Ahoj,
dceři před asi 2 dny přestal téměř pracovat notebook. Chybí asi aktualizace WIN, určitě tam bude spousta malware atd.
Počítač pomalu nabíhá, někdy se zasekne a nic nedělá, procesor ale neukazuje, že by byl nějaký extra vytížený.
Pustil jsem FRST a RSIT, přikládám log zatím z FRST...
Díky moc za pomoc...
----------------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2013 01
Ran by Ana (administrator) on ANA-NB on 07-12-2013 14:12:19
Running from C:\Users\Ana\Desktop
Windows 7 Home Premium (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-30] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [ActivControl] - C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [1240944 2010-12-17] (Promethean Technologies Group Ltd)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKCU\...\Run: [Google Update] - C:\Users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2009-12-25] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Ana\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-25] (Facebook Inc.)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {2f44b28b-4c58-11e2-9b45-00262d601e72} - E:\Startme.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-05] (Acer Corp.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [20131121] - C:\Program Files\Alwil Software\Avast5\Setup\emupdate\06389da6-2c95-460c-9c64-c78ac9b2c0cd.exe [180184 2013-11-23] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
Startup: C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Ana\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5851w362
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5851w362
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5851w362
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5851w362
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Desktop) - C:\Users\Ana\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Facebook Plugin) - C:\Users\Ana\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
CHR Plugin: (Facebook Plugin) - C:\Users\Ana\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Docs) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
S2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
==================== Drivers (Whitelisted) ====================
S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-07-25] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-07-25] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-07-25] ()
S3 AVerHybrid; C:\Windows\System32\drivers\averhbtv.sys [337280 2009-08-20] (AVerMedia TECHNOLOGIES, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-07 14:12 - 2013-12-07 14:12 - 00013784 _____ C:\Users\Ana\Desktop\FRST.txt
2013-12-07 14:12 - 2013-12-07 14:12 - 00000000 ____D C:\FRST
2013-12-07 13:31 - 2013-12-07 13:31 - 00000000 ____D C:\Program Files\trend micro
2013-12-07 13:30 - 2013-12-07 13:32 - 00000000 ____D C:\rsit
2013-12-07 13:25 - 2013-12-07 13:04 - 00935175 _____ C:\Users\Ana\Desktop\RSITx64.exe
2013-12-07 13:25 - 2013-12-07 12:52 - 01927360 _____ (Farbar) C:\Users\Ana\Desktop\FRST64.exe
2013-12-07 13:14 - 2013-12-07 12:55 - 00688992 _____ (Swearware) C:\Users\Ana\Desktop\dds.exe
2013-12-07 13:14 - 2013-12-06 18:34 - 01110034 _____ C:\Users\Ana\Desktop\AdwCleaner.exe
2013-12-06 22:55 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-12-06 22:55 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-12-06 22:55 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-12-06 22:55 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-12-06 22:55 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-12-06 22:55 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-12-06 22:55 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-12-06 22:55 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-12-06 22:42 - 2013-12-07 00:00 - 00000000 ___SD C:\ComboFix
