-45DB-8604-CB8EBDADAA29} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {5CCC2A72-DEA8-4A72-B66D-EDA9EAA574D1} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {684CA7BD-733D-48DF-BDFE-C0E0879769C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {8A4AEB9C-4A3D-414C-B18A-47DC38104B57} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {A2997F03-023C-461A-93D6-525BA1B759F0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {D27FBB2E-0EAF-4848-9D50-3FD7026D0477} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-25] (Google Inc.)
Task: {D3F5B4A4-84BE-42F6-AEFB-B609F93DD4A9} - System32\Tasks\{74982A02-F151-4E5D-9A41-920F8F6909F4} => C:\Program Files\Skype\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {DAA410D3-693A-44B6-B09D-E78E00A9E3E9} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {EF4439CC-2963-43B8-A6D6-45FB762360D3} - System32\Tasks\{3F3DD8C9-DCBB-401C-95C0-06147BFB2827} => c:\program files\internet explorer\iexplore.exe [2013-05-29] (Microsoft Corporation)
Task: {F36FB42E-319B-4FF6-B49F-BD9C329BC0EF} - System32\Tasks\WPD\SqmUpload_S-1-5-21-439585819-2840079337-3125192857-1003 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) ================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
command REG_SZ "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate
command REG_SZ C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe -update activex
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
command REG_SZ "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif
command REG_SZ "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList
command REG_SZ C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
command REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender
command REG_SZ %ProgramFiles%\Windows Defender\MSASCui.exe -hide
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
command REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe

Soubor "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" ... existuje.
Soubor C:\Windows\system32\Macromed\Flash\FlashUtil11c_ActiveX.exe -update activex ... neexistuje.
Soubor "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" ... existuje.
Soubor "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" ... existuje.
Soubor C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe ... existuje.
Soubor "C:\Program Files\Java\jre6\bin\jusched.exe" ... existuje.
Soubor %ProgramFiles%\Windows Defender\MSASCui.exe -hide ... neexistuje.
Soubor C:\Program Files\Windows Media Player\WMPNSCFG.exe ... existuje.

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"EnableUIADesktopToggle"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\encryption.exe:*:Enabled:encryption"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\decryption.exe:*:Enabled:decryption"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDStbmngr.exe:*:Enabled:eDStbmngr"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\encryption.exe:*:Enabled:encryption"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\decryption.exe:*:Enabled:decryption"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDSMgr.exe:*:Enabled:eDSMgr"
"C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe"="C:\\Acer\\Empowering Technology\\eDataSecurity\\x64\\eDStbmngr.exe:*:Enabled:eDStbmngr"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="vdrcodec.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"vidc.cvid"="iccvid.dll"
"MSVideo8"="VfWWDM32.dll"
"VIDC.MJPG"="Pvmjpg30.dll"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"wave3"="wdmaud.drv"
"midi3"="wdmaud.drv"
"mixer3"="wdmaud.drv"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"wave4"="wdmaud.drv"
"midi4"="wdmaud.drv"
"mixer4"="wdmaud.drv"
"aux1"="wdmaud.drv"

==================== Drive and Memory info ===================

BS.Player FREE (Version: 2.51.1020)
Drive c: (Acer) (Fixed) (Total:144.17 GB) (Free:19.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:144.15 GB) (Free:125.03 GB) NTFS

Available physical RAM: 1337.36 MB
Total physical RAM: 3069.5 MB
Percentage of memory in use: 56%

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 31 črc 2013 21:18

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
MountPoints2: {7f2d2deb-0092-11df-a08c-000000000000} - G:\LaunchU3.exe -a
MountPoints2: {86fd29ef-fa21-11de-930b-000000000000} - "F:\WD SmartWare.exe" autoplay=true
MountPoints2: {b5fecab0-299c-11de-8b9f-000000000000} - G:\DTSP_Launcher.exe
MountPoints2: {d318845d-004e-11df-b765-000000000000} - F:\TrueCrypt\TrueCrypt.exe /q background /e /m rm /v "data.tc"
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
SearchScopes: HKCU - DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
Handler: msdaipp - No CLSID Value - 
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
S3 WisINT15; \??\C:\Elements\1stboot\WisINT15.SYS [x]
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe


REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG" /f
CMD: shutdown /t 5 /f

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

BijViry · #9 Příspěvek od **BijViry** » 01 srp 2013 08:24

Tak provedeno podle návodu a zde je log. Na konci je trochu rozsypaná čeština, ale je to čitelný.

Díky

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-07-2013 04
Ran by Petr Boura at 2013-08-01 09:16:57 Run:1
Running from C:\Users\Petr Boura\Desktop
Boot Mode: Normal

==============================================

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f2d2deb-0092-11df-a08c-000000000000} => Key deleted successfully.
HKCR\CLSID\{7f2d2deb-0092-11df-a08c-000000000000} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86fd29ef-fa21-11de-930b-000000000000} => Key deleted successfully.
HKCR\CLSID\{86fd29ef-fa21-11de-930b-000000000000} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5fecab0-299c-11de-8b9f-000000000000} => Key deleted successfully.
HKCR\CLSID\{b5fecab0-299c-11de-8b9f-000000000000} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d318845d-004e-11df-b765-000000000000} => Key deleted successfully.
HKCR\CLSID\{d318845d-004e-11df-b765-000000000000} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key deleted successfully.
HKCR\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} => Key not found.
HKCR\PROTOCOLS\Handler\msdaipp => Key deleted successfully.
IpInIp => Service deleted successfully.
lmimirr => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
upperdev => Service deleted successfully.
WisINT15 => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= shutdown /t 5 /f =========

