Postupné zpomalování a sekání se PC

[mlzd]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Wow at 2014-02-23 15:14:03
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 227 GB (62%) free of 368 GB
Total RAM: 3056 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:14:13, on 23.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Servant Salamander 2.0\salamand.exe
C:\Program Files\trend micro\Wow.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.182.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.182.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.182.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.182.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WDFME (WDFMEService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRules (WDRulesService) - Western Digital - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7741 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\System32\svchost.exe -k yksvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe"
"C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2264
"C:\Program Files\Western Digital\WD SmartWare\WDFME.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-570fb024-07f3-4c2d-afa6-b71d42189a56 -SystemEventPortName:HostProcess-3fd51f7b-ccd4-4ab9-90a4-2b98b3ab0181 -IoCancelEventPortName:HostProcess-53eb5cc5-215b-4ad8-a4e9-cae49a4e4c06 -NonStateChangingEventPortName:HostProcess-0d245a9b-4154-49da-89e1-b1e20e037050 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3a7b25ec-4161-46a4-9f78-ede541e99727 -DeviceGroupId:WpdFsGroup
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\vsnpstd3.exe"
"C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Servant Salamander 2.0\salamand.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Internet_safety\Viry_RSIT\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Wow\AppData\Roaming\Mozilla\Firefox\Profiles\ve2ispyc.default-1368026474286

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5]
"Description"=A component of your photo software powered by RocketLife
"Path"=C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Wow\AppData\Roaming\Mozilla\Firefox\Profiles\ve2ispyc.default-1368026474286\extensions\
adsremoval@adsremoval.net