2013-12-06 22:21 - 2013-12-06 22:45 - 00000000 ____D C:\Qoobox
2013-12-06 22:03 - 2013-12-06 18:32 - 05153080 ____R (Swearware) C:\ComboFix.exe
2013-12-06 21:37 - 2013-12-06 21:37 - 00000000 ____D C:\Windows\erdnt
2013-12-06 19:06 - 2013-12-06 19:39 - 00000000 ____D C:\AdwCleaner
2013-12-05 21:01 - 2013-12-05 21:01 - 00000000 ____D C:\Users\Ana\AppData\Roaming\RegGenie
2013-12-05 20:39 - 2013-12-05 21:51 - 00000000 ____D C:\Program Files (x86)\RegGenie
2013-12-05 20:39 - 2013-12-05 21:00 - 00003146 _____ C:\Windows\System32\Tasks\RegGenie Scheduler
2013-12-05 20:39 - 2013-12-05 20:39 - 00003158 _____ C:\Windows\System32\Tasks\RegGenie v3.0 - Step 2
2013-12-05 20:39 - 2013-12-05 20:39 - 00003144 _____ C:\Windows\System32\Tasks\RegGenie v3.0 - Step 1
2013-12-05 20:39 - 2011-03-08 03:30 - 00299544 _____ C:\Windows\RegGenieOnUninstall.exe
2013-12-02 10:59 - 2013-12-02 10:59 - 00000000 ____D C:\Windows\system32\SPReview
2013-12-01 16:54 - 2013-12-05 20:37 - 00000000 ____D C:\Users\Ana\AppData\Roaming\Helexis
2013-12-01 16:53 - 2013-12-01 16:53 - 00957428 _____ C:\Users\Ana\Downloads\sitepb20.zip
2013-11-21 19:45 - 2013-11-21 19:47 - 00000000 ____D C:\Users\Ana\Desktop\Mamma Mia
2013-11-21 19:30 - 2013-11-21 19:39 - 00000000 ____D C:\Users\Ana\Desktop\Návrh
2013-11-21 19:30 - 2013-11-21 19:30 - 00000000 ____D C:\Users\Ana\Desktop\Forrest Gump
2013-11-21 19:28 - 2013-11-21 19:39 - 00000000 ____D C:\Users\Ana\Desktop\Shes Out Of My League
2013-11-21 19:14 - 2013-11-21 19:14 - 00000000 ____D C:\Users\Ana\Desktop\Friends with Benefits
2013-11-21 19:12 - 2013-11-21 19:13 - 00000000 ____D C:\Users\Ana\Desktop\The English Teacher
2013-11-21 19:12 - 2013-11-21 19:12 - 00000000 ____D C:\Users\Ana\Desktop\Spring Breakers
2013-11-11 14:14 - 2013-11-11 14:17 - 00000000 ____D C:\d57e167567a3b859458b1ec9b22c
2013-11-09 12:26 - 2013-11-09 12:30 - 00000000 ____D C:\82c3f4731d786ff85fb815
2013-11-07 13:44 - 2013-11-07 13:44 - 00002030 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
==================== One Month Modified Files and Folders =======
2013-12-07 14:12 - 2013-12-07 14:12 - 00013784 _____ C:\Users\Ana\Desktop\FRST.txt
2013-12-07 14:12 - 2013-12-07 14:12 - 00000000 ____D C:\FRST
2013-12-07 14:00 - 2012-06-26 20:36 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-07 14:00 - 2009-11-04 09:45 - 01314586 _____ C:\Windows\WindowsUpdate.log
2013-12-07 13:32 - 2013-12-07 13:30 - 00000000 ____D C:\rsit
2013-12-07 13:31 - 2013-12-07 13:31 - 00000000 ____D C:\Program Files\trend micro
2013-12-07 13:31 - 2011-07-01 12:03 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-07 13:21 - 2009-12-25 10:33 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000UA.job
2013-12-07 13:10 - 2012-10-25 18:05 - 00000920 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000UA.job
2013-12-07 13:04 - 2013-12-07 13:25 - 00935175 _____ C:\Users\Ana\Desktop\RSITx64.exe
2013-12-07 13:03 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-07 13:03 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-07 12:55 - 2013-12-07 13:14 - 00688992 _____ (Swearware) C:\Users\Ana\Desktop\dds.exe
2013-12-07 12:52 - 2013-12-07 13:25 - 01927360 _____ (Farbar) C:\Users\Ana\Desktop\FRST64.exe
