VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Nejde spustit Centrum akcí, Windows update apod.

https://forum.viry.cz:443/viewtopic.php?t=138076

Stránka 1 z 1

Nejde spustit Centrum akcí, Windows update apod.

Napsal: 17 kvě 2014 19:35
od pokerkan
Zdravím, moc prosím o radu. Mel jsem zavirovany notas s W8. Avast, Malwarebytes, Adwcleaner ani Eset online, uz nenacházejí zádné hrozby (pri prvnim spusteni 20-40), ale stále nejde spustit Centrum akcí, Windows Update a nejde mi ani vytvorit log RSIT ani FRST oba se zaseknou, FRSTLauncher na C:/Windows/System32/Winlogon.exe u RSIT se objeví první dílek a pak se 40 minut uz nic nedeje. Pocítac je nadale nestabilni a predevsim jakakoli akce spojena se systémem velmi pomala. Brouzdat jde celkem normalne. Predem moc dekuji za kazdou radu.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.55.2
Run by arnold- at 20:12:28 on 2014-05-17
.
============== Running Processes ================
.
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files\AVAST Software\Avast\setup\instup.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [BearShare] "C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe" --lightmode
mRun: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
mRun: [LManager] <no file>
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
mPolicies-System: DisableCAD = dword:1
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{0404A2BA-213F-48EF-AFDC-DE42384ADCAC} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{346D85E9-C9B1-4A7A-94C3-38BA8FAA515A} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-mPolicies-System: DisableCAD = dword:1
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R? aswHwid;avast! HardwareID
R? AtherosSvc;AtherosSvc
R? DeviceFastLaneService;Device Fast-lane Service
R? DsiWMIService;Dritek WMI Service
R? EgisTec Ticket Service;EgisTec Ticket Service
R? ePowerSvc;ePower Service
R? IconMan_R;IconMan_R
R? massfilter;Mass Storage Filter Driver
R? RfButtonDriverService;Dritek RF Button Command Service
R? RSPCIESTOR;Realtek PCIE CardReader Driver
R? ZAtheros Wlan Agent;ZAtheros Wlan Agent
S? aswMonFlt;aswMonFlt
S? aswRvrt;avast! Revert
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswStm;aswStm
S? aswVmm;avast! VM Monitor
S? AthBTPort;Qualcomm Atheros Virtual Bluetooth Class
S? avast! Antivirus;avast! Antivirus
S? BTATH_A2DP;Bluetooth A2DP Audio Driver
S? btath_avdt;Qualcomm Atheros Bluetooth AVDT Service
S? BTATH_BUS;Qualcomm Atheros Bluetooth Bus
S? BTATH_HCRP;Bluetooth HCRP Server driver
S? BTATH_LWFLT;Bluetooth LWFLT Device
S? BTATH_RCP;Bluetooth AVRCP Device
S? BtFilter;BtFilter
S? BthLEEnum;Treiber fr energiearme Bluetooth-Ger„te
S? huawei_enumerator;huawei_enumerator
S? iaStorA;iaStorA
S? IntcDAud;Intel(R) Display-Audio
S? Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface
S? jhi_service;Intel(R) Dynamic Application Loader Host Interface Service
S? L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller
S? MBAMProtector;MBAMProtector
S? MBAMScheduler;MBAMScheduler
S? MBAMService;MBAMService
S? MBAMSwissArmy;MBAMSwissArmy
S? MBAMWebAccessControl;MBAMWebAccessControl
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NTI IScheduleSvc;NTI IScheduleSvc
S? Ps2Kb2Hid;PS/2 Keyboard to HID Driver
S? UNS;Intel(R) Management and Security Application User Notification Service
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-05-17 17:40:10 -------- d-----w- C:\FRST
2014-05-17 17:39:54 29696 ----a-w- C:\Users\arnold-\AppData\Local\MSGBOX.EXE
2014-05-17 17:16:51 -------- d-----w- C:\Program Files\trend micro
2014-05-17 10:05:42 619008 ----a-w- C:\Windows\System32\drivers\srv2.sys
2014-05-17 10:05:42 328024 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2014-05-17 10:05:42 309760 ----a-w- C:\Windows\System32\wusa.exe
2014-05-17 10:05:41 305152 ----a-w- C:\Windows\SysWow64\wusa.exe
2014-05-17 09:38:19 2240000 ----a-w- C:\Windows\System32\wininet.dll
2014-05-17 09:38:19 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-05-17 09:38:08 108032 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
2014-05-17 08:49:59 -------- d-----w- C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 08:25:41 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-17 08:24:48 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-17 08:24:48 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-17 08:24:48 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-17 08:24:48 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-17 08:24:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 08:16:19 261808 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10239.bin
2014-05-16 19:58:47 -------- d-----w- C:\ProgramData\Oracle
2014-05-16 19:58:35 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-16 19:44:35 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-16 19:44:34 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-16 19:42:48 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2014-05-16 19:42:48 215040 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2014-05-16 19:42:48 1120768 ----a-w- C:\Windows\System32\gpedit.dll
2014-05-16 19:42:47 78336 ----a-w- C:\Windows\System32\drivers\IPMIDrv.sys
2014-05-16 19:42:47 247808 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2014-05-16 19:42:47 1075200 ----a-w- C:\Windows\SysWow64\gpedit.dll
2014-05-16 19:23:40 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-05-16 17:53:17 -------- d-----w- C:\Program Files (x86)\ESET
2014-05-16 16:14:02 -------- d-----w- C:\Users\arnold-\AppData\Local\InstantUpdate
2014-05-15 19:04:09 -------- d-----w- C:\Users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 19:02:02 -------- d-----w- C:\ProgramData\AVAST Software
2014-05-11 15:00:03 -------- d-----w- C:\ProgramData\BlueStacks
2014-05-10 07:31:39 -------- d-----w- C:\ProgramData\2992199F9A
.
==================== Find3M ====================
.
2014-05-15 19:03:50 85328 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-05-15 19:03:50 1039096 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-05-15 19:03:19 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-05-15 19:03:19 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-05-15 19:03:19 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-05-15 19:03:19 43152 ----a-w- C:\Windows\avastSS.scr
2014-05-15 19:03:19 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-05-15 19:03:19 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-04-12 09:27:03 172888 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\Windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\Windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\Windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\Windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\Windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-04-12 09:08:17 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 09:08:10 827904 ----a-w- C:\Windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\Windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\Windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\Windows\System32\workerdd.dll
2014-03-28 08:23:00 1287168 ----a-w- C:\Windows\System32\schedsvc.dll
2014-03-19 13:27:44 76496 ----a-w- C:\Windows\System32\drivers\dc3d.sys
2014-03-19 13:27:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2014-03-11 03:32:43 6987096 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-11 03:25:51 100184 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-03-11 00:41:55 323072 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-03-11 00:41:51 559104 ----a-w- C:\Windows\SysWow64\objsel.dll
2014-03-11 00:41:24 38400 ----a-w- C:\Windows\SysWow64\dimsroam.dll
2014-03-11 00:39:12 35840 ----a-w- C:\Windows\System32\lsass.exe
2014-03-11 00:38:58 27648 ----a-w- C:\Windows\System32\sspisrv.dll
2014-03-11 00:38:58 164864 ----a-w- C:\Windows\System32\sspicli.dll
2014-03-11 00:38:53 419328 ----a-w- C:\Windows\System32\schannel.dll
2014-03-11 00:38:47 684032 ----a-w- C:\Windows\System32\objsel.dll
2014-03-11 00:38:31 982016 ----a-w- C:\Windows\System32\KernelBase.dll
2014-03-11 00:38:23 45056 ----a-w- C:\Windows\System32\dimsroam.dll
2014-03-11 00:38:23 179712 ----a-w- C:\Windows\System32\dpapisrv.dll
2014-03-10 03:05:14 668160 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-10 01:27:03 99840 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-03-07 00:47:24 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-07 00:08:27 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-03-07 00:08:06 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-04 22:52:34 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 22:52:34 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-03 23:07:48 570216 ----a-w- C:\Windows\System32\drivers\cng.sys
.
============= FINISH: 20:21:58,96 ===============

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 17 kvě 2014 19:37
od Rudy
Zdravím!
Zkuste FRST spustit v nouz. režimu.

