Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2013
Ran by Renata (administrator) on RENATA-PC on 27-12-2013 00:29:35
Running from C:\Users\Renata\Desktop
Microsoft® Windows Vista™ Home Basic (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(HiTRSUT) C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Acer\Mobility Center\MobilityService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(acer) C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(HiTRUST) C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
(Clarus, Inc.) C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNMTray.exe
(Acer Inc.) C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
(Realtek Semiconductor Corp.) C:\Users\Renata\AppData\Local\Temp\RtkBtMnt.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe
(Microsoft Corporation) C:\Windows\System32\lpremove.exe
(forum.viry.cz) C:\Users\Renata\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1006264 2007-07-25] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4472832 2007-05-29] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [815104 2006-10-23] (Synaptics, Inc.)
HKLM\...\Run: [Acer Tour] - [x]
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [178712 2007-07-12] (Intel Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [40048 2007-03-08] (Adobe Systems Incorporated)
HKLM\...\Run: [RemoteControl] - C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-03-14] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-07] ()
HKLM\...\Run: [eDataSecurity Loader] - C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe [457216 2007-04-25] (HiTRUST)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [850704 2007-06-15] (Dritek System Inc.)
HKLM\...\Run: [eRecoveryService] - [x]
HKLM\...\Run: [WarReg_PopUp] - C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.)
HKLM\...\Run: [NBKeyScan] - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-02-18] (Nero AG)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [Acer Tour Reminder] - C:\Acer\AcerTour\Reminder.exe [151552 2007-05-22] (Acer Inc.)
HKCU\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
MountPoints2: {fcd2db0f-1043-11e0-aa86-000000000000} - F:\APPInst.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [ 2007-04-26] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\ACER\run_NB.exe [ 2007-04-26] ()
Startup: C:\Users\Renata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk
ShortcutTarget: Samsung Auto Backup Guage.lnk -> C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
Startup: C:\Users\Renata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
Startup: C:\Users\Renata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://cs.intl.acer.yahoo.com
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKCU - DefaultScope {348E36EB-24D5-45A6-8EB2-C283B159A262} URL =
http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
SearchScopes: HKCU - {348E36EB-24D5-45A6-8EB2-C283B159A262} URL =
http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Winsock: Catalog5 04 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Renata\AppData\Roaming\Mozilla\Firefox\Profiles\5zae7bxn.default
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
========================== Services (Whitelisted) =================
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [457512 2007-04-25] (HiTRSUT)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-04-23] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [135168 2007-06-13] (Acer Inc.)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-07-03] (Acer Inc.)
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-06-28] ()
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [107008 2006-11-24] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-04-03] ()
R2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-06-13] (acer)
S2 CLTNetCnService; "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
==================== Drivers (Whitelisted) ====================
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [183912 2006-11-02] (Společnost Microsoft)