2013-12-07 12:47 - 2012-08-07 20:38 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-07 12:38 - 2011-07-01 12:03 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-07 12:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-07 12:38 - 2009-07-14 05:51 - 00132104 _____ C:\Windows\setupact.log
2013-12-07 12:37 - 2009-08-22 09:34 - 00797616 _____ C:\Windows\PFRO.log
2013-12-07 00:00 - 2013-12-06 22:42 - 00000000 ___SD C:\ComboFix
2013-12-06 22:45 - 2013-12-06 22:21 - 00000000 ____D C:\Qoobox
2013-12-06 21:37 - 2013-12-06 21:37 - 00000000 ____D C:\Windows\erdnt
2013-12-06 19:39 - 2013-12-06 19:06 - 00000000 ____D C:\AdwCleaner
2013-12-06 19:29 - 2009-12-25 14:42 - 00000000 ____D C:\ProgramData\ICQ
2013-12-06 19:17 - 2009-12-25 10:33 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000Core.job
2013-12-06 19:10 - 2012-10-25 18:05 - 00000898 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000Core.job
2013-12-06 18:34 - 2013-12-07 13:14 - 01110034 _____ C:\Users\Ana\Desktop\AdwCleaner.exe
2013-12-06 18:32 - 2013-12-06 22:03 - 05153080 ____R (Swearware) C:\ComboFix.exe
2013-12-06 18:19 - 2009-12-04 01:43 - 00097272 _____ C:\Users\Ana\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-06 18:17 - 2009-07-14 05:45 - 00388336 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-05 22:37 - 2009-07-14 05:45 - 00033792 _____ C:\Windows\system32\umstartup.etl
2013-12-05 21:51 - 2013-12-05 20:39 - 00000000 ____D C:\Program Files (x86)\RegGenie
2013-12-05 21:01 - 2013-12-05 21:01 - 00000000 ____D C:\Users\Ana\AppData\Roaming\RegGenie
2013-12-05 21:00 - 2013-12-05 20:39 - 00003146 _____ C:\Windows\System32\Tasks\RegGenie Scheduler
2013-12-05 20:42 - 2009-11-04 10:09 - 00622660 _____ C:\Windows\system32\perfh005.dat
2013-12-05 20:42 - 2009-11-04 10:09 - 00118810 _____ C:\Windows\system32\perfc005.dat
2013-12-05 20:42 - 2009-07-14 06:13 - 01445734 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-05 20:39 - 2013-12-05 20:39 - 00003158 _____ C:\Windows\System32\Tasks\RegGenie v3.0 - Step 2
2013-12-05 20:39 - 2013-12-05 20:39 - 00003144 _____ C:\Windows\System32\Tasks\RegGenie v3.0 - Step 1
2013-12-05 20:37 - 2013-12-01 16:54 - 00000000 ____D C:\Users\Ana\AppData\Roaming\Helexis
2013-12-02 14:52 - 2013-06-27 18:21 - 00000000 ____D C:\Users\Ana\Documents\Nová složka
2013-12-02 14:29 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-02 10:59 - 2013-12-02 10:59 - 00000000 ____D C:\Windows\system32\SPReview
2013-12-01 19:19 - 2010-12-25 19:20 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-01 16:53 - 2013-12-01 16:53 - 00957428 _____ C:\Users\Ana\Downloads\sitepb20.zip
2013-12-01 15:08 - 2009-12-04 01:43 - 00000000 ____D C:\Users\Ana
2013-11-30 12:03 - 2009-12-25 14:34 - 00000000 ____D C:\Users\Ana\AppData\Roaming\Skype
2013-11-26 21:28 - 2013-03-02 20:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-26 21:28 - 2009-12-25 14:34 - 00000000 ____D C:\ProgramData\Skype
2013-11-26 11:27 - 2012-03-01 20:37 - 00000000 ____D C:\Users\Ana\AppData\Roaming\vlc
2013-11-24 21:19 - 2009-12-25 17:29 - 00000000 ____D C:\Users\Ana\Documents\Škola
2013-11-21 19:47 - 2013-11-21 19:45 - 00000000 ____D C:\Users\Ana\Desktop\Mamma Mia
2013-11-21 19:39 - 2013-11-21 19:30 - 00000000 ____D C:\Users\Ana\Desktop\Návrh
2013-11-21 19:39 - 2013-11-21 19:28 - 00000000 ____D C:\Users\Ana\Desktop\Shes Out Of My League
2013-11-21 19:30 - 2013-11-21 19:30 - 00000000 ____D C:\Users\Ana\Desktop\Forrest Gump
2013-11-21 19:14 - 2013-11-21 19:14 - 00000000 ____D C:\Users\Ana\Desktop\Friends with Benefits
2013-11-21 19:13 - 2013-11-21 19:12 - 00000000 ____D C:\Users\Ana\Desktop\The English Teacher
