Dobry vecer. Chcem Vas poprosit o kontrolu pretoze pocitac ale hlavne internet je neskutocne spomaleny a navyse uz dlhsie sa z casu na cas objavuju problemy s vypnutim notebooku, ako keby vobec nereagoval a musim ho vypnut ,,natvrdo"
Logfile of random's system information tool 1.09 (written by random/random)
Run by Viera at 2013-12-04 21:56:35
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 26 GB (27%) free of 95 GB
Total RAM: 1916 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:56:55, on 4. 12. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Viera\Desktop\RSIT.exe
C:\Program Files\trend micro\Viera.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dalesearch.com/?babsrc=HP_ss ... 0&tsp=4991
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 4293 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
npCortona.xpt
C:\Program Files\Mozilla Firefox\plugins\
exeImagine.IMD
np-mswmp.dll
npCortona.dll
npImagine.dll
npkimi.dll
NPOFF12.DLL
nppdf32.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-15 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-15 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"=C:\Program Files\SiS VGA Utilities\SiSTray.exe [2007-08-24 552960]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-11-14 4706304]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe [2013-11-23 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-29 3568312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-04 07:21:12 ----D---- C:\db91fb63deb07e9b45ed8574
2013-11-30 11:09:45 ----D---- C:\Users\Viera\AppData\Roaming\AVAST Software
2013-11-29 20:30:03 ----D---- C:\ProgramData\AVAST Software
2013-11-15 19:57:55 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 05:36:24 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-13 05:36:23 ----A---- C:\Windows\system32\vbscript.dll
2013-11-13 05:36:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-13 05:36:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 05:36:13 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 05:36:12 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 05:36:09 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 05:36:08 ----A---- C:\Windows\system32\url.dll
2013-11-13 05:36:06 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 05:36:00 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 05:35:52 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 05:35:49 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 05:26:41 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 05:26:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:26:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-06 06:00:30 ----D---- C:\Program Files\Mozilla Firefox.bak
======List of files/folders modified in the last 1 month======
2013-12-04 21:56:56 ----D---- C:\Windows\temp
2013-12-04 21:56:39 ----D---- C:\Program Files\trend micro
2013-12-04 19:10:57 ----D---- C:\Windows\System32
2013-12-04 19:10:57 ----D---- C:\Windows\inf
2013-12-04 19:10:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-04 17:36:32 ----SHD---- C:\System Volume Information
2013-12-02 20:36:59 ----D---- C:\Users\Viera\AppData\Roaming\Skype
2013-12-02 18:02:12 ----D---- C:\Users\Viera\AppData\Roaming\skypePM
2013-11-30 11:08:18 ----D---- C:\Windows\system32\drivers
2013-11-29 20:36:15 ----D---- C:\Windows\system32\Tasks
2013-11-29 20:35:45 ----D---- C:\Windows\winsxs
2013-11-29 20:35:43 ----D---- C:\Windows
2013-11-29 20:35:37 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-29 20:30:03 ----D---- C:\ProgramData
2013-11-27 13:44:57 ----D---- C:\Windows\system32\catroot2
2013-11-16 17:00:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 08:35:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-16 08:31:30 ----RD---- C:\Program Files
2013-11-13 06:14:21 ----D---- C:\Windows\rescache
2013-11-13 05:38:51 ----D---- C:\Windows\system32\migration
2013-11-13 05:38:51 ----D---- C:\Program Files\Internet Explorer
2013-11-13 05:38:50 ----D---- C:\Windows\system32\sk-SK
2013-11-13 05:36:54 ----D---- C:\Windows\system32\catroot
2013-11-13 05:28:32 ----D---- C:\Windows\system32\MRT
2013-11-13 05:28:14 ----A---- C:\Windows\system32\mrt.exe
2013-11-11 05:50:18 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-29 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-29 178304]
R1 AswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2013-11-29 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-29 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-29 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-29 57672]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-31 243128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-29 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-29 70384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 350720]
R3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-08-24 452096]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-05-02 48128]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-04-06 40776]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-29 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 257416]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
spomaleny internet a problemy s vypinanim
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Zdravím!