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 17 kvě 2014 20:04
od pokerkan
Tak snad se to uz povedlo:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by arnold- (administrator) on KÜCHE on 17-05-2014 20:58:42
Running from C:\Users\arnold-\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(forum.viry.cz) C:\Users\arnold-\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [655256 2012-08-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [A1Diagnose] => C:\Program Files (x86)\A1\A1 Diagnose\A1Diagnose.exe [20686472 2012-11-21] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\Run: [BearShare] => "C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe" --lightmode
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {bd6bbceb-d7e8-11e2-bef8-4c72b9b4d96e} - "E:\Autorun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1db84-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1ddc1-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {db488389-043a-11e2-be6b-806e6f6e6963} - "D:\Start.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lfrlf3y8z.lnk
ShortcutTarget: lfrlf3y8z.lnk -> C:\PROGRA~3\299219~1\z8y3flrfl.cpp (No File)

==================== Internet (Whitelisted) ====================

URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - DefaultScope {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
SearchScopes: HKCU - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

FireFox:
========
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: BearSharePlugin - C:\Program Files (x86)\BearShare Applications\BearShare\npBearSharePlugin.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKCU\...\Firefox\Extensions: [{ec2beeca-9971-43d1-9766-6a9ad543c90c}] - C:\Program Files (x86)\Re-markit\150.xpi

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-22]
CHR Extension: (Google Drive) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-22]
CHR Extension: (YouTube) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-22]
CHR Extension: (Google-Suche) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-22]
CHR Extension: (Google Wallet) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Google Mail) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-15]

==================== Services (Whitelisted) =================

S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-15] (AVAST Software)
S4 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-22] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)
S2 Winmgmt; C:\PROGRA~3\2992199F9A\lfrlf3y8z.faa [X]

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-15] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-15] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-15] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-15] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-22] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-17 20:24 - 2014-05-17 20:24 - 00002404 _____ () C:\Users\arnold-\Desktop\attach.txt
2014-05-17 20:24 - 2014-05-17 20:21 - 00012757 _____ () C:\Users\arnold-\Desktop\dds.txt
2014-05-17 20:11 - 2014-05-17 20:11 - 00688992 ____R (Swearware) C:\Users\arnold-\Desktop\dds.exe
2014-05-17 19:40 - 2014-05-17 20:58 - 00011154 _____ () C:\Users\arnold-\Desktop\FRST.txt
2014-05-17 19:40 - 2014-05-17 20:58 - 00000000 ____D () C:\FRST
2014-05-17 19:37 - 2014-05-17 19:37 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Desktop\FRSTLauncher.exe
2014-05-17 19:36 - 2014-05-17 19:36 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Downloads\Nicht bestätigt 786945.crdownload
2014-05-17 19:33 - 2014-05-17 19:34 - 02067456 _____ (Farbar) C:\Users\arnold-\Desktop\FRST64.exe
2014-05-17 19:16 - 2014-05-17 19:17 - 00000000 ____D () C:\Program Files\trend micro
2014-05-17 19:09 - 2014-05-17 19:09 - 00000000 ____D () C:\rsit
2014-05-17 19:08 - 2014-05-17 19:08 - 00935175 _____ () C:\Users\arnold-\Downloads\RSITx64.exe
2014-05-17 12:05 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-17 12:05 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-17 12:05 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-17 12:05 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-17 12:05 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-17 11:39 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-17 11:39 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-17 11:39 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-17 11:39 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-17 11:39 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-05-17 11:39 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-05-17 11:39 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 11:39 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-17 11:39 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-05-17 11:39 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 11:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-17 11:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-17 11:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-17 11:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-17 11:39 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-17 11:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-17 11:39 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-17 11:39 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-17 11:39 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-17 11:38 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-17 11:38 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-17 11:38 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-17 11:38 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-17 11:38 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-17 11:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-17 11:37 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-17 11:37 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-17 11:37 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-17 11:37 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-17 11:37 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-17 11:37 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-17 11:37 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-17 11:37 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-17 11:37 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-17 10:57 - 2014-05-17 10:57 - 01325827 _____ () C:\Users\arnold-\Downloads\adwcleaner08 (1).exe
2014-05-17 10:49 - 2014-05-17 11:04 - 00000000 ____D () C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 10:25 - 2014-05-17 19:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 10:24 - 2014-05-17 10:27 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 10:24 - 2014-05-17 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:24 - 2014-05-17 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 10:24 - 2014-05-17 10:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:24 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-17 10:24 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-17 10:24 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-17 09:59 - 2014-05-17 09:59 - 00353101 _____ () C:\Users\arnold-\Downloads\MicrosoftFixit20084.mini.diagcab
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 21:58 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-16 21:58 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-16 21:58 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-16 21:58 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-16 21:57 - 2014-05-16 21:58 - 00005058 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-16 21:45 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 21:45 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 21:45 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-16 21:45 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-16 21:45 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 21:45 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 21:45 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 21:45 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 21:45 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 21:45 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-16 21:45 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-16 21:45 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 21:45 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 21:45 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 21:45 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 21:45 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 21:45 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 21:45 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 21:45 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 21:45 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 21:45 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-16 21:44 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 21:44 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 21:44 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 21:44 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 21:44 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 21:44 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 21:42 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-16 21:42 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-16 21:42 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-16 21:42 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-16 21:42 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-16 21:42 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-16 21:42 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-16 21:42 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-16 21:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-16 21:19 - 2014-05-16 21:19 - 05087312 _____ (Systweak Inc ) C:\Users\arnold-\Downloads\rcp_chip_468_a.exe
2014-05-16 21:18 - 2014-05-16 21:18 - 00006769 _____ () C:\Users\arnold-\Desktop\eset.txt
2014-05-16 19:53 - 2014-05-16 19:53 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-16 18:14 - 2014-05-16 18:14 - 00000000 ____D () C:\Users\arnold-\AppData\Local\InstantUpdate
2014-05-16 18:07 - 2014-05-16 18:09 - 00007635 _____ () C:\Users\arnold-\AppData\Local\resmon.resmoncfg
2014-05-15 21:04 - 2014-05-15 21:04 - 00000000 ____D () C:\Users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 21:03 - 2014-05-17 13:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-15 21:03 - 2014-05-15 21:03 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-15 21:03 - 2014-05-15 21:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-15 21:02 - 2014-05-15 21:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-15 21:00 - 2014-05-15 21:01 - 88882192 _____ (AVAST Software) C:\Users\arnold-\Downloads\avast_free_antivirus_setup.exe
2014-05-11 17:00 - 2014-05-11 17:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-10 09:31 - 2014-05-17 13:58 - 00000000 ____D () C:\ProgramData\2992199F9A