2013-11-21 19:12 - 2013-11-21 19:12 - 00000000 ____D C:\Users\Ana\Desktop\Spring Breakers
2013-11-14 13:44 - 2009-08-22 09:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 13:42 - 2013-08-02 09:46 - 00000000 ____D C:\Windows\system32\MRT
2013-11-11 14:17 - 2013-11-11 14:14 - 00000000 ____D C:\d57e167567a3b859458b1ec9b22c
2013-11-11 05:50 - 2009-12-25 09:29 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-09 12:30 - 2013-11-09 12:26 - 00000000 ____D C:\82c3f4731d786ff85fb815
2013-11-07 16:00 - 2009-12-25 10:34 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-07 13:44 - 2013-11-07 13:44 - 00002030 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-11-07 13:44 - 2009-11-04 10:00 - 00567034 _____ C:\Windows\DPINST.LOG
2013-11-07 13:43 - 2009-08-22 06:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
Some content of TEMP:
====================
C:\Users\Ana\AppData\Local\Temp\0A50E2~1.exe
C:\Users\Ana\AppData\Local\Temp\aswV5Hlp.dll
C:\Users\Ana\AppData\Local\Temp\E11B.exe
C:\Users\Ana\AppData\Local\Temp\EAD2A98.exe
C:\Users\Ana\AppData\Local\Temp\EAD641E.exe
C:\Users\Ana\AppData\Local\Temp\EAD8D41.exe
C:\Users\Ana\AppData\Local\Temp\EAD9349.exe
C:\Users\Ana\AppData\Local\Temp\EADC6A8.exe
C:\Users\Ana\AppData\Local\Temp\EADD519.exe
C:\Users\Ana\AppData\Local\Temp\EADF22A.exe
C:\Users\Ana\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Ana\AppData\Local\Temp\GURC051.exe
C:\Users\Ana\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Ana\AppData\Local\Temp\Quarantine.exe
C:\Users\Ana\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Ana\AppData\Local\Temp\setup.exe
C:\Users\Ana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ana\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Ana\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Ana\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Ana\AppData\Local\Temp\wmpfirefoxplugin.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-30 12:38
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu FRST
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu FRST
- Přílohy
-
- Addition.zip
- (7.57 KiB) Staženo 45 x
Re: Prosím o kontrolu logu FRST
Zdravim 
:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?
Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
:arrow:Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?
Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby" Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu FRST
Hmm, taky zdravím.
Tak přednášku už jsem dostal, přesto se opět ptám, můžete mi prosím zkontrolovat LOG a případně poradit co dál?
Bohužel se dcera s kamarádem snažili počítač opravit sami na základě asi nějaké rady. Co s tím teď už nadělám...
Hned jak jsem ho dostal já, "šel jsem na forum viry.cz" a udělal logy FRST a RSIT.
Můžete se na to ještě podívat a ten LOG zkusit zkontrolovat a dát mi vědět???
Jde to tedy ještě po tom spuštění toho Combofixu? - prý zřejmě ani nedojel a počítač byl vypnut.
Tak přednášku už jsem dostal, přesto se opět ptám, můžete mi prosím zkontrolovat LOG a případně poradit co dál?
Bohužel se dcera s kamarádem snažili počítač opravit sami na základě asi nějaké rady. Co s tím teď už nadělám...
Hned jak jsem ho dostal já, "šel jsem na forum viry.cz" a udělal logy FRST a RSIT.
Můžete se na to ještě podívat a ten LOG zkusit zkontrolovat a dát mi vědět???
Jde to tedy ještě po tom spuštění toho Combofixu? - prý zřejmě ani nedojel a počítač byl vypnut.
Naposledy upravil(a) JirkaB70 dne 07 pro 2013 20:19, celkem upraveno 1 x.