C:\Users\Wow\AppData\Roaming\Mozilla\Firefox\Profiles\ve2ispyc.default-1368026474286\searchplugins\
peklada-google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-04 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-04 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-02-04 1390368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-04 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-20 7981088]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecLiveUpdate]
c:\program files (x86)\egistec egis software update\egisupdate.exe [2009-08-04 199464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
C:\Windows\tsnpstd3.exe [2007-03-30 262144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280]
"Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-04 3767096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit -
.txt - open - NotePad.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-23 15:14:03 ----D---- C:\rsit
2014-02-20 23:23:25 ----A---- C:\AdwCleaner[R42].txt
2014-02-19 19:40:05 ----D---- C:\Program Files\Defraggler
2014-02-19 19:22:01 ----SHD---- C:\$RECYCLE.BIN
2014-02-16 04:14:06 ----D---- C:\Windows\erdnt
2014-02-14 23:38:22 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2014-02-14 23:38:05 ----A---- C:\Windows\system32\drivers\aswndisflt.sys
2014-02-14 09:13:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-02-13 23:54:23 ----D---- C:\Config.Msi
2014-02-13 23:51:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-02-13 23:51:53 ----A---- C:\Windows\system32\vbscript.dll
2014-02-13 23:50:52 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-02-13 23:50:52 ----A---- C:\Windows\system32\msrating.dll
2014-02-13 23:50:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-02-13 23:50:50 ----A---- C:\Windows\system32\ieui.dll
2014-02-13 23:50:49 ----A---- C:\Windows\system32\iernonce.dll
2014-02-13 23:50:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 23:50:49 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-13 23:50:48 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-02-13 23:50:48 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-13 23:50:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-02-13 23:50:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-02-13 23:50:47 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-13 23:50:46 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-02-13 23:50:46 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-02-13 23:50:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-02-13 23:50:46 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-13 23:50:46 ----A---- C:\Windows\system32\iesetup.dll
2014-02-13 23:50:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-13 23:50:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-13 23:50:44 ----A---- C:\Windows\system32\mshtml.dll
2014-02-13 23:50:43 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-02-13 23:50:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-02-13 23:50:43 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-13 23:50:42 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-13 23:50:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-02-13 23:50:41 ----A---- C:\Windows\system32\iertutil.dll
2014-02-13 23:50:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-02-13 23:50:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-02-13 23:50:40 ----A---- C:\Windows\system32\wininet.dll
2014-02-13 23:50:40 ----A---- C:\Windows\system32\urlmon.dll
2014-02-13 23:50:36 ----A---- C:\Windows\system32\ieframe.dll
2014-02-13 23:50:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-02-13 23:50:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-02-13 23:50:30 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-02-13 23:50:28 ----A---- C:\Windows\system32\jscript9.dll
2014-02-13 19:47:50 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 19:47:48 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-02-13 19:47:48 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-02-13 19:47:48 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-13 19:47:43 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 19:47:42 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-02-13 19:47:42 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2014-02-13 19:47:42 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2014-02-13 19:47:42 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 19:47:42 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 19:47:42 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-13 19:47:41 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2014-02-13 19:47:41 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2014-02-13 19:47:41 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-13 19:47:41 ----A---- C:\Windows\system32\secproc.dll
2014-02-13 19:47:41 ----A---- C:\Windows\system32\msdrm.dll
2014-02-13 19:47:40 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2014-02-13 19:47:40 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2014-02-13 19:47:40 ----A---- C:\Windows\SYSWOW64\secproc.dll
2014-02-13 19:47:40 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2014-02-13 19:47:40 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 19:47:40 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-13 19:47:25 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-02-13 19:47:25 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-13 19:47:24 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-02-13 19:47:24 ----A---- C:\Windows\system32\d2d1.dll
2014-02-08 12:01:00 ----D---- C:\Users\Wow\AppData\Roaming\IrfanView
2014-02-04 23:42:43 ----D---- C:\Users\Wow\AppData\Roaming\Opera Software
2014-02-04 22:46:07 ----D---- C:\Users\Wow\AppData\Roaming\AVAST Software
2014-02-04 22:45:28 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-02-04 22:45:28 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-02-04 22:45:25 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-02-04 22:45:22 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-02-04 22:45:21 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-02-04 22:45:19 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-02-04 22:45:17 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-02-04 22:45:13 ----A---- C:\Windows\system32\aswBoot.exe
2014-02-04 22:45:02 ----A---- C:\Windows\avastSS.scr
2014-02-04 22:44:39 ----D---- C:\Program Files\AVAST Software
2014-02-04 22:43:22 ----D---- C:\ProgramData\AVAST Software
2014-02-03 19:41:47 ----D---- C:\Users\Wow\AppData\Roaming\Malwarebytes
2014-02-03 19:41:34 ----D---- C:\ProgramData\Malwarebytes
2014-02-03 19:41:33 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-03 19:41:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-01-29 20:38:04 ----A---- C:\autoexec.bat
2014-01-29 20:36:15 ----D---- C:\Program Files\Enigma Software Group