Nejprve spusťte tuto utilitu:
Nejprve spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spomaleny internet a problemy s vypinanim
# AdwCleaner v3.014 - Report created 04/12/2013 at 22:22:44
# Updated 01/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Viera - MAREK
# Running from : C:\Users\Viera\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\icqtoolbar
Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Users\Viera\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Viera\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\ICQToolbarData
File Deleted : C:\Users\Viera\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\bProtector_extensions.rdf
File Deleted : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\user.js
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C221C41A-F3DE-482F-8DD9-F00ACF64106C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C221C41A-F3DE-482F-8DD9-F00ACF64106C}
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\596d68fb56abf41
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{33CB14BC-58BB-4B3A-9877-7946A3F41BAE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16520
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v25.0.1 (en-US)
[ File : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\prefs.js ]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
-\\ Google Chrome v
[ File : C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4951 octets] - [04/12/2013 22:21:41]
AdwCleaner[S0].txt - [4917 octets] - [04/12/2013 22:22:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4977 octets] ##########
# Updated 01/12/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Viera - MAREK
# Running from : C:\Users\Viera\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\icqtoolbar
Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Users\Viera\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Viera\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\ICQToolbarData
File Deleted : C:\Users\Viera\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\bProtector_extensions.rdf
File Deleted : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\user.js
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Shortcuts ] *****
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C221C41A-F3DE-482F-8DD9-F00ACF64106C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C221C41A-F3DE-482F-8DD9-F00ACF64106C}
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\596d68fb56abf41
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{33CB14BC-58BB-4B3A-9877-7946A3F41BAE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16520
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v25.0.1 (en-US)
[ File : C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\prefs.js ]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
-\\ Google Chrome v
[ File : C:\Users\Viera\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4951 octets] - [04/12/2013 22:21:41]
AdwCleaner[S0].txt - [4917 octets] - [04/12/2013 22:22:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4977 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spomaleny internet a problemy s vypinanim
tu je novy log
Logfile of random's system information tool 1.09 (written by random/random)
Run by Viera at 2013-12-04 22:39:04
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 26 GB (27%) free of 95 GB
Total RAM: 1916 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:13, on 4. 12. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Users\Viera\Desktop\RSIT.exe
C:\Program Files\trend micro\Viera.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 4047 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
npCortona.xpt
C:\Program Files\Mozilla Firefox\plugins\
exeImagine.IMD
np-mswmp.dll
npCortona.dll
npImagine.dll
npkimi.dll
NPOFF12.DLL
nppdf32.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-15 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-15 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"=C:\Program Files\SiS VGA Utilities\SiSTray.exe [2007-08-24 552960]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-11-14 4706304]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe [2013-11-23 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-29 3568312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-04 22:21:39 ----D---- C:\AdwCleaner
2013-12-04 07:21:12 ----D---- C:\db91fb63deb07e9b45ed8574
2013-11-30 11:09:45 ----D---- C:\Users\Viera\AppData\Roaming\AVAST Software
2013-11-29 20:30:03 ----D---- C:\ProgramData\AVAST Software
2013-11-15 19:57:55 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 05:36:24 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-13 05:36:23 ----A---- C:\Windows\system32\vbscript.dll
2013-11-13 05:36:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-13 05:36:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 05:36:13 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 05:36:12 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 05:36:09 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 05:36:08 ----A---- C:\Windows\system32\url.dll
2013-11-13 05:36:06 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 05:36:00 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 05:35:52 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 05:35:49 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 05:26:41 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 05:26:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:26:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-06 06:00:30 ----D---- C:\Program Files\Mozilla Firefox.bak
======List of files/folders modified in the last 1 month======
2013-12-04 22:39:09 ----D---- C:\Windows\temp
2013-12-04 22:39:09 ----D---- C:\Program Files\trend micro
2013-12-04 22:30:14 ----D---- C:\Windows\System32
2013-12-04 22:30:14 ----D---- C:\Windows\inf
2013-12-04 22:30:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-04 22:22:45 ----RD---- C:\Program Files
2013-12-04 22:22:45 ----D---- C:\Windows\system32\Tasks
2013-12-04 22:22:45 ----D---- C:\ProgramData
2013-12-04 17:36:32 ----SHD---- C:\System Volume Information
2013-12-02 20:36:59 ----D---- C:\Users\Viera\AppData\Roaming\Skype
2013-12-02 18:02:12 ----D---- C:\Users\Viera\AppData\Roaming\skypePM
2013-11-30 11:08:18 ----D---- C:\Windows\system32\drivers
2013-11-29 20:35:45 ----D---- C:\Windows\winsxs
2013-11-29 20:35:43 ----D---- C:\Windows
2013-11-29 20:35:37 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-27 13:44:57 ----D---- C:\Windows\system32\catroot2
2013-11-16 17:00:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 08:35:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-13 06:14:21 ----D---- C:\Windows\rescache
2013-11-13 05:38:51 ----D---- C:\Windows\system32\migration
2013-11-13 05:38:51 ----D---- C:\Program Files\Internet Explorer
2013-11-13 05:38:50 ----D---- C:\Windows\system32\sk-SK
2013-11-13 05:36:54 ----D---- C:\Windows\system32\catroot
2013-11-13 05:33:27 ----D---- C:\Windows\system32\MRT
2013-11-13 05:28:14 ----A---- C:\Windows\system32\mrt.exe