Re: Prosím o kontrolu logu FRST
Přidám kdyžtak ještě ten log z RSIT.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ana at 2013-12-07 14:11:27
Microsoft Windows 7 Home Premium
System drive C: has 26 GB (9%) free of 292 GB
Total RAM: 3067 MB (68% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
cmd.exe
\??\C:\Windows\system32\conhost.exe "9628115301374712453233411306-1319105941-1555128129-17358296141946195614995096020
ctfmon.exe
RSITx64.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-08-22 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-09-11 317496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-22 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-11 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-22 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-09 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-08-22 346736]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-22 256112]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-07 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-05-22 295936]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-30 200704]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]
"ActivControl"=C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [2010-12-17 1240944]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-22 39408]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"Google Update"=C:\Users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-25 135664]
"Facebook Update"=C:\Users\Ana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-25 138096]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-21 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-06 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-05 181480]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-12-08 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"20131121"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\06389da6-2c95-460c-9c64-c78ac9b2c0cd.exe [2013-11-23 180184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Ana\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-07 14:09:24 ----A---- C:\Windows\ntbtlog.txt
2013-12-07 13:31:02 ----D---- C:\Program Files\trend micro
2013-12-07 13:30:36 ----D---- C:\rsit
2013-12-07 12:38:27 ----SHD---- C:\$RECYCLE.BIN
2013-12-06 22:55:08 ----A---- C:\Windows\zip.exe
2013-12-06 22:55:08 ----A---- C:\Windows\SWSC.exe
2013-12-06 22:55:08 ----A---- C:\Windows\SWREG.exe
2013-12-06 22:55:08 ----A---- C:\Windows\sed.exe
2013-12-06 22:55:08 ----A---- C:\Windows\PEV.exe
2013-12-06 22:55:08 ----A---- C:\Windows\NIRCMD.exe
2013-12-06 22:55:08 ----A---- C:\Windows\MBR.exe
2013-12-06 22:55:08 ----A---- C:\Windows\grep.exe
2013-12-06 22:42:20 ----SD---- C:\ComboFix
2013-12-06 22:21:12 ----D---- C:\Qoobox
2013-12-06 22:03:48 ----R---- C:\ComboFix.exe
2013-12-06 21:37:27 ----D---- C:\Windows\erdnt
2013-12-06 19:06:26 ----D---- C:\AdwCleaner
2013-12-05 21:01:59 ----D---- C:\Users\Ana\AppData\Roaming\RegGenie
2013-12-05 20:39:48 ----A---- C:\Windows\RegGenieOnUninstall.exe
2013-12-05 20:39:46 ----D---- C:\Program Files (x86)\RegGenie
2013-12-02 10:59:50 ----D---- C:\Windows\system32\SPReview
2013-12-01 16:54:56 ----D---- C:\Users\Ana\AppData\Roaming\Helexis
2013-11-26 16:19:54 ----RD---- C:\Music
2013-11-11 14:14:07 ----D---- C:\d57e167567a3b859458b1ec9b22c
2013-11-09 12:26:51 ----D---- C:\82c3f4731d786ff85fb815
======List of files/folders modified in the last 1 month======
2013-12-07 14:11:28 ----D---- C:\Windows\Temp
2013-12-07 14:09:24 ----D---- C:\Windows
2013-12-07 13:31:02 ----RD---- C:\Program Files
2013-12-07 13:05:22 ----D---- C:\Windows\system32\config
2013-12-06 22:22:13 ----D---- C:\Windows\system32\drivers
2013-12-06 19:39:38 ----D---- C:\Windows\system32\Tasks
2013-12-06 19:37:38 ----RD---- C:\Program Files (x86)
2013-12-06 19:31:34 ----HD---- C:\ProgramData
2013-12-06 19:29:06 ----D---- C:\ProgramData\ICQ
2013-12-05 20:59:52 ----SHD---- C:\System Volume Information
2013-12-05 20:42:00 ----D---- C:\Windows\System32
2013-12-05 20:42:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-05 20:41:59 ----D---- C:\Windows\inf
2013-12-05 20:39:48 ----RSD---- C:\Windows\Fonts
2013-12-05 20:39:33 ----D---- C:\Windows\Prefetch
2013-12-01 19:19:45 ----D---- C:\ProgramData\CanonIJPLM
2013-11-30 12:03:21 ----D---- C:\Users\Ana\AppData\Roaming\Skype
2013-11-26 21:28:32 ----SHD---- C:\Windows\Installer
2013-11-26 21:28:32 ----D---- C:\ProgramData\Skype
2013-11-26 21:28:22 ----RD---- C:\Program Files (x86)\Skype
2013-11-26 11:27:21 ----D---- C:\Users\Ana\AppData\Roaming\vlc
2013-11-14 13:44:05 ----D---- C:\ProgramData\Microsoft Help
2013-11-14 13:42:54 ----D---- C:\Windows\system32\MRT