R2 int15; C:\Windows\system32\drivers\int15.sys [76584 2007-03-02] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1056360 2006-11-02] (Společnost Microsoft)
R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20776 2007-04-25] (HiTRUST)
R0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-04-25] (HiTRUST)
R0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-04-25] (HiTRUST)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-27 00:29 - 2013-12-27 00:32 - 00010610 _____ C:\Users\Renata\Desktop\FRST.txt
2013-12-27 00:28 - 2013-12-27 00:28 - 00000000 ____D C:\FRST
2013-12-27 00:25 - 2013-12-27 00:25 - 00112640 _____ (forum.viry.cz) C:\Users\Renata\Desktop\FRSTLauncher.exe
2013-12-27 00:24 - 2013-12-27 00:24 - 01061649 _____ (Farbar) C:\Users\Renata\Desktop\FRST.exe
2013-12-27 00:13 - 2013-12-27 00:13 - 00000000 ____D C:\Users\Renata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-12-27 00:08 - 2013-12-27 00:08 - 00138824 _____ C:\Windows\Minidump\Mini122713-01.dmp
2013-12-26 23:45 - 2013-12-26 23:46 - 17815040 _____ C:\Users\Renata\Desktop\dbg_x86_6.11.1.404.msi
2013-12-26 22:48 - 2013-12-26 22:48 - 00138824 _____ C:\Windows\Minidump\Mini122613-06.dmp
2013-12-26 22:19 - 2013-12-26 22:20 - 00138824 _____ C:\Windows\Minidump\Mini122613-05.dmp
2013-12-26 21:52 - 2013-12-26 21:52 - 00014976 ____N C:\bootex.log
2013-12-26 21:18 - 2013-12-26 21:19 - 00138824 _____ C:\Windows\Minidump\Mini122613-04.dmp
2013-12-26 20:09 - 2013-12-26 20:10 - 00138824 _____ C:\Windows\Minidump\Mini122613-03.dmp
2013-12-26 19:45 - 2013-12-26 19:45 - 00138824 _____ C:\Windows\Minidump\Mini122613-02.dmp
2013-12-26 18:54 - 2013-12-26 18:55 - 00138824 _____ C:\Windows\Minidump\Mini122613-01.dmp
2013-12-26 17:37 - 2013-12-26 17:37 - 00001912 _____ C:\Windows\epplauncher.mif
2013-12-26 17:36 - 2013-12-26 17:37 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-26 17:21 - 2013-12-26 17:22 - 00000000 ____D C:\Users\Renata\AppData\Roaming\Mozilla
2013-12-26 17:21 - 2013-12-26 17:21 - 00000000 ____D C:\Users\Renata\AppData\Local\Mozilla
2013-12-26 17:20 - 2013-12-26 17:20 - 00000810 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-26 17:20 - 2013-12-26 17:20 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-26 17:20 - 2013-12-26 17:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-26 17:20 - 2013-12-26 17:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-26 16:26 - 2013-12-26 16:26 - 00000775 _____ C:\Windows\ie8_main.log
2013-12-14 15:29 - 2013-12-14 15:29 - 00138824 _____ C:\Windows\Minidump\Mini121413-01.dmp
2013-12-14 14:29 - 2013-12-14 14:30 - 00275362 _____ C:\Windows\msxml4-KB973688-enu.LOG
2013-12-12 19:39 - 2013-12-12 19:39 - 00138824 _____ C:\Windows\Minidump\Mini121213-02.dmp
2013-12-12 19:30 - 2013-12-27 00:08 - 00000000 ____D C:\Windows\Minidump
2013-12-12 19:30 - 2013-12-27 00:07 - 112003837 _____ C:\Windows\MEMORY.DMP
2013-12-12 19:30 - 2013-12-12 19:30 - 00138824 _____ C:\Windows\Minidump\Mini121213-01.dmp
==================== One Month Modified Files and Folders =======
2013-12-27 01:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\LogFiles
2013-12-27 00:32 - 2013-12-27 00:29 - 00010610 _____ C:\Users\Renata\Desktop\FRST.txt
2013-12-27 00:28 - 2013-12-27 00:28 - 00000000 ____D C:\FRST
2013-12-27 00:25 - 2013-12-27 00:25 - 00112640 _____ (forum.viry.cz) C:\Users\Renata\Desktop\FRSTLauncher.exe
2013-12-27 00:24 - 2013-12-27 00:24 - 01061649 _____ (Farbar) C:\Users\Renata\Desktop\FRST.exe
2013-12-27 00:19 - 2008-05-28 01:09 - 01328790 _____ C:\Windows\WindowsUpdate.log
2013-12-27 00:18 - 2006-11-02 11:33 - 01259320 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-27 00:13 - 2013-12-27 00:13 - 00000000 ____D C:\Users\Renata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2013-12-27 00:12 - 2006-11-02 13:45 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-27 00:12 - 2006-11-02 13:45 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-27 00:09 - 2006-11-02 13:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-27 00:08 - 2013-12-27 00:08 - 00138824 _____ C:\Windows\Minidump\Mini122713-01.dmp