======List of files/folders modified in the last 1 month======

2014-02-23 15:14:13 ----D---- C:\Windows\Temp
2014-02-23 15:14:05 ----D---- C:\Program Files\trend micro
2014-02-23 15:03:36 ----D---- C:\ProgramData\NVIDIA
2014-02-23 15:01:16 ----D---- C:\Windows\system32\config
2014-02-22 01:37:11 ----D---- C:\ProgramData
2014-02-21 21:22:25 ----D---- C:\Users\Wow\AppData\Roaming\Winamp
2014-02-21 21:18:58 ----A---- C:\Windows\win.ini
2014-02-21 21:15:49 ----D---- C:\Users\Wow\AppData\Roaming\BitTorrent
2014-02-21 19:58:19 ----D---- C:\Users\Wow\AppData\Roaming\Skype
2014-02-20 23:20:35 ----AD---- C:\Windows
2014-02-19 19:40:05 ----D---- C:\Program Files
2014-02-19 19:18:55 ----SHD---- C:\System Volume Information
2014-02-19 19:17:39 ----D---- C:\Windows\system32\drivers
2014-02-19 18:00:39 ----RD---- C:\Program Files (x86)
2014-02-19 18:00:39 ----D---- C:\Windows\Tasks
2014-02-18 23:19:38 ----D---- C:\Windows\system32\catroot2
2014-02-18 19:29:48 ----D---- C:\Windows\rescache
2014-02-17 19:35:13 ----D---- C:\Windows\inf
2014-02-17 19:35:07 ----D---- C:\Windows\debug
2014-02-17 05:54:06 ----D---- C:\Windows\system32\MRT
2014-02-17 05:51:32 ----A---- C:\Windows\system32\MRT.exe
2014-02-16 15:33:24 ----D---- C:\ProgramData\ChessBase
2014-02-16 13:22:52 ----A---- C:\Windows\system.ini
2014-02-16 13:22:42 ----D---- C:\Windows\system32\drivers\etc
2014-02-16 13:10:46 ----D---- C:\Windows\SYSWOW64\drivers
2014-02-16 13:10:46 ----D---- C:\Windows\SysWOW64
2014-02-16 13:10:46 ----D---- C:\Windows\AppPatch
2014-02-16 13:10:45 ----D---- C:\Program Files (x86)\Common Files
2014-02-15 11:56:05 ----RSD---- C:\Windows\assembly
2014-02-15 11:56:05 ----D---- C:\Windows\Microsoft.NET
2014-02-14 23:39:02 ----D---- C:\Windows\system32\catroot
2014-02-14 23:39:01 ----D---- C:\Windows\system32\DriverStore
2014-02-14 23:38:24 ----D---- C:\Windows\system32\Tasks
2014-02-14 17:44:21 ----D---- C:\ProgramData\ProductData
2014-02-14 16:37:40 ----D---- C:\Program Files (x86)\IObit
2014-02-14 10:43:58 ----D---- C:\Windows\winsxs
2014-02-14 10:42:07 ----D---- C:\Windows\System32
2014-02-14 09:13:43 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 08:49:48 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-02-14 08:49:47 ----D---- C:\Windows\system32\cs-CZ
2014-02-14 08:49:47 ----D---- C:\Program Files (x86)\Internet Explorer
2014-02-14 08:49:46 ----D---- C:\Program Files\Internet Explorer
2014-02-14 00:15:46 ----SHD---- C:\Windows\Installer
2014-02-14 00:14:49 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-02-14 00:14:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-13 14:55:58 ----D---- C:\Program Files (x86)\Opera
2014-02-11 21:16:05 ----A---- C:\Windows\wincmd.ini
2014-02-08 11:56:51 ----D---- C:\Program Files (x86)\Adobe
2014-02-06 14:32:14 ----D---- C:\Program Files (x86)\CCleaner
2014-02-05 19:59:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-05 13:23:41 ----D---- C:\Windows\SoftwareDistribution
2014-02-04 22:45:58 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-02-04 22:40:15 ----SD---- C:\ProgramData\Microsoft
2014-02-04 22:39:34 ----D---- C:\ProgramData\f-secure
2014-02-03 19:49:13 ----D---- C:\ProgramData\DSearchLink
2014-02-02 20:55:57 ----D---- C:\Program Files\SUPERAntiSpyware
2014-01-31 14:54:37 ----D---- C:\Windows\system32\NDF
2014-01-29 23:16:58 ----SD---- C:\Users\Wow\AppData\Roaming\Microsoft
2014-01-29 21:14:08 ----D---- C:\Users\Wow\AppData\Roaming\iPumper
2014-01-29 17:54:20 ----D---- C:\Windows\Prefetch
2014-01-27 22:34:10 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-04 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-04 207904]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswKbd;aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [2014-02-14 28184]
R1 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2014-02-18 440672]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-04 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-04 1038072]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-04 421704]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-04 78648]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-04 80184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-20 1831968]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-06-26 83488]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-04-03 10535040]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-11 1208320]
S3 atikmdag;atikmdag; C:\Windows\system32\drivers\atikmdag.sys [2009-07-13 5020672]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pcwe;pcwe; \??\D:\Programy_system\PC_Wizard\pcw86-64.sys [2004-12-04 7680]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-05-02 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-05-02 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-04 50344]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-02-14 113704]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-12 62208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 WDDMService;WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [2011-12-15 319384]
R2 WDFMEService;WDFME; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-12-15 1977224]
R2 WDRulesService;WDRules; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-12-15 1338264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R2 yksvc;Marvell Yukon Service; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-14 118896]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-15 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Crystal disk info: hlásí DISK NENALEZEN a všechna pole jsou prázdná.

