NB, který má problém se spouštěním

[Phreak]

Dobrý den,
prosím o kontrolu logu z notebooku, který má problém se spouštěním.

Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by SYSTEM on MININT-TE672BE on 23-04-2014 18:43:57
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-07-31] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-04] (Acer Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe [327680 2012-04-05] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [3372328 2010-01-05] (SMART Technologies)
HKLM-x32\...\Run: [SMART SNMP Agent] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe [1053992 2010-01-05] (SMART Technologies ULC)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Runonce: [!BingBar] - "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2" [X]
HKLM-x32\...\RunOnce: [wextract_cleanup0] - rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\acer\AppData\Local\Temp\IXP000.TMP\" [126464 2009-07-14] (Microsoft Corporation)
HKU\acer\...\Run: [reboot] => \Users\acer\reboot.cmd
HKU\acer\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\acer\...\Run: [Epson Stylus SX420W(Síť)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\acer\...\Run: [cz.seznam.software.autoupdate] => C:\Users\acer\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\acer\...\Run: [cz.seznam.software.szndesktop] => C:\Users\acer\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\acer\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2013-11-14] (NETGEAR Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Guest\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\Guest\...\Run: [NVIDIA driver monitor] => c:\users\public\nvsvc32.exe
HKU\Guest\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3885408 2009-02-06] (Microsoft Corporation)
HKU\Guest\...\Run: [Akamai NetSession Interface] => C:\Users\Guest\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\Guest\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKU\Guest\...\Run: [Facebook Update] => C:\Users\Guest\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-23] (Facebook Inc.)
HKU\Guest\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\Guest\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Guest\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\Guest\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Guest\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) =================

S2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 mitsijm2011; C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [673792 2010-01-23] ()
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
S2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-11-14] (NETGEAR)
S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll [X]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-28] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-28] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-28] ()
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)
S3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)
S2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-12-26] (CACE Technologies, Inc.)
S3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [12584 2009-12-15] (SMART Technologies ULC)
S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [15784 2009-12-15] (SMART Technologies ULC)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [18432 2009-12-15] (SMART Technologies ULC)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 18:42 - 2014-04-23 18:43 - 00000000 ____D () C:\FRST
2014-04-23 17:14 - 2014-04-23 17:14 - 00028672 _____ () C:\bcdbackup
2014-04-23 17:14 - 2014-04-23 17:14 - 00025600 ___SH () C:\bcdbackup.LOG
2014-04-21 22:22 - 2014-04-23 16:52 - 00028672 _____ () C:\bcd_backup
2014-04-21 22:22 - 2014-04-23 16:52 - 00025600 ___SH () C:\bcd_backup.LOG
2014-04-06 12:20 - 2014-04-06 12:20 - 00003288 ____N () C:\bootsqm.dat

==================== One Month Modified Files and Folders =======

2014-04-23 18:43 - 2014-04-23 18:42 - 00000000 ____D () C:\FRST
2014-04-23 17:14 - 2014-04-23 17:14 - 00028672 _____ () C:\bcdbackup
2014-04-23 17:14 - 2014-04-23 17:14 - 00025600 ___SH () C:\bcdbackup.LOG
2014-04-23 16:52 - 2014-04-21 22:22 - 00028672 _____ () C:\bcd_backup
2014-04-23 16:52 - 2014-04-21 22:22 - 00025600 ___SH () C:\bcd_backup.LOG
2014-04-06 12:20 - 2014-04-06 12:20 - 00003288 ____N () C:\bootsqm.dat

Some content of TEMP:
====================
C:\Users\acer\AppData\Local\Temp\AcDeltree.exe
C:\Users\acer\AppData\Local\Temp\AskSLib.dll
C:\Users\acer\AppData\Local\Temp\AutoRun.exe
C:\Users\acer\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\acer\AppData\Local\Temp\COMAP.EXE
C:\Users\acer\AppData\Local\Temp\drm_dyndata_7360010.dll
C:\Users\acer\AppData\Local\Temp\eauninstall.exe
C:\Users\acer\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\acer\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\acer\AppData\Local\Temp\InstallAX.exe
C:\Users\acer\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\acer\AppData\Local\Temp\setup.exe
C:\Users\acer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\acer\AppData\Local\Temp\The Sims 2 Double Deluxe_uninst.exe
C:\Users\acer\AppData\Local\Temp\vcredist9_x86.exe
C:\Users\acer\AppData\Local\Temp\VP6Install.exe
C:\Users\acer\AppData\Local\Temp\VP6VFW.dll
C:\Users\acer\AppData\Local\Temp\wmfdist.exe
C:\Users\acer\AppData\Local\Temp\_isECE0.exe
C:\Users\Guest\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Guest\AppData\Local\Temp\drm_dyndata_7360010.dll
C:\Users\Guest\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Guest\AppData\Local\Temp\SkypeSetup.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 4094.36 MB
Available physical RAM: 3429.97 MB
Total Pagefile: 4092.56 MB
Available Pagefile: 3425.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:453.94 GB) (Free:282.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:2.13 GB) NTFS
Drive f: (Sims2DoubleDeluxe) (CDROM) (Total:4.34 GB) (Free:0 GB) UDF
Drive g: () (Removable) (Total:7.53 GB) (Free:4.47 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2E262E25)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=454 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-03-10 21:56