2013-11-11 05:50:18 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-29 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-29 178304]
R1 AswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2013-11-29 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-29 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-29 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-29 57672]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-31 243128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-29 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-29 70384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 350720]
R3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-08-24 452096]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-05-02 48128]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-04-06 40776]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-29 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 257416]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Viera at 2013-12-04 22:39:04
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 26 GB (27%) free of 95 GB
Total RAM: 1916 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:39:13, on 4. 12. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Users\Viera\Desktop\RSIT.exe
C:\Program Files\trend micro\Viera.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 4047 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
npCortona.xpt
C:\Program Files\Mozilla Firefox\plugins\
exeImagine.IMD
np-mswmp.dll
npCortona.dll
npImagine.dll
npkimi.dll
NPOFF12.DLL
nppdf32.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-15 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-15 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"=C:\Program Files\SiS VGA Utilities\SiSTray.exe [2007-08-24 552960]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-11-14 4706304]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe [2013-11-23 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-29 3568312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-04 22:21:39 ----D---- C:\AdwCleaner
2013-12-04 07:21:12 ----D---- C:\db91fb63deb07e9b45ed8574
2013-11-30 11:09:45 ----D---- C:\Users\Viera\AppData\Roaming\AVAST Software
2013-11-29 20:30:03 ----D---- C:\ProgramData\AVAST Software
2013-11-15 19:57:55 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 05:36:24 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-13 05:36:23 ----A---- C:\Windows\system32\vbscript.dll
2013-11-13 05:36:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-13 05:36:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 05:36:13 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 05:36:12 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 05:36:09 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 05:36:08 ----A---- C:\Windows\system32\url.dll
2013-11-13 05:36:06 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 05:36:00 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 05:35:52 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 05:35:49 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 05:26:41 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 05:26:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:26:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-06 06:00:30 ----D---- C:\Program Files\Mozilla Firefox.bak
======List of files/folders modified in the last 1 month======
2013-12-04 22:39:09 ----D---- C:\Windows\temp
2013-12-04 22:39:09 ----D---- C:\Program Files\trend micro
2013-12-04 22:30:14 ----D---- C:\Windows\System32
2013-12-04 22:30:14 ----D---- C:\Windows\inf
2013-12-04 22:30:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-04 22:22:45 ----RD---- C:\Program Files
2013-12-04 22:22:45 ----D---- C:\Windows\system32\Tasks
2013-12-04 22:22:45 ----D---- C:\ProgramData
2013-12-04 17:36:32 ----SHD---- C:\System Volume Information
2013-12-02 20:36:59 ----D---- C:\Users\Viera\AppData\Roaming\Skype
2013-12-02 18:02:12 ----D---- C:\Users\Viera\AppData\Roaming\skypePM
2013-11-30 11:08:18 ----D---- C:\Windows\system32\drivers
2013-11-29 20:35:45 ----D---- C:\Windows\winsxs
2013-11-29 20:35:43 ----D---- C:\Windows
2013-11-29 20:35:37 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-27 13:44:57 ----D---- C:\Windows\system32\catroot2
2013-11-16 17:00:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 08:35:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-13 06:14:21 ----D---- C:\Windows\rescache
2013-11-13 05:38:51 ----D---- C:\Windows\system32\migration
2013-11-13 05:38:51 ----D---- C:\Program Files\Internet Explorer
2013-11-13 05:38:50 ----D---- C:\Windows\system32\sk-SK
2013-11-13 05:36:54 ----D---- C:\Windows\system32\catroot
2013-11-13 05:33:27 ----D---- C:\Windows\system32\MRT
2013-11-13 05:28:14 ----A---- C:\Windows\system32\mrt.exe
2013-11-11 05:50:18 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-29 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-29 178304]
R1 AswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2013-11-29 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-29 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-29 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-29 57672]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-31 243128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-29 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-29 70384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 350720]
R3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-08-24 452096]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-05-02 48128]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-04-06 40776]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-29 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 257416]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spomaleny internet a problemy s vypinanim
toto mi vyskocilo po restarte
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Viera
->Temp folder emptied: 206977320 bytes
->Temporary Internet Files folder emptied: 13833133 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 388992051 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 216018 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212305481 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 28905794 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 812,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Viera
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12042013_230946
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Viera
->Temp folder emptied: 206977320 bytes
->Temporary Internet Files folder emptied: 13833133 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 388992051 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 216018 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212305481 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 28905794 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 812,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Viera
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 12042013_230946
Files moved on Reboot...
Registry entries deleted on Reboot...