2013-12-27 00:08 - 2013-12-12 19:30 - 00000000 ____D C:\Windows\Minidump
2013-12-27 00:07 - 2013-12-12 19:30 - 112003837 _____ C:\Windows\MEMORY.DMP
2013-12-26 23:46 - 2013-12-26 23:45 - 17815040 _____ C:\Users\Renata\Desktop\dbg_x86_6.11.1.404.msi
2013-12-26 22:48 - 2013-12-26 22:48 - 00138824 _____ C:\Windows\Minidump\Mini122613-06.dmp
2013-12-26 22:20 - 2013-12-26 22:19 - 00138824 _____ C:\Windows\Minidump\Mini122613-05.dmp
2013-12-26 21:52 - 2013-12-26 21:52 - 00014976 ____N C:\bootex.log
2013-12-26 21:19 - 2013-12-26 21:18 - 00138824 _____ C:\Windows\Minidump\Mini122613-04.dmp
2013-12-26 20:10 - 2013-12-26 20:09 - 00138824 _____ C:\Windows\Minidump\Mini122613-03.dmp
2013-12-26 19:50 - 2006-11-02 13:58 - 00032508 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-26 19:45 - 2013-12-26 19:45 - 00138824 _____ C:\Windows\Minidump\Mini122613-02.dmp
2013-12-26 18:55 - 2013-12-26 18:54 - 00138824 _____ C:\Windows\Minidump\Mini122613-01.dmp
2013-12-26 17:37 - 2013-12-26 17:37 - 00001912 _____ C:\Windows\epplauncher.mif
2013-12-26 17:37 - 2013-12-26 17:36 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-12-26 17:22 - 2013-12-26 17:21 - 00000000 ____D C:\Users\Renata\AppData\Roaming\Mozilla
2013-12-26 17:21 - 2013-12-26 17:21 - 00000000 ____D C:\Users\Renata\AppData\Local\Mozilla
2013-12-26 17:20 - 2013-12-26 17:20 - 00000810 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-26 17:20 - 2013-12-26 17:20 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-26 17:20 - 2013-12-26 17:20 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-26 17:20 - 2013-12-26 17:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-26 16:26 - 2013-12-26 16:26 - 00000775 _____ C:\Windows\ie8_main.log
2013-12-14 15:34 - 2008-05-27 19:22 - 00099968 _____ C:\Users\Renata\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-14 15:30 - 2006-11-02 13:44 - 00371712 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-14 15:29 - 2013-12-14 15:29 - 00138824 _____ C:\Windows\Minidump\Mini121413-01.dmp
2013-12-14 14:30 - 2013-12-14 14:29 - 00275362 _____ C:\Windows\msxml4-KB973688-enu.LOG
2013-12-12 19:39 - 2013-12-12 19:39 - 00138824 _____ C:\Windows\Minidump\Mini121213-02.dmp
2013-12-12 19:30 - 2013-12-12 19:30 - 00138824 _____ C:\Windows\Minidump\Mini121213-01.dmp
2013-12-12 10:02 - 2008-05-28 18:44 - 00002589 _____ C:\Users\Renata\Desktop\Microsoft Office Excel 2003.lnk
2013-12-01 14:24 - 2008-05-28 18:53 - 00034304 _____ C:\Users\Renata\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-01 13:19 - 2008-05-27 19:18 - 00000000 ____D C:\Users\Renata
Files to move or delete:
====================
C:\Users\Renata\tmnationsforever_setup.exe
Some content of TEMP:
====================
C:\Users\Renata\AppData\Local\Temp\mpam-d98c0b7c.exe
C:\Users\Renata\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Renata\AppData\Local\Temp\ycomp_setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2006-11-02 09:47] - [2006-11-02 10:45] - 2923520 ____A (Microsoft Corporation) FD8C53FB002217F6F888BCF6F5D7084D
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2006-11-02 09:52] - [2006-11-02 10:51] - 0208488 ____A (Microsoft Corporation) 11EF6C1CAEF76B685233450A126125D6
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Renata\Desktop" je 18 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Jo a ještě zhruba v polovině případů to zamrzne a v druhe polovině případů mám modrou obrazovku.
EDIT: na poslední modré obrazovce jsem stihl přečíst KERNEL_STACK_INPAGE_ERROR
Jo a zacalo to zamrzat/modrá obrazovka od zavedení internetu do ntb zhruba pře týdnem, předtím na ntb asi nikdy internet nebyl + nebyl nainstalovanej antivir a nebyl ani updatlej windows vista (je to notebook tety), antivir od microsoftu jsem vcera nainstaloval a update jde ted jen automaticky ale moc to teda neupdatuje píše to systém windows instaluje aktualizace (dokončeno 36%) ale 36% je tam už hodnu dlouho takze to asi nic nedělá...