2013-11-11 05:50:16 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-09 12:30:57 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-05-25 243760]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-25 189936]
S1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-25 1030952]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-25 378944]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-04-07 1208320]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-07-09 1484800]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM); C:\Windows\system32\drivers\averhbtv.sys [2009-08-20 337280]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-02 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-02 21160]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-03-15 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-03-15 27760]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
S2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-01 136176]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
S2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-22 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 934760]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-16 1255736]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Ana at 2013-12-07 14:11:27
Microsoft Windows 7 Home Premium
System drive C: has 26 GB (9%) free of 292 GB
Total RAM: 3067 MB (68% free)
HijackThis download failed
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k secsvcs
cmd.exe
\??\C:\Windows\system32\conhost.exe "9628115301374712453233411306-1319105941-1555128129-17358296141946195614995096020
ctfmon.exe
RSITx64.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\rundll32.exe" "C:\Windows\system32\WININET.dll",DispatchAPICall 1
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3602963898-1885700746-1547009641-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-08-22 346736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-09-11 317496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-09 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-22 256112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-11 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-22 458736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-09 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-08-22 346736]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-05-09 242496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-22 256112]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-07 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-05-22 295936]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-30 200704]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2726728]
"ActivControl"=C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe [2010-12-17 1240944]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-22 39408]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"Google Update"=C:\Users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe [2009-12-25 135664]
"Facebook Update"=C:\Users\Ana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-25 138096]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2013-05-29 449248]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-21 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-06 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-05 181480]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
""= []
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-12-08 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"20131121"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\06389da6-2c95-460c-9c64-c78ac9b2c0cd.exe [2013-11-23 180184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVerQuick.lnk - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\Ana\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-12-07 14:09:24 ----A---- C:\Windows\ntbtlog.txt
2013-12-07 13:31:02 ----D---- C:\Program Files\trend micro
2013-12-07 13:30:36 ----D---- C:\rsit
2013-12-07 12:38:27 ----SHD---- C:\$RECYCLE.BIN
2013-12-06 22:55:08 ----A---- C:\Windows\zip.exe
2013-12-06 22:55:08 ----A---- C:\Windows\SWSC.exe
2013-12-06 22:55:08 ----A---- C:\Windows\SWREG.exe
2013-12-06 22:55:08 ----A---- C:\Windows\sed.exe
2013-12-06 22:55:08 ----A---- C:\Windows\PEV.exe
2013-12-06 22:55:08 ----A---- C:\Windows\NIRCMD.exe
2013-12-06 22:55:08 ----A---- C:\Windows\MBR.exe
2013-12-06 22:55:08 ----A---- C:\Windows\grep.exe
2013-12-06 22:42:20 ----SD---- C:\ComboFix
2013-12-06 22:21:12 ----D---- C:\Qoobox
2013-12-06 22:03:48 ----R---- C:\ComboFix.exe
2013-12-06 21:37:27 ----D---- C:\Windows\erdnt
2013-12-06 19:06:26 ----D---- C:\AdwCleaner
2013-12-05 21:01:59 ----D---- C:\Users\Ana\AppData\Roaming\RegGenie