==================== End Of Log ============================

[Rudy]

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe [327680 2012-04-05] (Zemi Interactive Inc.)
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Gameforge4D
C:\Program Files (x86)\Microsoft\BingBar
HKLM-x32\...\Runonce: [!BingBar] - "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2" [X]
HKLM-x32\...\RunOnce: [wextract_cleanup0] - rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\acer\AppData\Local\Temp\IXP000.TMP\" [126464 2009-07-14] (Microsoft Corporation)
HKU\acer\...\Run: [reboot] => \Users\acer\reboot.cmd
HKU\acer\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\Guest\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\Guest\...\Run: [Akamai NetSession Interface] => C:\Users\Guest\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
C:\Users\Guest\AppData\Local\Akamai
HKU\Guest\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKU\Guest\...\Run: [Facebook Update] => C:\Users\Guest\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-23] (Facebook Inc.)
C:\ProgramData\Badoo
C:\Users\Guest\AppData\Local\Facebook\Update
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll [X]
C:\Users\acer\AppData\Local\Temp
End

Uložte do G:\ jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Phreak]

Dobrý den,
log viz níže.

Děkuji.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2014
Ran by SYSTEM at 2014-04-24 16:34:54 Run:1
Running from G:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story\PrePatch.exe [327680 2012-04-05] (Zemi Interactive Inc.)
C:\Program Files (x86)\Ask.com
C:\Program Files (x86)\Gameforge4D
C:\Program Files (x86)\Microsoft\BingBar
HKLM-x32\...\Runonce: [!BingBar] - "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2" [X]
HKLM-x32\...\RunOnce: [wextract_cleanup0] - rundll32.exe C:\Windows\system32\advpack.dll,DelNodeRunDLL32 "C:\Users\acer\AppData\Local\Temp\IXP000.TMP\" [126464 2009-07-14] (Microsoft Corporation)
HKU\acer\...\Run: [reboot] => \Users\acer\reboot.cmd
HKU\acer\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
HKU\Guest\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\Guest\...\Run: [Akamai NetSession Interface] => C:\Users\Guest\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
C:\Users\Guest\AppData\Local\Akamai
HKU\Guest\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
HKU\Guest\...\Run: [Facebook Update] => C:\Users\Guest\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-23] (Facebook Inc.)
C:\ProgramData\Badoo
C:\Users\Guest\AppData\Local\Facebook\Update
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_7de0ed9.dll [X]
C:\Users\acer\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\4StoryPrePatch => Value deleted successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
C:\Program Files (x86)\Gameforge4D => Moved successfully.
C:\Program Files (x86)\Microsoft\BingBar => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\!BingBar => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\wextract_cleanup0 => Value deleted successfully.
HKU\acer\Software\Microsoft\Windows\CurrentVersion\Run\\reboot => Value deleted successfully.
HKU\acer\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
C:\Program Files (x86)\Google\GoogleToolbarNotifier => Moved successfully.
HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Value deleted successfully.
C:\Users\Guest\AppData\Local\Akamai => Moved successfully.
HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\Badoo Desktop => Value deleted successfully.
HKU\Guest\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
"C:\ProgramData\Badoo" => File/Directory not found.
C:\Users\Guest\AppData\Local\Facebook\Update => Moved successfully.
McComponentHostService => Service deleted successfully.
Akamai => Service deleted successfully.
C:\Users\acer\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Phreak]

Dobrý den,
bohužel stále to samé - začnou nabíhat Windows, zobrazí se logo a poté jen černá obrazovka s kurzorem. NB nereaguje na stisk žádných kláves, s myší pohybovat lze. Pomocí konzoly pro obnovu jsem opravil spouštěcí záznam, vše se zdá být v pořádku, ale systém nenaběhne. Vyčerpal jsem všechny nápady, poslední možnost byla napadení virem nebo malwarem - to se zřejmě také nepotvrdilo...Zřejmě mi nezbude než reinstalovat.

Děkuji za Vaši pomoc.

[Rudy]

Ještě můžete dát log ComboFix. Lze ho spustit i v nouz. režimu:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Phreak]

Děkuji,
nyní se pokouším v Knoppixu zachránit alespoň nějaká data, až se to dokončí, zkusím spustit ComboFix a log sem vložím někdy během zítřka.

[Rudy]

OK. Uvidíme pak, co se ještě dá dělat.

[Phreak]

Dobrý den,
děkuji za dosavadní pomoc, ale nakonec jsem to byl nucen vzdát - musím v pondělí NB vrátit majiteli, zachránil jsem tedy co se dalo a přeinstaloval Windows.

[Rudy]

OK, také řešení. Nemáte zač!