[Márty84]

Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

[mlzd]

Po 168 minutovém scanu disku všechny čtverečky zelené, ale pod záložkou HEALTH se neobjevily žádné informace.

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
esgiguard

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\ProgramData\f-secure

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[mlzd]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Wow
->Temp folder emptied: 7098015 bytes
->Temporary Internet Files folder emptied: 1825047 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 110599766 bytes
->Google Chrome cache emptied: 70496171 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 3870 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1051403764 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 16930798 bytes

Total Files Cleaned = 1 200,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Guest
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser

User: Wow
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service esgiguard stopped successfully!
Service esgiguard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\ProgramData\f-secure\setup folder moved successfully.
Folder move failed. C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36\Repository\TAR scheduled to be moved on reboot.
C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36\Repository\Samples folder moved successfully.
C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36\Repository\Info folder moved successfully.
C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36\Repository\Index folder moved successfully.
C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36\Repository folder moved successfully.
C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36 folder moved successfully.
C:\ProgramData\f-secure\logs\Tools folder moved successfully.
C:\ProgramData\f-secure\logs\sidegrade folder moved successfully.
C:\ProgramData\f-secure\logs\SECL folder moved successfully.
C:\ProgramData\f-secure\logs\removal folder moved successfully.
C:\ProgramData\f-secure\logs\ORSP Client folder moved successfully.
C:\ProgramData\f-secure\logs\MySA folder moved successfully.
C:\ProgramData\f-secure\logs\hotfix folder moved successfully.
C:\ProgramData\f-secure\logs\HIPS folder moved successfully.
C:\ProgramData\f-secure\logs\Gemini folder moved successfully.
C:\ProgramData\f-secure\logs\fstnb folder moved successfully.
C:\ProgramData\f-secure\logs\FSNID folder moved successfully.
C:\ProgramData\f-secure\logs\FSMA folder moved successfully.
C:\ProgramData\f-secure\logs\FSFW folder moved successfully.
C:\ProgramData\f-secure\logs\FSAV\Users folder moved successfully.
C:\ProgramData\f-secure\logs\FSAV folder moved successfully.
C:\ProgramData\f-secure\logs\DAAS2 folder moved successfully.
C:\ProgramData\f-secure\logs\daas folder moved successfully.
C:\ProgramData\f-secure\logs\custom folder moved successfully.
C:\ProgramData\f-secure\logs\CUIF folder moved successfully.
C:\ProgramData\f-secure\logs\ComputerSecurity\ULFW folder moved successfully.
C:\ProgramData\f-secure\logs\ComputerSecurity\setup folder moved successfully.
C:\ProgramData\f-secure\logs\ComputerSecurity\FSGUI folder moved successfully.
C:\ProgramData\f-secure\logs\ComputerSecurity\FirewallUtility folder moved successfully.
C:\ProgramData\f-secure\logs\ComputerSecurity folder moved successfully.
C:\ProgramData\f-secure\logs\CCFSettings folder moved successfully.
C:\ProgramData\f-secure\logs\CCFIPC folder moved successfully.
C:\ProgramData\f-secure\logs\CCF folder moved successfully.
C:\ProgramData\f-secure\logs\AUA folder moved successfully.
C:\ProgramData\f-secure\logs folder moved successfully.
C:\ProgramData\f-secure\Daas2\revocation folder moved successfully.
C:\ProgramData\f-secure\Daas2\keys folder moved successfully.
C:\ProgramData\f-secure\Daas2\crl folder moved successfully.
C:\ProgramData\f-secure\Daas2 folder moved successfully.
C:\ProgramData\f-secure folder moved successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 02252014_130248