Re: spomaleny internet a problemy s vypinanim
A log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Viera at 2013-12-04 23:19:33
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 27 GB (28%) free of 95 GB
Total RAM: 1916 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:00, on 4. 12. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Viera\Desktop\RSIT.exe
C:\Program Files\trend micro\Viera.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 3853 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
npCortona.xpt
C:\Program Files\Mozilla Firefox\plugins\
exeImagine.IMD
np-mswmp.dll
npCortona.dll
npImagine.dll
npkimi.dll
NPOFF12.DLL
nppdf32.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-15 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-15 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"=C:\Program Files\SiS VGA Utilities\SiSTray.exe [2007-08-24 552960]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-11-14 4706304]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe [2013-11-23 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-29 3568312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-04 23:09:46 ----D---- C:\_OTM
2013-12-04 22:21:39 ----D---- C:\AdwCleaner
2013-12-04 07:21:12 ----D---- C:\db91fb63deb07e9b45ed8574
2013-11-30 11:09:45 ----D---- C:\Users\Viera\AppData\Roaming\AVAST Software
2013-11-29 20:30:03 ----D---- C:\ProgramData\AVAST Software
2013-11-15 19:57:55 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 05:36:24 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-13 05:36:23 ----A---- C:\Windows\system32\vbscript.dll
2013-11-13 05:36:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-13 05:36:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 05:36:13 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 05:36:12 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 05:36:09 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 05:36:08 ----A---- C:\Windows\system32\url.dll
2013-11-13 05:36:06 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 05:36:00 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 05:35:52 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 05:35:49 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 05:26:41 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 05:26:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:26:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-06 06:00:30 ----D---- C:\Program Files\Mozilla Firefox.bak
======List of files/folders modified in the last 1 month======
2013-12-04 23:19:53 ----D---- C:\Windows\temp
2013-12-04 23:19:37 ----D---- C:\Program Files\trend micro
2013-12-04 23:15:16 ----D---- C:\Windows
2013-12-04 22:30:14 ----D---- C:\Windows\System32
2013-12-04 22:30:14 ----D---- C:\Windows\inf
2013-12-04 22:30:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-04 22:22:45 ----RD---- C:\Program Files
2013-12-04 22:22:45 ----D---- C:\Windows\system32\Tasks
2013-12-04 22:22:45 ----D---- C:\ProgramData
2013-12-04 17:36:32 ----SHD---- C:\System Volume Information
2013-12-02 20:36:59 ----D---- C:\Users\Viera\AppData\Roaming\Skype
2013-12-02 18:02:12 ----D---- C:\Users\Viera\AppData\Roaming\skypePM
2013-11-30 11:08:18 ----D---- C:\Windows\system32\drivers
2013-11-29 20:35:45 ----D---- C:\Windows\winsxs
2013-11-29 20:35:37 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-27 13:44:57 ----D---- C:\Windows\system32\catroot2
2013-11-16 17:00:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 08:35:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-13 06:14:21 ----D---- C:\Windows\rescache
2013-11-13 05:38:51 ----D---- C:\Windows\system32\migration
2013-11-13 05:38:51 ----D---- C:\Program Files\Internet Explorer
2013-11-13 05:38:50 ----D---- C:\Windows\system32\sk-SK
2013-11-13 05:36:54 ----D---- C:\Windows\system32\catroot
2013-11-13 05:33:27 ----D---- C:\Windows\system32\MRT
2013-11-13 05:28:14 ----A---- C:\Windows\system32\mrt.exe
2013-11-11 05:50:18 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-29 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-29 178304]
R1 AswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2013-11-29 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-29 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-29 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-29 57672]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-31 243128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-29 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-29 70384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 350720]
R3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-08-24 452096]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-05-02 48128]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-04-06 40776]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-29 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 257416]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Viera at 2013-12-04 23:19:33
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 27 GB (28%) free of 95 GB
Total RAM: 1916 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:00, on 4. 12. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16520)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Viera\Desktop\RSIT.exe
C:\Program Files\trend micro\Viera.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
--
End of file - 3853 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:4.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@parallelgraphics.com/Cortona]
"Description"=Cortona VRML Plugin
"Path"=C:\Program Files\Common Files\ParallelGraphics\Cortona\npCortona.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
npCortona.xpt
C:\Program Files\Mozilla Firefox\plugins\
exeImagine.IMD
np-mswmp.dll
npCortona.dll
npImagine.dll
npkimi.dll
NPOFF12.DLL
nppdf32.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-15 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-29 606544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}]