==================== One Month Modified Files and Folders =======

2014-05-17 20:58 - 2014-05-17 19:40 - 00011154 _____ () C:\Users\arnold-\Desktop\FRST.txt
2014-05-17 20:58 - 2014-05-17 19:40 - 00000000 ____D () C:\FRST
2014-05-17 20:54 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-17 20:53 - 2013-01-12 15:07 - 02013598 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 20:48 - 2013-01-12 15:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2819954794-1862375091-3463940285-1001
2014-05-17 20:28 - 2013-01-22 17:37 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 20:24 - 2014-05-17 20:24 - 00002404 _____ () C:\Users\arnold-\Desktop\attach.txt
2014-05-17 20:21 - 2014-05-17 20:24 - 00012757 _____ () C:\Users\arnold-\Desktop\dds.txt
2014-05-17 20:11 - 2014-05-17 20:11 - 00688992 ____R (Swearware) C:\Users\arnold-\Desktop\dds.exe
2014-05-17 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-17 19:37 - 2014-05-17 19:37 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Desktop\FRSTLauncher.exe
2014-05-17 19:36 - 2014-05-17 19:36 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Downloads\Nicht bestätigt 786945.crdownload
2014-05-17 19:34 - 2014-05-17 19:33 - 02067456 _____ (Farbar) C:\Users\arnold-\Desktop\FRST64.exe
2014-05-17 19:17 - 2014-05-17 19:16 - 00000000 ____D () C:\Program Files\trend micro
2014-05-17 19:09 - 2014-05-17 19:09 - 00000000 ____D () C:\rsit
2014-05-17 19:08 - 2014-05-17 19:08 - 00935175 _____ () C:\Users\arnold-\Downloads\RSITx64.exe
2014-05-17 19:00 - 2014-05-17 10:25 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 18:01 - 2013-04-03 12:28 - 00129024 ___SH () C:\Users\arnold-\Downloads\Thumbs.db
2014-05-17 17:40 - 2013-09-16 19:31 - 00000000 ____D () C:\Users\arnold-\AppData\Local\CrashDumps
2014-05-17 17:18 - 2013-01-22 18:39 - 00000230 _____ () C:\Users\arnold-\Desktop\Internet.txt
2014-05-17 17:13 - 2013-01-22 17:37 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 15:20 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 13:58 - 2014-05-10 09:31 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-05-17 13:25 - 2014-05-15 21:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-17 12:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-17 11:44 - 2013-01-12 15:08 - 00000000 ___RD () C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 11:44 - 2013-01-12 15:08 - 00000000 ___RD () C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 11:41 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-17 11:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-17 11:06 - 2012-09-03 08:24 - 00128132 _____ () C:\Windows\PFRO.log
2014-05-17 11:04 - 2014-05-17 10:49 - 00000000 ____D () C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 11:04 - 2014-01-15 22:02 - 00000000 ____D () C:\AdwCleaner
2014-05-17 10:57 - 2014-05-17 10:57 - 01325827 _____ () C:\Users\arnold-\Downloads\adwcleaner08 (1).exe
2014-05-17 10:56 - 2013-01-12 15:07 - 00000000 ____D () C:\Users\arnold-
2014-05-17 10:45 - 2012-07-26 10:18 - 00000000 ____D () C:\Windows\DigitalLocker
2014-05-17 10:27 - 2014-05-17 10:24 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 10:27 - 2014-05-17 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:27 - 2014-05-17 10:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 10:24 - 2014-05-17 10:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:07 - 2012-07-26 02:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-17 09:59 - 2014-05-17 09:59 - 00353101 _____ () C:\Users\arnold-\Downloads\MicrosoftFixit20084.mini.diagcab
2014-05-16 22:16 - 2013-08-16 12:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 22:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 21:58 - 2014-05-16 21:57 - 00005058 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-16 21:58 - 2013-04-03 12:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-16 21:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-16 21:19 - 2014-05-16 21:19 - 05087312 _____ (Systweak Inc ) C:\Users\arnold-\Downloads\rcp_chip_468_a.exe
2014-05-16 21:18 - 2014-05-16 21:18 - 00006769 _____ () C:\Users\arnold-\Desktop\eset.txt
2014-05-16 19:53 - 2014-05-16 19:53 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-16 18:15 - 2013-04-11 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-05-16 18:14 - 2014-05-16 18:14 - 00000000 ____D () C:\Users\arnold-\AppData\Local\InstantUpdate
2014-05-16 18:09 - 2014-05-16 18:07 - 00007635 _____ () C:\Users\arnold-\AppData\Local\resmon.resmoncfg
2014-05-16 16:31 - 2013-01-22 17:40 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 21:04 - 2014-05-15 21:04 - 00000000 ____D () C:\Users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-15 21:03 - 2014-05-15 21:03 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-15 21:03 - 2014-05-15 21:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-15 21:02 - 2014-05-15 21:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-15 21:01 - 2014-05-15 21:00 - 88882192 _____ (AVAST Software) C:\Users\arnold-\Downloads\avast_free_antivirus_setup.exe
2014-05-15 16:52 - 2012-09-03 08:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 16:46 - 2012-09-03 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-05-15 16:46 - 2012-09-03 08:47 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-05-15 16:43 - 2012-09-03 08:47 - 00000000 ____D () C:\Program Files\Acer
2014-05-15 16:42 - 2013-01-12 15:28 - 00000000 ____D () C:\Users\arnold-\AppData\Local\clear.fi
2014-05-15 16:42 - 2012-09-03 08:47 - 00000000 ____D () C:\ProgramData\Acer
2014-05-15 10:23 - 2013-04-03 19:05 - 00000000 ____D () C:\Users\arnold-\AppData\Roaming\WildTangent
2014-05-15 10:23 - 2012-09-03 08:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-15 10:23 - 2012-09-03 08:40 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-11 17:02 - 2014-01-28 21:02 - 00026491 _____ () C:\Users\arnold-\Documents\Buchungen.ods
2014-05-11 17:00 - 2014-05-11 17:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-11 14:23 - 2013-01-22 17:37 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 14:23 - 2013-01-22 17:37 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-11 13:57 - 2013-01-12 15:27 - 00000000 ____D () C:\Users\arnold-\Documents\Bluetooth Folder
2014-05-11 13:09 - 2013-04-11 19:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-09 19:55 - 2012-09-22 10:17 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-09 19:55 - 2012-09-22 10:17 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-09 19:55 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 07:14 - 2014-05-16 21:44 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 21:44 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 21:44 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 21:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 21:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 21:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 17:12 - 2013-01-18 16:25 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\Setup_A1Servicecenter_RTM_1.3.0.37.exe


Some content of TEMP:
====================
C:\Users\arnold-\AppData\Local\Temp\AcerCloudDocsSetup.exe
C:\Users\arnold-\AppData\Local\Temp\AcerCloudSetup.exe
C:\Users\arnold-\AppData\Local\Temp\avgnt.exe
C:\Users\arnold-\AppData\Local\Temp\BackupSetup.exe
C:\Users\arnold-\AppData\Local\Temp\COMAP.EXE
C:\Users\arnold-\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\arnold-\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\arnold-\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\arnold-\AppData\Local\Temp\mbam-setup-2.0.0.1000.exe
C:\Users\arnold-\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\arnold-\AppData\Local\Temp\MSETUP4.EXE
C:\Users\arnold-\AppData\Local\Temp\oi_{9AE2A80E-DC9F-4C60-A935-E99D8C11DE1F}.exe
C:\Users\arnold-\AppData\Local\Temp\Quarantine.exe
C:\Users\arnold-\AppData\Local\Temp\sdanircmdc.exe
C:\Users\arnold-\AppData\Local\Temp\sdapskill.exe
C:\Users\arnold-\AppData\Local\Temp\sdaspwn.exe
C:\Users\arnold-\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-16 21:45] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================