2013-12-05 20:39:48 ----A---- C:\Windows\RegGenieOnUninstall.exe
2013-12-05 20:39:46 ----D---- C:\Program Files (x86)\RegGenie
2013-12-02 10:59:50 ----D---- C:\Windows\system32\SPReview
2013-12-01 16:54:56 ----D---- C:\Users\Ana\AppData\Roaming\Helexis
2013-11-26 16:19:54 ----RD---- C:\Music
2013-11-11 14:14:07 ----D---- C:\d57e167567a3b859458b1ec9b22c
2013-11-09 12:26:51 ----D---- C:\82c3f4731d786ff85fb815
======List of files/folders modified in the last 1 month======
2013-12-07 14:11:28 ----D---- C:\Windows\Temp
2013-12-07 14:09:24 ----D---- C:\Windows
2013-12-07 13:31:02 ----RD---- C:\Program Files
2013-12-07 13:05:22 ----D---- C:\Windows\system32\config
2013-12-06 22:22:13 ----D---- C:\Windows\system32\drivers
2013-12-06 19:39:38 ----D---- C:\Windows\system32\Tasks
2013-12-06 19:37:38 ----RD---- C:\Program Files (x86)
2013-12-06 19:31:34 ----HD---- C:\ProgramData
2013-12-06 19:29:06 ----D---- C:\ProgramData\ICQ
2013-12-05 20:59:52 ----SHD---- C:\System Volume Information
2013-12-05 20:42:00 ----D---- C:\Windows\System32
2013-12-05 20:42:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-05 20:41:59 ----D---- C:\Windows\inf
2013-12-05 20:39:48 ----RSD---- C:\Windows\Fonts
2013-12-05 20:39:33 ----D---- C:\Windows\Prefetch
2013-12-01 19:19:45 ----D---- C:\ProgramData\CanonIJPLM
2013-11-30 12:03:21 ----D---- C:\Users\Ana\AppData\Roaming\Skype
2013-11-26 21:28:32 ----SHD---- C:\Windows\Installer
2013-11-26 21:28:32 ----D---- C:\ProgramData\Skype
2013-11-26 21:28:22 ----RD---- C:\Program Files (x86)\Skype
2013-11-26 11:27:21 ----D---- C:\Users\Ana\AppData\Roaming\vlc
2013-11-14 13:44:05 ----D---- C:\ProgramData\Microsoft Help
2013-11-14 13:42:54 ----D---- C:\Windows\system32\MRT
2013-11-11 05:50:16 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-09 12:30:57 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-05-25 243760]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-25 189936]
S1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-25 1030952]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-25 378944]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-04-07 1208320]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-07-09 1484800]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM); C:\Windows\system32\drivers\averhbtv.sys [2009-08-20 337280]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-02 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-02 21160]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-03-15 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-03-15 27760]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 WinUsb;Sony so0101 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
S2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-01 136176]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
S2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-22 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-12-08 934760]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-16 1255736]
-----------------EOF-----------------
Re: Prosím o kontrolu logu FRST
No a do třetice...zkoušel jsem ještě stáhnout FRST launcher, ale stránka z návodu prý neexistuje...
Mohl bych vás poprosit o vyjádření, jestli s tím počítačem jde něco udělat?
Mohl bych vás poprosit o vyjádření, jestli s tím počítačem jde něco udělat?
Re: Prosím o kontrolu logu FRST
Nejak asi nectete co pisu, ja dam info ze po logu z CF neni v RSIT nic videt a vy v nasledujicim postu ho date 
Log z ComboFixu (c:\combofix.txt) byste nasel??"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu FRST
Omlouvám se, ale pochopil jsem ten váš příspěvek jen jako obecné info co se může stát.
Soubor combofix.txt jsem nikde nenašel, v rootu C: je jen jakýsi obraz disků počítače nazvaný combofix.
Ten combofix včera podle dcery nedojel a byl tam na modré obrazovce výpis až do fáze 4. Tam se to zřejmě seklo a oni počítač vypnuli.
Počítač teď v nouzovém režimu jakžtakž nabíhá a funguje. Zkusil jsem zkopírovat nějaká data, ale i to se občas sekne a skončí...mohu takhle zkusit zachránit nějaká data?
Ještě jsem našel nějaké logy z Adwcleaner, který pustili před tím combofixem...
Jinak už nevím.
Soubor combofix.txt jsem nikde nenašel, v rootu C: je jen jakýsi obraz disků počítače nazvaný combofix.
Ten combofix včera podle dcery nedojel a byl tam na modré obrazovce výpis až do fáze 4. Tam se to zřejmě seklo a oni počítač vypnuli.
Počítač teď v nouzovém režimu jakžtakž nabíhá a funguje. Zkusil jsem zkopírovat nějaká data, ale i to se občas sekne a skončí...mohu takhle zkusit zachránit nějaká data?
Ještě jsem našel nějaké logy z Adwcleaner, který pustili před tím combofixem...
Jinak už nevím.