Rich Media Downloader - C:\Users\Viera\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-15 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"=C:\Program Files\SiS VGA Utilities\SiSTray.exe [2007-08-24 552960]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-11-14 4706304]
"Skytel"=C:\Windows\Skytel.exe [2007-10-11 1826816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\58891386-eca0-45f8-b990-d6c9e781b506.exe [2013-11-23 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-29 3568312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-08-01 3673696]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-04 23:09:46 ----D---- C:\_OTM
2013-12-04 22:21:39 ----D---- C:\AdwCleaner
2013-12-04 07:21:12 ----D---- C:\db91fb63deb07e9b45ed8574
2013-11-30 11:09:45 ----D---- C:\Users\Viera\AppData\Roaming\AVAST Software
2013-11-29 20:30:03 ----D---- C:\ProgramData\AVAST Software
2013-11-15 19:57:55 ----D---- C:\Program Files\Mozilla Firefox
2013-11-13 05:36:24 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-13 05:36:23 ----A---- C:\Windows\system32\vbscript.dll
2013-11-13 05:36:18 ----A---- C:\Windows\system32\ieui.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-11-13 05:36:17 ----A---- C:\Windows\system32\ieUnatt.exe
2013-11-13 05:36:15 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-13 05:36:13 ----A---- C:\Windows\system32\wininet.dll
2013-11-13 05:36:12 ----A---- C:\Windows\system32\jscript.dll
2013-11-13 05:36:09 ----A---- C:\Windows\system32\jscript9.dll
2013-11-13 05:36:08 ----A---- C:\Windows\system32\url.dll
2013-11-13 05:36:06 ----A---- C:\Windows\system32\iertutil.dll
2013-11-13 05:36:00 ----A---- C:\Windows\system32\urlmon.dll
2013-11-13 05:35:52 ----A---- C:\Windows\system32\ieframe.dll
2013-11-13 05:35:49 ----A---- C:\Windows\system32\mshtml.dll
2013-11-13 05:26:41 ----A---- C:\Windows\system32\gdi32.dll
2013-11-13 05:26:34 ----A---- C:\Windows\system32\crypt32.dll
2013-11-13 05:26:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-13 05:26:18 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-06 06:00:30 ----D---- C:\Program Files\Mozilla Firefox.bak
======List of files/folders modified in the last 1 month======
2013-12-04 23:19:53 ----D---- C:\Windows\temp
2013-12-04 23:19:37 ----D---- C:\Program Files\trend micro
2013-12-04 23:15:16 ----D---- C:\Windows
2013-12-04 22:30:14 ----D---- C:\Windows\System32
2013-12-04 22:30:14 ----D---- C:\Windows\inf
2013-12-04 22:30:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-04 22:22:45 ----RD---- C:\Program Files
2013-12-04 22:22:45 ----D---- C:\Windows\system32\Tasks
2013-12-04 22:22:45 ----D---- C:\ProgramData
2013-12-04 17:36:32 ----SHD---- C:\System Volume Information
2013-12-02 20:36:59 ----D---- C:\Users\Viera\AppData\Roaming\Skype
2013-12-02 18:02:12 ----D---- C:\Users\Viera\AppData\Roaming\skypePM
2013-11-30 11:08:18 ----D---- C:\Windows\system32\drivers
2013-11-29 20:35:45 ----D---- C:\Windows\winsxs
2013-11-29 20:35:37 ----A---- C:\Windows\system32\aswBoot.exe
2013-11-27 13:44:57 ----D---- C:\Windows\system32\catroot2
2013-11-16 17:00:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-16 08:35:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-11-13 06:14:21 ----D---- C:\Windows\rescache
2013-11-13 05:38:51 ----D---- C:\Windows\system32\migration
2013-11-13 05:38:51 ----D---- C:\Program Files\Internet Explorer
2013-11-13 05:38:50 ----D---- C:\Windows\system32\sk-SK
2013-11-13 05:36:54 ----D---- C:\Windows\system32\catroot
2013-11-13 05:33:27 ----D---- C:\Windows\system32\MRT
2013-11-13 05:28:14 ----A---- C:\Windows\system32\mrt.exe
2013-11-11 05:50:18 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-29 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-11-29 178304]
R1 AswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2013-11-29 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-11-29 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-11-29 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-11-29 57672]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-31 243128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-11-29 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-11-29 70384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 350720]
R3 SiS6350;SiS6350; C:\Windows\system32\DRIVERS\SISGRKMD.sys [2007-08-24 452096]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSGB6.sys [2008-05-02 48128]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101632]
S3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-04-06 40776]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-29 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-16 257416]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-15 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spomaleny internet a problemy s vypinanim
zdravim.teraz som zapla notebook a ked som chcela spustit firefox tak mi nabehla len spodna a vrchna lista, medzitym bolo normalne vidiet plochu, nato vsetko zmrzlo, pocitac sa zase nechcel vypnut, tak som ho vypla natvrdo a po opatovnom zapnuti nabehlo vsetko normalne.
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Pravděpodobně nějaký bug. Koukneme se na disk. Stáhněte, nainstalujte a pusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spomaleny internet a problemy s vypinanim
----------------------------------------------------------------------------
CrystalDiskInfo 6.0.2 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2013/12/06 7:07:07
-- Controller Map ----------------------------------------------------------
+ SiS PCI IDE Controller [ATA]
+ IDE Channel (0)
- TSSTcorp CDDVDW TS-L632H ATA Device
+ Standard Dual Channel PCI IDE Controller [ATA]
+ IDE Channel (0)
- FUJITSU MHY2200BH ATA Device
- IDE Channel (1)
- Microsoft iSCSI Initiator [SCSI]
-- Disk List ---------------------------------------------------------------
(1) FUJITSU MHY2200BH : 200,0 GB [0/1/0, pd1]
----------------------------------------------------------------------------
(1) FUJITSU MHY2200BH
----------------------------------------------------------------------------
Model : FUJITSU MHY2200BH
Firmware : 0000000B