Files moved on Reboot...
C:\Users\Wow\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Wow\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\Windows\temp\etilqs_4K9xq40O4idVH98dIJ0p moved successfully.
C:\Windows\temp\etilqs_6dZzGxl11qjGEo3HCFro moved successfully.
C:\Windows\temp\etilqs_DqLxCBhPoSh0bM0x4bTj moved successfully.
C:\Windows\temp\etilqs_Ic83uemCHwrz6gi9cPcw moved successfully.
C:\Windows\temp\etilqs_k7bZaeeTPSmhXRW1oJfp moved successfully.
C:\Windows\temp\etilqs_m5xKLnjDdlDeImgFppjI moved successfully.
C:\Windows\temp\etilqs_rGgddi5LJZjUxbZ0fs00 moved successfully.
C:\Windows\temp\etilqs_TLSLWpnWcBnrOUkFEK8Y moved successfully.
File C:\ProgramData\f-secure\Quarantine_2014-02-04_22.36\Repository\TAR not found!

Registry entries deleted on Reboot...


-------------------------------------------------
Zmizel mi správce Servant Salamander. Že by to byl taky potížista?

[Márty84]

Pokud se podivate na vypis smazanych veci, neuvidite ho, cili ja ho na svedomi nemam

Nastala nejaka zmena?

[mlzd]

Především bych se chtěl omluvit, že Vás tady takhle trápím a už to asi skoro vypadá tak, že si vymýšlím.
Zapnu PC a libuji si jaká to paráda, balzámek na nervy. Pohoda však pomalu začíná mizet, když čas spuštění PC blíží se k 1,5 - 2h. Všechno se začíná zpomalovat, na kliknutí jsou hodně opožděné reakce u čehokoliv, načítání stránky na etapy, progamy hlásí že neodpovídají... Nakonec se na tom nedá dělat - nutný restart. I vypnutí PC trvá neuvěřitelně dlouho s ukončováním programů na pozadí....

Díky za trpělivost se mnou a za dosud poskytnuté rady a pokyny!!

[Márty84]

Kdyz za celou dobu nespustite internet, taky se pocitac za ty 2 hodiny zpomali? Ja uz nemam co mazat, logy vypadaji ciste

[JaRon]

kolega Ti to vycistil dokonale tam uz nie je co ,,,
nainstaluj nejaky SW na sledovanie teploty a skontroluj CPU prip. GPU

[mlzd]

Ano, zkusím to bez připojení na net a dám vědět.
Včera mě napadlo otestovat teplotu s CPUThermometer a ukazovalo to 33,5°.

[Márty84]

A dalsi teploty to neukazalo?

Zkuste SpeedFan http://www.stahuj.centrum.cz/utility_a_ ... /speedfan/ . Pri instalaci pozorne ctete, kdyby chtel do pc natahnout treba nejaky toolbar, nebo neco. Pokud ano, odmitnete a nainstalujte fakt jen samotny program.

[mlzd]

Dobrý večer. Ukázalo to ještě Core1, Core2. Tam byly hodnoty nestálé a vyšší. Zkusím ještě doporučené..

Jinak PC po 4 hodinách off-line v klidu, programy fungovaly jak měly, disk pracoval, když měl..
Při on-line neustále, šátrá, hrabe, šrotí, i když na PC nemám téměř nic spuštěného.

Dodatek 22:50h:
Ty šmejdi se snad nemohli dočkat až se připojím. Po 35 minutách on-line už jsem ani nedopsal mail. Písmenka se objevovala snad s několikavteřinovým zpožděním, až vůbec ne. Nic nereagovalo... Restart. Teď to zase chvíli poběží. (Než to vyhodím z balkónu - bydlím v šestce)

-------------------------------------

[JaRon]

tak teplotou to nebude ,,,
spust taskmgr zorad procesy podla zataze CPU a ked prejde PC do stavu spomalenia opis kolegovi prve tri, ktore najviac zatazuju CPU = %

[mlzd]

Ano, otestuji i toto. Dnes se ale k PC nedostanu na delší dobu a přes víkend budu na cestách. Ozvu se po neděli. Zatím nashle.

Tak ještě aspoň toto:

[JaRon]

na zaklade prilozeneho obrazku doporucujem skusit:
•uninstall WD SmartWare from your computer using the Control Panel applet "Add/Remove programs"