===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\arnold-\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 17 kvě 2014 21:22
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [A1Diagnose] => C:\Program Files (x86)\A1\A1 Diagnose\A1Diagnose.exe [20686472 2012-11-21] (mquadr.at software engineering and consulting GmbH, web: http://www.mquadr.at, mail: office@mquadr.at)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {bd6bbceb-d7e8-11e2-bef8-4c72b9b4d96e} - "E:\Autorun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1db84-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1ddc1-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {db488389-043a-11e2-be6b-806e6f6e6963} - "D:\Start.exe"
Startup: C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lfrlf3y8z.lnk
ShortcutTarget: lfrlf3y8z.lnk -> C:\PROGRA~3\299219~1\z8y3flrfl.cpp (No File)
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - DefaultScope {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
SearchScopes: HKCU - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
FF Plugin HKCU: BearSharePlugin - C:\Program Files (x86)\BearShare Applications\BearShare\npBearSharePlugin.dll No File
S2 Winmgmt; C:\PROGRA~3\2992199F9A\lfrlf3y8z.faa [X]
C:\ProgramData\2992199F9A
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\arnold-\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 17 kvě 2014 21:38
od pokerkan
Doufám, ze jsem spustil ten spravný program, ten FRSTLauncher, nebyla zaskrtnuta volba "Addition.txt" a slo tovelmi rychle.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by arnold- (administrator) on KÜCHE on 17-05-2014 22:34:09
Running from C:\Users\arnold-\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\Program Files (x86)\A1\A1 Diagnose\A1Diagnose.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(forum.viry.cz) C:\Users\arnold-\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [655256 2012-08-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-10] ()
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [A1Diagnose] => C:\Program Files (x86)\A1\A1 Diagnose\A1Diagnose.exe [20686472 2012-11-21] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-15] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\Run: [BearShare] => "C:\Program Files (x86)\BearShare Applications\BearShare\BearShare.exe" --lightmode
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {bd6bbceb-d7e8-11e2-bef8-4c72b9b4d96e} - "E:\Autorun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1db84-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1ddc1-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {db488389-043a-11e2-be6b-806e6f6e6963} - "D:\Start.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lfrlf3y8z.lnk
ShortcutTarget: lfrlf3y8z.lnk -> C:\PROGRA~3\299219~1\z8y3flrfl.cpp (No File)

==================== Internet (Whitelisted) ====================

URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - DefaultScope {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
SearchScopes: HKCU - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKCU: BearSharePlugin - C:\Program Files (x86)\BearShare Applications\BearShare\npBearSharePlugin.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKCU\...\Firefox\Extensions: [{ec2beeca-9971-43d1-9766-6a9ad543c90c}] - C:\Program Files (x86)\Re-markit\150.xpi

Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-22]
CHR Extension: (Google Drive) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-22]
CHR Extension: (YouTube) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-22]
CHR Extension: (Google-Suche) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-22]
CHR Extension: (Google Wallet) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Google Mail) - C:\Users\arnold-\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-15]

==================== Services (Whitelisted) =================

S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-15] (AVAST Software)
S4 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-22] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros)
S2 Winmgmt; C:\PROGRA~3\2992199F9A\lfrlf3y8z.faa [X]

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-15] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-22] (Dritek System Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-17 22:34 - 2014-05-17 22:34 - 00013642 _____ () C:\Users\arnold-\Desktop\FRST.txt
2014-05-17 22:33 - 2014-05-17 22:33 - 00029696 _____ () C:\Users\arnold-\AppData\Local\MSGBOX.EXE
2014-05-17 22:33 - 2014-05-17 22:33 - 00015327 _____ () C:\Users\arnold-\Desktop\LM.bat
2014-05-17 22:32 - 2014-05-17 22:32 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Downloads\Nicht bestätigt 28716.crdownload
2014-05-17 22:32 - 2014-05-17 22:32 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Desktop\FRSTLauncher.exe
2014-05-17 22:28 - 2014-05-17 22:28 - 00002153 _____ () C:\Users\arnold-\Desktop\fixlist.txt
2014-05-17 21:07 - 2014-05-17 21:07 - 00042304 _____ () C:\Users\arnold-\Desktop\FRST3.txt
2014-05-17 20:24 - 2014-05-17 20:24 - 00002404 _____ () C:\Users\arnold-\Desktop\attach.txt
2014-05-17 20:24 - 2014-05-17 20:21 - 00012757 _____ () C:\Users\arnold-\Desktop\dds.txt
2014-05-17 20:11 - 2014-05-17 20:11 - 00688992 ____R (Swearware) C:\Users\arnold-\Desktop\dds.exe
2014-05-17 19:40 - 2014-05-17 22:34 - 00000000 ____D () C:\FRST
2014-05-17 19:36 - 2014-05-17 19:36 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Downloads\Nicht bestätigt 786945.crdownload
2014-05-17 19:33 - 2014-05-17 19:34 - 02067456 _____ (Farbar) C:\Users\arnold-\Desktop\FRST64.exe
2014-05-17 19:16 - 2014-05-17 19:17 - 00000000 ____D () C:\Program Files\trend micro
2014-05-17 19:09 - 2014-05-17 19:09 - 00000000 ____D () C:\rsit
2014-05-17 19:08 - 2014-05-17 19:08 - 00935175 _____ () C:\Users\arnold-\Downloads\RSITx64.exe
2014-05-17 12:05 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-05-17 12:05 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-17 12:05 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-17 12:05 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-05-17 12:05 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-05-17 11:39 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-17 11:39 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-17 11:39 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-17 11:39 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-17 11:39 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-05-17 11:39 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-05-17 11:39 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 11:39 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-17 11:39 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-05-17 11:39 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 11:39 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-17 11:39 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-17 11:39 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-17 11:39 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-17 11:39 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-17 11:39 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-17 11:39 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-17 11:39 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-17 11:39 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-17 11:38 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-17 11:38 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-17 11:38 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-17 11:38 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-17 11:38 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-17 11:38 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-17 11:37 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-17 11:37 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-17 11:37 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-17 11:37 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-17 11:37 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-17 11:37 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-17 11:37 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-17 11:37 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-17 11:37 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-17 11:37 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-17 11:37 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-17 10:57 - 2014-05-17 10:57 - 01325827 _____ () C:\Users\arnold-\Downloads\adwcleaner08 (1).exe
2014-05-17 10:49 - 2014-05-17 11:04 - 00000000 ____D () C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 10:25 - 2014-05-17 21:40 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 10:24 - 2014-05-17 10:27 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 10:24 - 2014-05-17 10:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:24 - 2014-05-17 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 10:24 - 2014-05-17 10:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:24 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-17 10:24 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-17 10:24 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-17 09:59 - 2014-05-17 09:59 - 00353101 _____ () C:\Users\arnold-\Downloads\MicrosoftFixit20084.mini.diagcab
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 21:58 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-16 21:58 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-16 21:58 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-16 21:58 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-16 21:57 - 2014-05-16 21:58 - 00005058 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-16 21:45 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 21:45 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 21:45 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-16 21:45 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-16 21:45 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 21:45 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-16 21:45 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 21:45 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 21:45 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 21:45 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 21:45 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 21:45 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-16 21:45 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-16 21:45 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 21:45 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 21:45 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 21:45 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 21:45 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 21:45 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 21:45 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 21:45 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 21:45 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 21:45 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 21:45 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-16 21:44 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 21:44 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 21:44 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 21:44 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 21:44 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 21:44 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 21:42 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-16 21:42 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-16 21:42 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-16 21:42 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-16 21:42 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-16 21:42 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-16 21:42 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-16 21:42 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-16 21:23 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-16 21:19 - 2014-05-16 21:19 - 05087312 _____ (Systweak Inc ) C:\Users\arnold-\Downloads\rcp_chip_468_a.exe
2014-05-16 21:18 - 2014-05-16 21:18 - 00006769 _____ () C:\Users\arnold-\Desktop\eset.txt
2014-05-16 19:53 - 2014-05-16 19:53 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-16 18:14 - 2014-05-16 18:14 - 00000000 ____D () C:\Users\arnold-\AppData\Local\InstantUpdate
2014-05-16 18:07 - 2014-05-16 18:09 - 00007635 _____ () C:\Users\arnold-\AppData\Local\resmon.resmoncfg
2014-05-15 21:04 - 2014-05-15 21:04 - 00000000 ____D () C:\Users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 21:03 - 2014-05-17 13:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-15 21:03 - 2014-05-15 21:03 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-15 21:03 - 2014-05-15 21:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-15 21:02 - 2014-05-15 21:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-15 21:00 - 2014-05-15 21:01 - 88882192 _____ (AVAST Software) C:\Users\arnold-\Downloads\avast_free_antivirus_setup.exe
2014-05-11 17:00 - 2014-05-11 17:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-10 09:31 - 2014-05-17 13:58 - 00000000 ____D () C:\ProgramData\2992199F9A