Re: Prosím o kontrolu logu FRST
Udelejte CDI dle kolegy
MiliNess píše:Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu FRST
Tak snad jsem to udělal dobře...
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition [6.1 Build 7600] (x64)
Date : 2013/12/07 23:06:10
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- ST9320325AS
- HL-DT-ST DVDRAM GU10N
-- Disk List ---------------------------------------------------------------
(1) ST9320325AS : 320,0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST9320325AS
----------------------------------------------------------------------------
Model : ST9320325AS
Firmware : 0001SDM1
Serial Number : 5VD1AF8X
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5416 hod.
Power On Count : 4685 krát
Temparature : 51 C (123 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _75 _71 __6 000009F528A8 Počet chyb čtení
03 _98 _98 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 0000000012A4 Počet spuštění/zastavení
05 _97 _97 _36 00000000004A Počet přemapovaných sektorů
07 _81 _60 _30 000007D18BF9 Počet chybných hledání
09 _94 _94 __0 000000001528 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _37 _20 00000000124D Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 000000005AE9 Ohlášeno neopravitelných chyb
BC 100 100 __0 000100010001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _49 _38 _45 02F734320033 Teplota toku vzduchu
BF 100 100 __0 0000000000BF Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000D Počet vypnutí disku
C1 _88 _88 __0 0000000060B8 Počet cyklů načítání/vymazání
C2 _51 _62 __0 000A00000033 Teplota
C3 _46 _38 __0 000009F528A8 Počet oprav chybného čtení
C5 100 100 __0 000000000033 Počet podezřelých sektorů
C6 100 100 __0 000000000033 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3556 3556 4431 4146 3858
020: 0000 4000 0004 3030 3031 4D31 4D31 5354 3933 3230
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 002F
090: 002F 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5000 C500
110: 18F5 D017 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 EAB0
130: 2542 EAB0 2542 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D1A5
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition [6.1 Build 7600] (x64)
Date : 2013/12/07 23:06:10
-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- ST9320325AS
- HL-DT-ST DVDRAM GU10N
-- Disk List ---------------------------------------------------------------
(1) ST9320325AS : 320,0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST9320325AS
----------------------------------------------------------------------------
Model : ST9320325AS
Firmware : 0001SDM1
Serial Number : 5VD1AF8X
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 5416 hod.
Power On Count : 4685 krát
Temparature : 51 C (123 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _75 _71 __6 000009F528A8 Počet chyb čtení
03 _98 _98 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 0000000012A4 Počet spuštění/zastavení
05 _97 _97 _36 00000000004A Počet přemapovaných sektorů
07 _81 _60 _30 000007D18BF9 Počet chybných hledání
09 _94 _94 __0 000000001528 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _37 _20 00000000124D Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 000000005AE9 Ohlášeno neopravitelných chyb
BC 100 100 __0 000100010001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _49 _38 _45 02F734320033 Teplota toku vzduchu
BF 100 100 __0 0000000000BF Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000D Počet vypnutí disku
C1 _88 _88 __0 0000000060B8 Počet cyklů načítání/vymazání
C2 _51 _62 __0 000A00000033 Teplota
C3 _46 _38 __0 000009F528A8 Počet oprav chybného čtení
C5 100 100 __0 000000000033 Počet podezřelých sektorů
C6 100 100 __0 000000000033 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3556 3556 4431 4146 3858
020: 0000 4000 0004 3030 3031 4D31 4D31 5354 3933 3230
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 002F
090: 002F 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5000 C500
110: 18F5 D017 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 EAB0
130: 2542 EAB0 2542 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D1A5
Re: Prosím o kontrolu logu FRST
Udela jste to dobre, ale ja bohuzel nemam dobrou zpravu. Seka, modra obrazovka atd. to vse bude v dusledku poskozeneho disku Vykazuje mnoho chyb. Zrejme je to na koupi noveho a tento jiz poslat do kremikoveho nebe..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu FRST
Tak to opravdu není dobrá zpráva...no nic, zkusím aspoň zachránit nějaká data.
Každopádně díky.
Každopádně díky.
Re: Prosím o kontrolu logu FRST
Nemate zac, ono lepsi na to prijit ted, nez az by jednou windows nenajel vubec a doslo by ke ztrate dat uplne...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?