Serial Number : K406T8629JNY
Disk Size : 200,0 GB (8,4/137,4/200,0/200,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 390721968
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : ---- | SATA/150
Power On Hours : 13178 hours
Power On Count : 3994 count
Temparature : 32 C (89 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : FEFEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _46 00000002E38A Read Error Rate
02 100 100 _30 000002B50000 Throughput Performance
03 100 100 _25 000000000001 Spin-Up Time
04 _99 _99 __0 0000000011A9 Start/Stop Count
05 100 100 _24 07D000000000 Reallocated Sectors Count
07 100 100 _47 00000000077B Seek Error Rate
08 100 100 _19 000000000000 Seek Time Performance
09 _74 _74 __0 00000000337A Power-On Hours
0A 100 100 _20 000000000000 Spin Retry Count
0C 100 100 __0 000000000F9A Power Cycle Count
C0 100 100 __0 0000000000CC Power-off Retract Count
C1 _98 _98 __0 00000000D282 Load/Unload Cycle Count
C2 100 100 __0 003C000D0020 Temperature
C3 100 100 __0 000000000024 Hardware ECC recovered
C4 100 100 __0 00001B700000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 253 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 _60 000000003AD3 Write Error Rate
CB 100 100 __0 0264031B0664 Run Out Cancel
F0 200 200 __0 000000000000 Head Flying Hours
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 4B34 3036 5438 3632 394A 4E59
020: 0003 4000 0000 3030 3030 3030 3042 4655 4A49 5453
030: 5520 4D48 5932 3230 3042 4820 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 004C 0040
080: 01F8 0042 346B 7F09 6163 3069 BF09 6163 203F 0064
090: 0000 4080 FFFE 0000 FEFE 0000 0000 0000 0000 0000
100: F1B0 1749 0000 0000 0000 0000 4000 0000 5000 00E0
110: 4230 2295 0000 0000 0000 0000 0000 0000 0000 401D
120: 401C 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 03D5 0000 0000 0000 4004 4000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0B00 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D2A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 8A E3 02 00 00 00 00 02 05
010: 00 64 64 00 00 B5 02 00 00 00 03 03 00 64 64 01
020: 00 00 00 00 00 00 04 32 00 63 63 A9 11 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 D0 07 00 07 0F
040: 00 64 64 7B 07 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 4A 4A 7A 33 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 9A 0F 00 00 00 00 00 C0 32 00 64 64 CC
080: 00 00 00 00 00 00 C1 32 00 62 62 82 D2 00 00 00
090: 00 00 C2 22 00 64 64 20 00 0D 00 3C 00 00 C3 1A
0A0: 00 64 64 24 00 00 00 00 00 00 C4 32 00 64 64 00
0B0: 00 70 1B 00 00 00 C5 12 00 64 64 00 00 00 00 00
0C0: 00 00 C6 10 00 64 64 00 00 00 00 00 00 00 C7 3E
0D0: 00 C8 FD 00 00 00 00 00 00 00 C8 0F 00 64 64 D3
0E0: 3A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CB 02
100: 00 64 64 64 06 1B 03 64 02 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F0 3E
130: 00 C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2B 03 00 7B
170: 03 00 01 00 02 73 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 1D 06 00 00 1A 00 1E 00 B0 14 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00
1F0: 00 00 00 00 00 00 FF FF FF FF FF FF A8 18 00 C9
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2E 00 00 00 00 00 00 00 00 00 00 02 1E
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 18 00 00 00 00 00 00 00 00 00 00 07 2F
040: 00 00 00 00 00 00 00 00 00 00 08 13 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 14 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 3C 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CB 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F0 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05
CrystalDiskInfo 6.0.2 (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium SP2 [6.0 Build 6002] (x86)
Date : 2013/12/06 7:07:07
-- Controller Map ----------------------------------------------------------
+ SiS PCI IDE Controller [ATA]
+ IDE Channel (0)
- TSSTcorp CDDVDW TS-L632H ATA Device
+ Standard Dual Channel PCI IDE Controller [ATA]
+ IDE Channel (0)
- FUJITSU MHY2200BH ATA Device
- IDE Channel (1)
- Microsoft iSCSI Initiator [SCSI]
-- Disk List ---------------------------------------------------------------
(1) FUJITSU MHY2200BH : 200,0 GB [0/1/0, pd1]
----------------------------------------------------------------------------
(1) FUJITSU MHY2200BH
----------------------------------------------------------------------------
Model : FUJITSU MHY2200BH
Firmware : 0000000B
Serial Number : K406T8629JNY
Disk Size : 200,0 GB (8,4/137,4/200,0/200,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 390721968
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : ---- | SATA/150
Power On Hours : 13178 hours
Power On Count : 3994 count
Temparature : 32 C (89 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : FEFEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _46 00000002E38A Read Error Rate
02 100 100 _30 000002B50000 Throughput Performance
03 100 100 _25 000000000001 Spin-Up Time
04 _99 _99 __0 0000000011A9 Start/Stop Count
05 100 100 _24 07D000000000 Reallocated Sectors Count
07 100 100 _47 00000000077B Seek Error Rate
08 100 100 _19 000000000000 Seek Time Performance
09 _74 _74 __0 00000000337A Power-On Hours
0A 100 100 _20 000000000000 Spin Retry Count
0C 100 100 __0 000000000F9A Power Cycle Count
C0 100 100 __0 0000000000CC Power-off Retract Count
C1 _98 _98 __0 00000000D282 Load/Unload Cycle Count
C2 100 100 __0 003C000D0020 Temperature
C3 100 100 __0 000000000024 Hardware ECC recovered
C4 100 100 __0 00001B700000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 253 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 _60 000000003AD3 Write Error Rate
CB 100 100 __0 0264031B0664 Run Out Cancel
F0 200 200 __0 000000000000 Head Flying Hours
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 4B34 3036 5438 3632 394A 4E59
020: 0003 4000 0000 3030 3030 3030 3042 4655 4A49 5453
030: 5520 4D48 5932 3230 3042 4820 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0702 0000 004C 0040
080: 01F8 0042 346B 7F09 6163 3069 BF09 6163 203F 0064
090: 0000 4080 FFFE 0000 FEFE 0000 0000 0000 0000 0000
100: F1B0 1749 0000 0000 0000 0000 4000 0000 5000 00E0
110: 4230 2295 0000 0000 0000 0000 0000 0000 0000 401D
120: 401C 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 03D5 0000 0000 0000 4004 4000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0B00 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D2A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 8A E3 02 00 00 00 00 02 05
010: 00 64 64 00 00 B5 02 00 00 00 03 03 00 64 64 01
020: 00 00 00 00 00 00 04 32 00 63 63 A9 11 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 D0 07 00 07 0F
040: 00 64 64 7B 07 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 4A 4A 7A 33 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 9A 0F 00 00 00 00 00 C0 32 00 64 64 CC
080: 00 00 00 00 00 00 C1 32 00 62 62 82 D2 00 00 00
090: 00 00 C2 22 00 64 64 20 00 0D 00 3C 00 00 C3 1A
0A0: 00 64 64 24 00 00 00 00 00 00 C4 32 00 64 64 00
0B0: 00 70 1B 00 00 00 C5 12 00 64 64 00 00 00 00 00
0C0: 00 00 C6 10 00 64 64 00 00 00 00 00 00 00 C7 3E
0D0: 00 C8 FD 00 00 00 00 00 00 00 C8 0F 00 64 64 D3
0E0: 3A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CB 02
100: 00 64 64 64 06 1B 03 64 02 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F0 3E
130: 00 C8 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2B 03 00 7B
170: 03 00 01 00 02 73 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 1D 06 00 00 1A 00 1E 00 B0 14 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00
1F0: 00 00 00 00 00 00 FF FF FF FF FF FF A8 18 00 C9
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2E 00 00 00 00 00 00 00 00 00 00 02 1E
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 18 00 00 00 00 00 00 00 00 00 00 07 2F
040: 00 00 00 00 00 00 00 00 00 00 08 13 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 14 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 3C 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CB 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F0 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Disk je OK. Pokud problém trvá, spusťte ComboFix a dejte log:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: spomaleny internet a problemy s vypinanim
ComboFix 13-12-07.01 - Viera . 12. 2013 16:11:40.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.1916.1265 [GMT 1:00]
Running from: c:\users\Viera\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Viera\AppData\Roaming\Microsoft\~DFK7d2c7e.tmp
c:\users\Viera\AppData\Roaming\Microsoft\AdjMmsVista.dll
c:\users\Viera\AppData\Roaming\Microsoft\bass.dll
c:\users\Viera\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Viera\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Viera\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Viera\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Viera\AppData\Roaming\Microsoft\rsaadjd.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-11-07 to 2013-12-07 )))))))))))))))))))))))))))))))
.
.
2013-12-06 07:03 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0FBA3D06-0938-4562-A31A-B17E9C6F43EA}\mpengine.dll
2013-12-06 06:10 . 2013-12-06 06:10 -------- d-----w- c:\users\Viera\AppData\Roaming\TuneUp Software
2013-12-06 06:07 . 2013-12-06 06:11 -------- d-----w- c:\programdata\TuneUp Software
2013-12-06 06:07 . 2013-12-06 06:07 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-06 06:03 . 2013-12-06 06:03 -------- d-----w- c:\program files\CrystalDiskInfo
2013-12-06 06:03 . 2013-12-06 06:03 -------- d-----w- c:\users\Viera\AppData\Roaming\OpenCandy
2013-12-04 21:21 . 2013-12-04 21:22 -------- d-----w- C:\AdwCleaner
2013-12-04 06:21 . 2013-12-04 06:21 -------- d-----w- C:\db91fb63deb07e9b45ed8574
2013-11-30 10:09 . 2013-11-30 10:09 -------- d-----w- c:\users\Viera\AppData\Roaming\AVAST Software
2013-11-29 19:30 . 2013-11-29 19:30 -------- d-----w- c:\programdata\AVAST Software
2013-11-13 04:35 . 2013-10-13 09:35 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-13 04:26 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll
2013-11-13 04:26 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 04:26 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 04:26 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-29 19:35 . 2013-04-06 15:20 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-29 19:35 . 2013-04-06 15:20 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-29 19:35 . 2013-04-06 15:20 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-29 19:35 . 2013-04-06 15:20 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-29 19:35 . 2013-04-06 15:20 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-29 19:35 . 2013-04-06 15:20 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-29 19:35 . 2013-04-06 15:20 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-11-29 19:35 . 2013-04-06 15:20 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-29 19:35 . 2013-04-06 15:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-29 19:35 . 2013-04-06 15:18 43152 ----a-w- c:\windows\avastSS.scr
2013-11-16 07:35 . 2012-04-04 18:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-16 07:35 . 2011-05-17 16:25 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-11 04:50 . 2010-03-15 00:32 230048 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-29 19:35 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2007-08-24 552960]
"RtHDVCpl"="RtHDVCpl.exe" [2007-11-14 4706304]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-29 3568312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3725892672-3043224248-1115301474-1000]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 07:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 208.67.220.220 208.67.222.222
FF - ProfilePath - c:\users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxps://www.google.sk/
FF - ExtSQL: 2019-09-25 22:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-30 14:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-07 16:36
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-12-07 16:40:01
ComboFix-quarantined-files.txt 2013-12-07 15:39
.