==================== One Month Modified Files and Folders =======

2014-05-17 22:34 - 2014-05-17 22:34 - 00013642 _____ () C:\Users\arnold-\Desktop\FRST.txt
2014-05-17 22:34 - 2014-05-17 19:40 - 00000000 ____D () C:\FRST
2014-05-17 22:33 - 2014-05-17 22:33 - 00029696 _____ () C:\Users\arnold-\AppData\Local\MSGBOX.EXE
2014-05-17 22:33 - 2014-05-17 22:33 - 00015327 _____ () C:\Users\arnold-\Desktop\LM.bat
2014-05-17 22:32 - 2014-05-17 22:32 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Downloads\Nicht bestätigt 28716.crdownload
2014-05-17 22:32 - 2014-05-17 22:32 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Desktop\FRSTLauncher.exe
2014-05-17 22:28 - 2014-05-17 22:28 - 00002153 _____ () C:\Users\arnold-\Desktop\fixlist.txt
2014-05-17 22:28 - 2013-01-22 17:37 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 22:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-17 21:58 - 2013-01-12 15:07 - 02048233 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 21:40 - 2014-05-17 10:25 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-17 21:38 - 2013-09-16 19:31 - 00000000 ____D () C:\Users\arnold-\AppData\Local\CrashDumps
2014-05-17 21:36 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-17 21:32 - 2013-01-12 15:14 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2819954794-1862375091-3463940285-1001
2014-05-17 21:18 - 2013-01-22 17:37 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 21:18 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 21:17 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-17 21:07 - 2014-05-17 21:07 - 00042304 _____ () C:\Users\arnold-\Desktop\FRST3.txt
2014-05-17 20:24 - 2014-05-17 20:24 - 00002404 _____ () C:\Users\arnold-\Desktop\attach.txt
2014-05-17 20:21 - 2014-05-17 20:24 - 00012757 _____ () C:\Users\arnold-\Desktop\dds.txt
2014-05-17 20:11 - 2014-05-17 20:11 - 00688992 ____R (Swearware) C:\Users\arnold-\Desktop\dds.exe
2014-05-17 19:36 - 2014-05-17 19:36 - 00112640 _____ (forum.viry.cz) C:\Users\arnold-\Downloads\Nicht bestätigt 786945.crdownload
2014-05-17 19:34 - 2014-05-17 19:33 - 02067456 _____ (Farbar) C:\Users\arnold-\Desktop\FRST64.exe
2014-05-17 19:17 - 2014-05-17 19:16 - 00000000 ____D () C:\Program Files\trend micro
2014-05-17 19:09 - 2014-05-17 19:09 - 00000000 ____D () C:\rsit
2014-05-17 19:08 - 2014-05-17 19:08 - 00935175 _____ () C:\Users\arnold-\Downloads\RSITx64.exe
2014-05-17 18:01 - 2013-04-03 12:28 - 00129024 ___SH () C:\Users\arnold-\Downloads\Thumbs.db
2014-05-17 17:18 - 2013-01-22 18:39 - 00000230 _____ () C:\Users\arnold-\Desktop\Internet.txt
2014-05-17 13:58 - 2014-05-10 09:31 - 00000000 ____D () C:\ProgramData\2992199F9A
2014-05-17 13:25 - 2014-05-15 21:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-17 12:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-17 11:44 - 2013-01-12 15:08 - 00000000 ___RD () C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 11:44 - 2013-01-12 15:08 - 00000000 ___RD () C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 11:41 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-17 11:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-17 11:06 - 2012-09-03 08:24 - 00128132 _____ () C:\Windows\PFRO.log
2014-05-17 11:04 - 2014-05-17 10:49 - 00000000 ____D () C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 11:04 - 2014-01-15 22:02 - 00000000 ____D () C:\AdwCleaner
2014-05-17 10:57 - 2014-05-17 10:57 - 01325827 _____ () C:\Users\arnold-\Downloads\adwcleaner08 (1).exe
2014-05-17 10:56 - 2013-01-12 15:07 - 00000000 ____D () C:\Users\arnold-
2014-05-17 10:45 - 2012-07-26 10:18 - 00000000 ____D () C:\Windows\DigitalLocker
2014-05-17 10:27 - 2014-05-17 10:24 - 00001070 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-17 10:27 - 2014-05-17 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-17 10:27 - 2014-05-17 10:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-17 10:24 - 2014-05-17 10:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-17 10:07 - 2012-07-26 02:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-17 09:59 - 2014-05-17 09:59 - 00353101 _____ () C:\Users\arnold-\Downloads\MicrosoftFixit20084.mini.diagcab
2014-05-16 22:16 - 2013-08-16 12:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 22:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-16 21:58 - 2014-05-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-16 21:58 - 2014-05-16 21:57 - 00005058 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-05-16 21:58 - 2013-04-03 12:10 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-16 21:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-16 21:19 - 2014-05-16 21:19 - 05087312 _____ (Systweak Inc ) C:\Users\arnold-\Downloads\rcp_chip_468_a.exe
2014-05-16 21:18 - 2014-05-16 21:18 - 00006769 _____ () C:\Users\arnold-\Desktop\eset.txt
2014-05-16 19:53 - 2014-05-16 19:53 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-16 18:15 - 2013-04-11 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-05-16 18:14 - 2014-05-16 18:14 - 00000000 ____D () C:\Users\arnold-\AppData\Local\InstantUpdate
2014-05-16 18:09 - 2014-05-16 18:07 - 00007635 _____ () C:\Users\arnold-\AppData\Local\resmon.resmoncfg
2014-05-16 16:31 - 2013-01-22 17:40 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-15 21:04 - 2014-05-15 21:04 - 00000000 ____D () C:\Users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400180630484
2014-05-15 21:03 - 2014-05-15 21:03 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-15 21:03 - 2014-05-15 21:03 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-15 21:03 - 2014-05-15 21:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-15 21:03 - 2014-05-15 21:03 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-05-15 21:03 - 2014-05-15 21:03 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-15 21:02 - 2014-05-15 21:02 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-05-15 21:01 - 2014-05-15 21:00 - 88882192 _____ (AVAST Software) C:\Users\arnold-\Downloads\avast_free_antivirus_setup.exe
2014-05-15 16:52 - 2012-09-03 08:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-15 16:46 - 2012-09-03 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-05-15 16:46 - 2012-09-03 08:47 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-05-15 16:43 - 2012-09-03 08:47 - 00000000 ____D () C:\Program Files\Acer
2014-05-15 16:42 - 2013-01-12 15:28 - 00000000 ____D () C:\Users\arnold-\AppData\Local\clear.fi
2014-05-15 16:42 - 2012-09-03 08:47 - 00000000 ____D () C:\ProgramData\Acer
2014-05-15 10:23 - 2013-04-03 19:05 - 00000000 ____D () C:\Users\arnold-\AppData\Roaming\WildTangent
2014-05-15 10:23 - 2012-09-03 08:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-15 10:23 - 2012-09-03 08:40 - 00000000 ____D () C:\ProgramData\WildTangent
2014-05-11 17:02 - 2014-01-28 21:02 - 00026491 _____ () C:\Users\arnold-\Documents\Buchungen.ods
2014-05-11 17:00 - 2014-05-11 17:00 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-05-11 14:23 - 2013-01-22 17:37 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-11 14:23 - 2013-01-22 17:37 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-11 13:57 - 2013-01-12 15:27 - 00000000 ____D () C:\Users\arnold-\Documents\Bluetooth Folder
2014-05-11 13:09 - 2013-04-11 19:07 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-09 19:55 - 2012-09-22 10:17 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-05-09 19:55 - 2012-09-22 10:17 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-05-09 19:55 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 07:14 - 2014-05-16 21:44 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-16 21:44 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-16 21:44 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-16 21:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-16 21:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-16 21:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 17:12 - 2013-01-18 16:25 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\ProgramData\Setup_A1Servicecenter_RTM_1.3.0.37.exe