Pou�it�: shutdown [/i | /l | /s | /r | /g | /a | /p | /h | /e] [/f]
[/m \\po��ta�][/t xxx][/d [plu:]xx:yy [/c "koment��"]]

��dn� argumenty Zobraz� n�pov�du, toto�n� s argumentem /?.
/? Zobraz� n�pov�du. V�sledek je stejn�, jako kdy� nezad�te
��dnou mo�nost.
/i Zobraz� grafick� u�ivatelsk� rozhran� (GUI).
Toto mus� b�t prvn� mo�nost.
/l Odhl��en�. Nelze pou��t s p�ep�na�i /m nebo /d.
/s Vypne po��ta�.
/r Vypne a restartuje po��ta�.
/g Vypne a restartuje po��ta�. Po nov�m spu�t�n� po��ta�e
restartujte v�echny registrovan� aplikace.
/a P�eru� vyp�n�n� syst�mu.
Lze pou��t pouze v �asov�m limitu.
/p Vypne m�stn� po��ta� bez �asov�ho limitu nebo
upozorn�n�.
Lze pou��t pouze s p�ep�na�i /d a /f.
/h Uvede m�stn� po��ta� do re�imu sp�nku.
Lze pou��t s p�ep�na�em /f.
/e Dokumentuje d�vod neo�ek�van�ho vypnut� po��ta�e.
/m \\po��ta� Ur�uje c�lov� po��ta�.
/t xxx Nastav� �asov� limit p�ed vypnut�m na xxx sekund.
Platn� rozsah je 0-600, v�choz� hodnota je 30.
Pou�it� p�ep�na�e /t xxx nazna�uje, �e je nastaven
p�ep�na� /f.
/c "koment��" Koment�� k d�vodu restartov�n� nebo vypnut�.
Povoleno maxim�ln� 512 znak�.
/f Vynut� ukon�en� spu�t�n�ch aplikac� bez p�edchoz�ho
upozorn�n�.
P�ep�na� /f je automaticky nastaven, je-li pou�it
s p�ep�na�em /t xxx.
/d [p|u:]xx:yy Zadejte d�vod restartov�n� nebo vypnut�.
p ozna�uje, �e restartov�n� nebo vypnut� je pl�novan�.
u ozna�uje, �e d�vod definuje u�ivatel.
Pokud nen� zad�no p ani u, je restartov�n� nebo vypnut�
syst�mu nepl�novan�.
xx je ��slo z�va�n�ho d�vodu (kladn� cel� ��slo men�
ne� 256).
yy je ��slo m�n� z�va�n�ho d�vodu (kladn� cel� ��slo men�
ne� 65 536).

D�vody v tomto po��ta�i:
(E = o�ek�v�no, U = neo�ek�v�no, P = pl�nov�no,
C = definov�no u�ivatelem)
Typ Z�va�n� M�n� N�zev
z�va�n�

U 0 0 Jin� (Nepl�nov�no)
E 0 0 Jin� (Nepl�nov�no)
E P 0 0 Jin� (Pl�nov�no)
U 0 5 Jin� selh�n�: Syst�m neodpov�d�
E 1 1 Hardware: �dr�ba (Nepl�novan�)
E P 1 1 Hardware: �dr�ba (Pl�novan�)
E 1 2 Hardware: Instalace (Nepl�novan�)
E P 1 2 Hardware: Instalace (Pl�novan�)
P 2 3 Opera�n� syst�m: Inovace (Pl�novan�)
E 2 4 Opera�n� syst�m: Zm�na konfigurace (Nepl�novan�)
E P 2 4 Opera�n� syst�m: Zm�na konfigurace (Pl�novan�)
P 2 16 Opera�n� syst�m: Service Pack (pl�nov�no)
2 17 Opera�n� syst�m: Hot fix (nepl�nov�no)
P 2 17 Opera�n� syst�m: Hot fix (pl�nov�no)
2 18 Opera�n� syst�m: oprava zabezpe�en� (nepl�nov�no)
P 2 18 Opera�n� syst�m: oprava zabezpe�en� (pl�nov�no)
E 4 1 Aplikace: �dr�ba (Nepl�novan�)
E P 4 1 Aplikace: �dr�ba (pl�novan�)
E P 4 2 Aplikace: instalace (pl�nov�no)
E 4 5 Aplikace: Neodpov�d�
E 4 6 Aplikace: Nestabiln�
U 5 15 Selh�n� syst�mu: Chyba STOP
E 5 19 Pot��e se zabezpe�en�m
U 5 19 Pot��e se zabezpe�en�m
E P 5 19 Pot��e se zabezpe�en�m
E 5 20 Ztr�ta s��ov�ho p�ipojen� (nepl�nov�no)
U 6 11 Selh�n� nap�jen�: Odpojen� kabel
U 6 12 Selh�n� nap�jen�: Prost�ed�
P 7 0 Vypnut� zastaral� verze rozhran� API

========= End of CMD: =========

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 01 srp 2013 21:21

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

BijViry · #11 Příspěvek od **BijViry** » 05 srp 2013 07:31

Díky za pomoc, vypadá to dobře. ... no dobře - jsou to Visty no

Díky

#12 Příspěvek od **vyosek** » 06 srp 2013 12:47

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Kontrola logu RSIT

Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT

Re: Kontrola logu RSIT