Pre-Run: 43 705 122 816 bytes free
Post-Run: 43 394 850 816 bytes free
.
- - End Of File - - 5A4E480647AA9900D8CD43F3FDEC82BF
E676F472A91B962D085485EEC761F651
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.1916.1265 [GMT 1:00]
Running from: c:\users\Viera\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Viera\AppData\Roaming\Microsoft\~DFK7d2c7e.tmp
c:\users\Viera\AppData\Roaming\Microsoft\AdjMmsVista.dll
c:\users\Viera\AppData\Roaming\Microsoft\bass.dll
c:\users\Viera\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Viera\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Viera\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Viera\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Viera\AppData\Roaming\Microsoft\rsaadjd.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-11-07 to 2013-12-07 )))))))))))))))))))))))))))))))
.
.
2013-12-06 07:03 . 2013-11-08 01:15 7772552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0FBA3D06-0938-4562-A31A-B17E9C6F43EA}\mpengine.dll
2013-12-06 06:10 . 2013-12-06 06:10 -------- d-----w- c:\users\Viera\AppData\Roaming\TuneUp Software
2013-12-06 06:07 . 2013-12-06 06:11 -------- d-----w- c:\programdata\TuneUp Software
2013-12-06 06:07 . 2013-12-06 06:07 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-06 06:03 . 2013-12-06 06:03 -------- d-----w- c:\program files\CrystalDiskInfo
2013-12-06 06:03 . 2013-12-06 06:03 -------- d-----w- c:\users\Viera\AppData\Roaming\OpenCandy
2013-12-04 21:21 . 2013-12-04 21:22 -------- d-----w- C:\AdwCleaner
2013-12-04 06:21 . 2013-12-04 06:21 -------- d-----w- C:\db91fb63deb07e9b45ed8574
2013-11-30 10:09 . 2013-11-30 10:09 -------- d-----w- c:\users\Viera\AppData\Roaming\AVAST Software
2013-11-29 19:30 . 2013-11-29 19:30 -------- d-----w- c:\programdata\AVAST Software
2013-11-13 04:35 . 2013-10-13 09:35 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-13 04:26 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll
2013-11-13 04:26 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 04:26 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 04:26 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-29 19:35 . 2013-04-06 15:20 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-29 19:35 . 2013-04-06 15:20 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-29 19:35 . 2013-04-06 15:20 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-29 19:35 . 2013-04-06 15:20 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-29 19:35 . 2013-04-06 15:20 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-29 19:35 . 2013-04-06 15:20 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-29 19:35 . 2013-04-06 15:20 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-11-29 19:35 . 2013-04-06 15:20 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-29 19:35 . 2013-04-06 15:20 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-29 19:35 . 2013-04-06 15:18 43152 ----a-w- c:\windows\avastSS.scr
2013-11-16 07:35 . 2012-04-04 18:47 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-16 07:35 . 2011-05-17 16:25 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-11 04:50 . 2010-03-15 00:32 230048 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-29 19:35 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2007-08-24 552960]
"RtHDVCpl"="RtHDVCpl.exe" [2007-11-14 4706304]
"Skytel"="Skytel.exe" [2007-10-11 1826816]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-29 3568312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3725892672-3043224248-1115301474-1000]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 07:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 208.67.220.220 208.67.222.222
FF - ProfilePath - c:\users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxps://www.google.sk/
FF - ExtSQL: 2019-09-25 22:40; {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}; c:\users\Viera\AppData\Roaming\Mozilla\Firefox\Profiles\j5a98b64.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF - ExtSQL: !HIDDEN! 2010-03-30 14:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-07 16:36
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-12-07 16:40:01
ComboFix-quarantined-files.txt 2013-12-07 15:39
.
Pre-Run: 43 705 122 816 bytes free
Post-Run: 43 394 850 816 bytes free
.
- - End Of File - - 5A4E480647AA9900D8CD43F3FDEC82BF
E676F472A91B962D085485EEC761F651
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny internet a problemy s vypinanim
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?