Some content of TEMP:
====================
C:\Users\arnold-\AppData\Local\Temp\AcerCloudDocsSetup.exe
C:\Users\arnold-\AppData\Local\Temp\AcerCloudSetup.exe
C:\Users\arnold-\AppData\Local\Temp\avgnt.exe
C:\Users\arnold-\AppData\Local\Temp\BackupSetup.exe
C:\Users\arnold-\AppData\Local\Temp\COMAP.EXE
C:\Users\arnold-\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\arnold-\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\arnold-\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\arnold-\AppData\Local\Temp\mbam-setup-2.0.0.1000.exe
C:\Users\arnold-\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\arnold-\AppData\Local\Temp\MSETUP4.EXE
C:\Users\arnold-\AppData\Local\Temp\oi_{9AE2A80E-DC9F-4C60-A935-E99D8C11DE1F}.exe
C:\Users\arnold-\AppData\Local\Temp\Quarantine.exe
C:\Users\arnold-\AppData\Local\Temp\sdanircmdc.exe
C:\Users\arnold-\AppData\Local\Temp\sdapskill.exe
C:\Users\arnold-\AppData\Local\Temp\sdaspwn.exe
C:\Users\arnold-\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-16 21:45] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-17 10:05

==================== End Of Log ============================

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 17 kvě 2014 21:51
od Rudy
Kliknul jste na >Fix<?

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 07:24
od pokerkan
Klikl jsem na Scan, nevdel jsem, ze mám kliknout na Fix - omlouvám se. Takze ted po Fixnuti:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014
Ran by arnold- at 2014-05-18 08:19:01 Run:1
Running from C:\Users\arnold-\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [A1Diagnose] => C:\Program Files (x86)\A1\A1 Diagnose\A1Diagnose.exe [20686472 2012-11-21] (mquadr.at software engineering and consulting GmbH, web: http://www.mquadr.at, mail: office@mquadr.at)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {bd6bbceb-d7e8-11e2-bef8-4c72b9b4d96e} - "E:\Autorun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1db84-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {d8c1ddc1-5cb4-11e2-be70-4c72b9b4d96e} - "E:\AutoRun.exe"
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\...\MountPoints2: {db488389-043a-11e2-be6b-806e6f6e6963} - "D:\Start.exe"
Startup: C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lfrlf3y8z.lnk
ShortcutTarget: lfrlf3y8z.lnk -> C:\PROGRA~3\299219~1\z8y3flrfl.cpp (No File)
URLSearchHook: HKCU - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKLM-x32 - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL = http://www.bing.com/search?q={searchTer ... &pc=MAARJS
SearchScopes: HKCU - DefaultScope {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
SearchScopes: HKCU - {8583A975-FC2E-4903-8EA6-31ED30A56C42} URL =
FF Plugin HKCU: BearSharePlugin - C:\Program Files (x86)\BearShare Applications\BearShare\npBearSharePlugin.dll No File
S2 Winmgmt; C:\PROGRA~3\2992199F9A\lfrlf3y8z.faa [X]
C:\ProgramData\2992199F9A
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\arnold-\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\A1Diagnose => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bd6bbceb-d7e8-11e2-bef8-4c72b9b4d96e} => Key deleted successfully.
HKCR\CLSID\{bd6bbceb-d7e8-11e2-bef8-4c72b9b4d96e} => Key not found.
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8c1db84-5cb4-11e2-be70-4c72b9b4d96e} => Key deleted successfully.
HKCR\CLSID\{d8c1db84-5cb4-11e2-be70-4c72b9b4d96e} => Key not found.
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d8c1ddc1-5cb4-11e2-be70-4c72b9b4d96e} => Key deleted successfully.
HKCR\CLSID\{d8c1ddc1-5cb4-11e2-be70-4c72b9b4d96e} => Key not found.
HKU\S-1-5-21-2819954794-1862375091-3463940285-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db488389-043a-11e2-be6b-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{db488389-043a-11e2-be6b-806e6f6e6963} => Key not found.
C:\Users\arnold-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lfrlf3y8z.lnk => Moved successfully.
C:\PROGRA~3\299219~1\z8y3flrfl.cpp not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8583A975-FC2E-4903-8EA6-31ED30A56C42} => Key deleted successfully.
HKCR\CLSID\{8583A975-FC2E-4903-8EA6-31ED30A56C42} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{8583A975-FC2E-4903-8EA6-31ED30A56C42} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8583A975-FC2E-4903-8EA6-31ED30A56C42} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8583A975-FC2E-4903-8EA6-31ED30A56C42} => Key deleted successfully.
HKCR\CLSID\{8583A975-FC2E-4903-8EA6-31ED30A56C42} => Key not found.
HKCU\Software\MozillaPlugins\BearSharePlugin => Key deleted successfully.
C:\Program Files (x86)\BearShare Applications\BearShare\npBearSharePlugin.dll not found.
Winmgmt => Service restored successfully.
C:\ProgramData\2992199F9A => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Users\arnold-\AppData\Local\Temp => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 10:36
od Rudy
Smazáno. Nyní poprosím o log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 12:37
od pokerkan
U tretího kroku hlásil program nejaky abort, ale nakonec se sám dokoncil,tak to snad bude v poradku.

ComboFix 14-05-16.01 - arnold- 18.05.2014 13:23:55.1.2 - x64
Microsoft Windows 8 6.2.9200.0.1252.43.1031.18.3912.2815 [GMT 2:00]
ausgeführt von:: c:\users\arnold-\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\arnold-\AppData\Local\TempDIR
c:\users\arnold-\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-18 bis 2014-05-18 ))))))))))))))))))))))))))))))
.
.
2014-05-18 11:31 . 2014-05-18 11:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-18 11:31 . 2014-05-18 11:31 -------- d-----w- c:\users\arnold-\AppData\Local\temp
2014-05-17 17:40 . 2014-05-18 06:19 -------- d-----w- C:\FRST
2014-05-17 17:16 . 2014-05-17 17:17 -------- d-----w- c:\program files\trend micro
2014-05-17 17:09 . 2014-05-17 17:09 -------- d-----w- C:\rsit
2014-05-17 10:05 . 2014-04-03 11:19 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-05-17 10:05 . 2014-04-03 03:44 619008 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-05-17 10:05 . 2014-03-24 22:56 309760 ----a-w- c:\windows\system32\wusa.exe
2014-05-17 10:05 . 2014-03-24 23:42 305152 ----a-w- c:\windows\SysWow64\wusa.exe
2014-05-17 09:38 . 2014-03-07 00:48 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-05-17 09:38 . 2014-03-07 00:08 2240000 ----a-w- c:\windows\system32\wininet.dll
2014-05-17 09:38 . 2013-02-21 10:14 53248 ----a-w- c:\windows\system32\jsproxy.dll
2014-05-17 09:38 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2014-05-17 09:38 . 2014-03-07 00:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2014-05-17 08:49 . 2014-05-17 09:04 -------- d-----w- C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 08:25 . 2014-05-18 11:17 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-17 08:24 . 2014-05-17 08:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-17 08:24 . 2014-05-17 08:24 -------- d-----w- c:\programdata\Malwarebytes
2014-05-17 08:24 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-17 08:24 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-17 08:24 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-17 08:16 . 2014-05-17 08:16 261808 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10239.bin
2014-05-16 19:58 . 2014-05-16 19:58 -------- d-----w- c:\programdata\Oracle
2014-05-16 19:58 . 2014-05-16 19:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-05-16 19:58 . 2014-04-14 18:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-16 19:44 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-16 19:44 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
2014-05-16 19:44 . 2014-05-06 03:26 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-16 19:44 . 2014-05-06 03:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-16 19:42 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-05-16 19:42 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-05-16 19:42 . 2014-02-26 23:18 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-05-16 19:42 . 2014-02-26 23:18 215040 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-05-16 19:42 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-05-16 19:42 . 2014-02-26 23:18 247808 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-05-16 19:42 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-05-16 19:23 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-16 17:53 . 2014-05-16 17:53 -------- d-----w- c:\program files (x86)\ESET
2014-05-16 16:14 . 2014-05-16 16:14 -------- d-----w- c:\users\arnold-\AppData\Local\InstantUpdate
2014-05-15 19:04 . 2014-05-15 19:04 -------- d-----w- c:\users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 19:03 . 2014-05-15 19:03 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-15 19:03 . 2014-05-15 19:03 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 19:03 . 2014-05-15 19:03 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-15 19:03 . 2014-05-15 19:03 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-15 19:03 . 2014-05-15 19:03 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-15 19:03 . 2014-05-15 19:03 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-15 19:03 . 2014-05-15 19:03 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-15 19:03 . 2014-05-15 19:03 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-15 19:03 . 2014-05-15 19:03 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-15 19:03 . 2014-05-15 19:03 43152 ----a-w- c:\windows\avastSS.scr
2014-05-15 19:03 . 2014-05-15 19:03 -------- d-----w- c:\program files\AVAST Software
2014-05-15 19:02 . 2014-05-15 19:02 -------- d-----w- c:\programdata\AVAST Software
2014-05-11 15:00 . 2014-05-11 15:00 -------- d-----w- c:\programdata\BlueStacks
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-17 08:07 . 2012-07-26 00:18 197120 ----a-w- c:\windows\system32\msrating.dll
2014-05-04 15:12 . 2013-01-18 14:25 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-03-19 13:27 . 2014-03-19 13:27 76496 ----a-w- c:\windows\system32\drivers\dc3d.sys
2014-03-19 13:27 . 2014-03-19 13:27 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-03-04 22:52 . 2013-12-03 05:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 22:52 . 2013-12-03 05:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2012-07-25 508656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-15 3873704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2012-07-26 62976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Acer Backup Manager Tray.lnk - c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k [2012-8-23 533568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R4 DeviceFastLaneService;Device Fast-lane Service;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R4 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
R4 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe;c:\program files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\System32\drivers\dc3d.sys;c:\windows\SYSNATIVE\drivers\dc3d.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-16 14:29 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-15 19:03 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-27 12937872]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-07-10 1214608]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2012-08-24 655256]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-10 64640]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} - c:\program files\Avira Secure Backup\ShellExtension\ShellExtension.dll
ShellIconOverlayIdentifiers-{2CDD871E-60EB-40BD-9721-A1CB57042F75} - c:\program files\Avira Secure Backup\ShellExtension\ShellExtension.dll
ShellIconOverlayIdentifiers-{95DDC869-FC98-4D47-BD34-2EDC9AA09C01} - c:\program files\Avira Secure Backup\ShellExtension\ShellExtension.dll
ShellIconOverlayIdentifiers-{B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} - c:\program files\Avira Secure Backup\ShellExtension\ShellExtension.dll
Wow6432Node-HKCU-Run-BearShare - c:\program files (x86)\BearShare Applications\BearShare\BearShare.exe
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} - c:\program files\Avira Secure Backup\ShellExtensionx64\ShellExtension.dll
ShellIconOverlayIdentifiers-{2CDD871E-60EB-40BD-9721-A1CB57042F75} - c:\program files\Avira Secure Backup\ShellExtensionx64\ShellExtension.dll
ShellIconOverlayIdentifiers-{95DDC869-FC98-4D47-BD34-2EDC9AA09C01} - c:\program files\Avira Secure Backup\ShellExtensionx64\ShellExtension.dll
AddRemove-5657a3f2-3ddc-43cb-a58f-24f3f30946bc - c:\program files (x86)\Re-markit\Uninstall.exe
AddRemove-flash-Enhancer - c:\program files (x86)\AmiExt\flashEnhancer\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2014-05-18 13:34:31
ComboFix-quarantined-files.txt 2014-05-18 11:34
.
Vor Suchlauf: 12 Verzeichnis(se), 437 195 886 592 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 437 071 998 976 Bytes frei
.
- - End Of File - - 59281DA45605C8B0C35E16813848C144

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 17:56
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 19:01
od pokerkan
Tak nevím jestli to probehlo uplne korektne, pri restartu to hlasilo nejakou chybu s konfiguraci (asi Update), ale nestihl jsem to precist, protoze se mi to preplo na prihlasení. Také mi zmizel avast ze systray, zapnul jsem ve vlastnostech zobrazovat symbol i hlaseni, ale stejne ho nevidim. Jinak moc dekuji za neustalou podporu, rano jsem prevedl kilco na vas ucet - zaslouzite si ho.

ComboFix 14-05-16.01 - arnold- 18.05.2014 19:36:54.2.2 - x64
Microsoft Windows 8 6.2.9200.0.1252.43.1031.18.3912.2513 [GMT 2:00]
ausgeführt von:: c:\users\arnold-\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\arnold-\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-18 bis 2014-05-18 ))))))))))))))))))))))))))))))
.
.
2014-05-18 17:45 . 2014-05-18 17:47 -------- d-----w- c:\users\arnold-\AppData\Local\temp
2014-05-18 17:45 . 2014-05-18 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-17 17:40 . 2014-05-18 06:19 -------- d-----w- C:\FRST
2014-05-17 17:16 . 2014-05-17 17:17 -------- d-----w- c:\program files\trend micro
2014-05-17 17:09 . 2014-05-17 17:09 -------- d-----w- C:\rsit
2014-05-17 10:05 . 2014-04-03 11:19 328024 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2014-05-17 10:05 . 2014-04-03 03:44 619008 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-05-17 10:05 . 2014-03-24 22:56 309760 ----a-w- c:\windows\system32\wusa.exe
2014-05-17 10:05 . 2014-03-24 23:42 305152 ----a-w- c:\windows\SysWow64\wusa.exe
2014-05-17 09:38 . 2014-03-07 00:48 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-05-17 09:38 . 2014-03-07 00:08 2240000 ----a-w- c:\windows\system32\wininet.dll
2014-05-17 09:38 . 2013-02-21 10:14 53248 ----a-w- c:\windows\system32\jsproxy.dll
2014-05-17 09:38 . 2013-04-28 22:30 108032 ----a-w- c:\program files (x86)\Internet Explorer\jsdebuggeride.dll
2014-05-17 09:38 . 2014-03-07 00:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2014-05-17 08:49 . 2014-05-17 09:04 -------- d-----w- C:\854fa3cff075c68dac2b8ba3e722
2014-05-17 08:25 . 2014-05-18 17:47 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-17 08:24 . 2014-05-17 08:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-05-17 08:24 . 2014-05-17 08:24 -------- d-----w- c:\programdata\Malwarebytes
2014-05-17 08:24 . 2014-04-03 07:51 63192 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-17 08:24 . 2014-04-03 07:51 88280 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-17 08:24 . 2014-04-03 07:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-17 08:16 . 2014-05-17 08:16 261808 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10239.bin
2014-05-16 19:58 . 2014-05-16 19:58 -------- d-----w- c:\programdata\Oracle
2014-05-16 19:58 . 2014-05-16 19:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-05-16 19:58 . 2014-04-14 18:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-16 19:44 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-16 19:44 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
2014-05-16 19:44 . 2014-05-06 03:26 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-16 19:44 . 2014-05-06 03:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-16 19:42 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2014-05-16 19:42 . 2014-03-01 09:47 1120768 ----a-w- c:\windows\system32\gpedit.dll
2014-05-16 19:42 . 2014-02-26 23:18 370688 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2014-05-16 19:42 . 2014-02-26 23:18 215040 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2014-05-16 19:42 . 2014-03-01 08:07 1075200 ----a-w- c:\windows\SysWow64\gpedit.dll
2014-05-16 19:42 . 2014-02-26 23:18 247808 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-05-16 19:42 . 2014-02-15 04:15 78336 ----a-w- c:\windows\system32\drivers\IPMIDrv.sys
2014-05-16 19:23 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-16 17:53 . 2014-05-16 17:53 -------- d-----w- c:\program files (x86)\ESET
2014-05-16 16:14 . 2014-05-16 16:14 -------- d-----w- c:\users\arnold-\AppData\Local\InstantUpdate
2014-05-15 19:04 . 2014-05-15 19:04 -------- d-----w- c:\users\arnold-\AppData\Roaming\AVAST Software
2014-05-15 19:03 . 2014-05-15 19:03 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-15 19:03 . 2014-05-15 19:03 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 19:03 . 2014-05-15 19:03 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-15 19:03 . 2014-05-15 19:03 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-15 19:03 . 2014-05-15 19:03 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-15 19:03 . 2014-05-15 19:03 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-15 19:03 . 2014-05-15 19:03 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-15 19:03 . 2014-05-15 19:03 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-15 19:03 . 2014-05-15 19:03 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-15 19:03 . 2014-05-15 19:03 43152 ----a-w- c:\windows\avastSS.scr
2014-05-15 19:03 . 2014-05-15 19:03 -------- d-----w- c:\program files\AVAST Software
2014-05-15 19:02 . 2014-05-15 19:02 -------- d-----w- c:\programdata\AVAST Software
2014-05-11 15:00 . 2014-05-11 15:00 -------- d-----w- c:\programdata\BlueStacks
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-17 08:07 . 2012-07-26 00:18 197120 ----a-w- c:\windows\system32\msrating.dll
2014-05-04 15:12 . 2013-01-18 14:25 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-03-19 13:27 . 2014-03-19 13:27 76496 ----a-w- c:\windows\system32\drivers\dc3d.sys
2014-03-19 13:27 . 2014-03-19 13:27 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2014-03-04 22:52 . 2013-12-03 05:53 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 22:52 . 2013-12-03 05:53 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="c:\dolby pcee4\pcee4.exe" [2012-07-25 508656]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-05-15 3873704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2012-07-26 62976]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Acer Backup Manager Tray.lnk - c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k [2012-8-23 533568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R4 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
R4 DeviceFastLaneService;Device Fast-lane Service;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe;c:\program files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [x]
R4 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
R4 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R4 RfButtonDriverService;Dritek RF Button Command Service;c:\windows\RfBtnSvc64.exe;c:\windows\RfBtnSvc64.exe [x]
R4 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe;c:\program files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\System32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\System32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\System32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\System32\drivers\dc3d.sys;c:\windows\SYSNATIVE\drivers\dc3d.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;c:\windows\System32\drivers\aPs2Kb2Hid.sys;c:\windows\SYSNATIVE\drivers\aPs2Kb2Hid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-16 14:29 1077576 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-15 19:03 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-27 12937872]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-07-10 1214608]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2012-08-24 655256]
"BtPreLoad"="c:\program files (x86)\Bluetooth Suite\BtPreLoad.exe" [2012-08-10 64640]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-03-14 2779024]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} - (no file)
ShellIconOverlayIdentifiers-{2CDD871E-60EB-40BD-9721-A1CB57042F75} - (no file)
ShellIconOverlayIdentifiers-{95DDC869-FC98-4D47-BD34-2EDC9AA09C01} - (no file)
AddRemove-5657a3f2-3ddc-43cb-a58f-24f3f30946bc - c:\program files (x86)\Re-markit\Uninstall.exe
AddRemove-flash-Enhancer - c:\program files (x86)\AmiExt\flashEnhancer\uninstall.exe
.
.
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
c:\program files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-18 19:52:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-05-18 17:52
ComboFix2.txt 2014-05-18 11:34
.
Vor Suchlauf: 15 Verzeichnis(se), 436 982 222 848 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 436 807 946 240 Bytes frei
.
- - End Of File - - 510B209DFEBD2E9F5FBF3E2D27B43B31

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 19:34
od Rudy
Avast zkuste přeinstalovat. Za příspěvek děkujeme. Problémy pominuly? CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe .

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 19:51
od pokerkan
Tak ikonka Avastu se už vrátila po restartu, proběhly i nějaké updaty, Centrum akcí už také funguje. Vypadá to slibně... Moc děkuji za pomoc !

Re: Nejde spustit Centrum akcí, Windows update apod.

Napsal: 18 kvě 2014 20:33
od Rudy
OK, rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz