Pomale zapnutí Win7

kedar700 · Příspěvekod **kedar700** » 06 pro 2016 15:52

Dobrý den,
Mám problém, že se mi počitač zapina strašně dlouho okolo 3-5 minut. Přitom před měsícem se zapinal do 30sec :( tento problem se objevil při odstraňovani viru, který jsem tu také řešil ale nedavál jsem tomu pozornost protože jsem myslel že to dělaji ty softwary co ty viry hledaj .Po odinstalaci všech těchto softweru se zapina pořád stejně dlouho i když jsem zakazal většinu programu při spuštění, ktere před tim měsícem tam byli zaple a pouštělo se to krasně :)

My PC:
CPU:Intel i7 4790k 4,2GHz
RAM:Kingston 24GB HyperX 2133MHz
GPU:ASUS GTX 980Ti STRIX 6GB
SSD:Kingston HyperX 3K SSD 120GB
HDD:Samsung 1TB
HDD:WD 3TB
HDD:WD 1TB

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:52:22, on 6.12.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)

FIREFOX: 50.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\ProgramFiles\Steam.exe
C:\Users\Kedar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Users\Kedar\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
D:\ProgramFiles\bin\cef\cef.winxp\steamwebhelper.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Kedar\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
C:\Users\Kedar\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "D:\ProgramFiles\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Kedar\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://D:\Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://D:\Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15811 bytes

Reklama

Příspěvekod **jaro3** » 06 pro 2016 17:36

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).

kedar700 · Příspěvekod **kedar700** » 07 pro 2016 16:42

# AdwCleaner v6.040 - Log vytvořen 07/12/2016 v 16:24:06
# Aktualizováno dne 02/12/2016 z Malwarebytes
# Databáze : 2016-12-06.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Kedar - KEDAR-PC
# Spuštěno z : C:\Users\Kedar\Desktop\AdwCleaner.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.

***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.

***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.

***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.

***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.

***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.

***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.

***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.

***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1226 Bajty] - [07/12/2016 16:24:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1299 Bajty] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 7.12.2016
Čas skenování: 16:35
Protokol:
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.12.07.09
Databáze rootkitů: v2016.11.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Kedar

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 365045
Uplynulý čas: 3 min, 10 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 07 pro 2016 18:30

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

kedar700 · Příspěvekod **kedar700** » 08 pro 2016 20:36

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64
Ran by Kedar (Administrator) on źt 08.12.2016 at 19:22:08,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 8

Failed to delete: C:\Users\Kedar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPUMOQ94 (Temporary Internet Files Folder)
Failed to delete: C:\Users\Kedar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GUCEKK76 (Temporary Internet Files Folder)
Failed to delete: C:\Users\Kedar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHJQ3VX6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Kedar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1J4VGPQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPUMOQ94 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GUCEKK76 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HHJQ3VX6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O1J4VGPQ (Temporary Internet Files Folder)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 08.12.2016 at 19:23:24,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V12.8.4.0 (x64) [Dec 5 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Kedar [Práva správce]
Started from : C:\Users\Kedar\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 12/08/2016 20:12:33 (Duration : 00:12:44)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD30EZRX-00D8PB0 ATA Device +++++
--- User ---
[MBR] b5c6aed277941cb8a020506b010bd055
[BSP] d315ecd390fc7ec38c4fa8a54308aaa0 : Empty|VT.Unknown MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] ecfadfcb8219766dcb1ddab92296ca62
[BSP] d8c28a36f20a8c9cbbe4c57e4cd693c2 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ST310005 28AS SCSI Disk Device +++++
--- User ---
[MBR] f99e4a65ab8e98d6a7c0813fb6a31583
[BSP] 1265d69031db80ddf1e85317123e9012 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: KINGSTON SH103S3120G SCSI Disk Device +++++
--- User ---
[MBR] 7778f631cfcdee0060c832cc2d59c8e9
[BSP] 612f36a36335bad5a5dcc0cb72c0909e : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Příspěvekod **jaro3** » 08 pro 2016 22:19

Vypni antivir i firewall.
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + informuj o problémech

kedar700 · Příspěvekod **kedar700** » 10 pro 2016 11:37

Problem pořád stejny načte vitejte a pak black screen

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Kedar on so 10.12.2016 at 11:07:13,28.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kedar\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-12-09-143932.log 2937 bytes
C:\zoek-results2016-12-10-090721.log 2619 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [13.09.2016 16:23]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [13.09.2016 16:23]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default
83FCFA3C1E0D7523C21CCFBF336D2687 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll - Shockwave Flash

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]

Easy Auto Refresh - Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Avast SafePrice - Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Chrome Media Router - Kedar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kedar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Kedar\AppData\Local\Mozilla\Firefox\Profiles\ibxyzb8e.default\cache2 emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++plus.google.com\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++steamstat.us\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++studentmag.topzine.cz\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++tvjoj.onesignal.com\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++twitter.com\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++walkinto.in\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++www.dropbox.com\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++www.letemsvetemapplem.eu\cache emptied successfully
C:\Users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\storage\default\https+++www.svetandroida.cz\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Kedar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Kedar\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kedar\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 10.12.2016 at 11:19:54,24 ======================

Zemana AntiMalware 2.70.2.25 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016.12.10
Operating System : Windows 7 64-bit
Processor : 8X Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
BIOS Mode : Legacy
CUID : 12A128054FC0BD8C9B6786
Scan Type : System Scan
Duration : 1m 10s
Scanned Objects : 114328
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Hosts File
Status : Scanned
Object : %systemroot%\system32\drivers\etc\hosts
MD5 : 138AA29868C16ED60D4890BF4197A709
Publisher : -
Size : 841
Version : -
Detection : Hosts Hijack
Cleaning Action : Repair
Related Objects :
Hosts file - 127.0.0.1 - ca
File - %systemroot%\system32\drivers\etc\hosts

Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-12-10 11:32:17
-----------------------------
11:32:17.192 OS Version: Windows x64 6.1.7601 Service Pack 1
11:32:17.192 Number of processors: 8 586 0x3C03
11:32:17.193 ComputerName: KEDAR-PC UserName: Kedar
11:32:17.478 Initialize success
11:32:17.500 VM: initialized successfully
11:32:17.502 VM: Intel CPU BiosDisabled
11:32:24.983 AVAST engine defs: 16120901
11:32:40.278 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
11:32:40.282 Disk 0 Vendor: WDC_WD30EZRX-00D8PB0 80.00A80 Size: 2861588MB BusType: 11
11:32:40.293 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0
11:32:40.297 Disk 1 Vendor: SAMSUNG_HD103SJ 1AJ10001 Size: 953869MB BusType: 11
11:32:40.303 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000077
11:32:40.308 Disk 2 Vendor: ST310005 CC38 Size: 953869MB BusType: 11
11:32:40.314 Disk 3 (boot) \Device\Harddisk3\DR3 -> \Device\00000079
11:32:40.320 Disk 3 Vendor: KINGSTON 521A Size: 114473MB BusType: 11
11:32:40.335 Disk 3 MBR read successfully
11:32:40.342 Disk 3 MBR scan
11:32:40.347 Disk 3 Windows 7 default MBR code
11:32:40.352 Disk 3 Partition 1 80 (A) 07 HPFS/NTFS NTFS 114471 MB offset 2048
11:32:40.358 Disk 3 Boot: NTFS code=1
11:32:40.366 Disk 3 scanning C:\Windows\system32\drivers
11:32:41.679 Service scanning
11:32:45.891 Modules scanning
11:32:45.902 Disk 3 trace - called modules:
11:32:45.916 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
11:32:45.924 1 nt!IofCallDriver -> \Device\Harddisk3\DR3[0xfffffa800d477060]
11:32:45.933 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa800cea5c50]
11:32:45.941 5 iaStorF.sys[fffff88001694f84] -> nt!IofCallDriver -> \Device\00000079[0xfffffa800ccbc060]
11:32:46.317 AVAST engine scan C:\Windows
11:32:46.669 AVAST engine scan C:\Windows\system32
11:33:19.999 AVAST engine scan C:\Windows\system32\drivers
11:33:22.037 AVAST engine scan C:\Users\Kedar
11:33:47.665 File: C:\Users\Kedar\Desktop\zoek(1).exe **INFECTED** Win32:Malware-gen
11:33:47.689 File: C:\Users\Kedar\Desktop\zoek.exe **INFECTED** Win32:Malware-gen
11:33:51.715 AVAST engine scan C:\ProgramData
11:34:09.093 Disk 3 statistics 6166140/0/0 @ 81,56 MB/s
11:34:09.096 Scan finished successfully
11:34:16.407 Disk 3 MBR has been saved successfully to "C:\Users\Kedar\Desktop\MBR.dat"
11:34:16.410 The log file has been saved successfully to "C:\Users\Kedar\Desktop\aswMBR.txt"

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:35:34, on 10.12.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
D:\ProgramFiles\Steam.exe
C:\Users\Kedar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Users\Kedar\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
D:\ProgramFiles\bin\cef\cef.winxp\steamwebhelper.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Kedar\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Kedar\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "D:\ProgramFiles\steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Kedar\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Kedar\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://D:\Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://D:\Office\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzSurroundVADStreamingService - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Common Connectivity Framework (STCServ) - Intel Corporation - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 14866 bytes

Příspěvekod **jaro3** » 11 pro 2016 09:21

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

kedar700 · Příspěvekod **kedar700** » 12 pro 2016 15:19

ComboFix 16-12-06.01 - Kedar 12.12.2016 15:13:41.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16384.13162 [GMT 1:00]
Spuštěný z: c:\users\Kedar\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kedar\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-11-12 do 2016-12-12 )))))))))))))))))))))))))))))))
.
.
2016-12-12 14:16 . 2016-12-12 14:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-12-11 15:00 . 2016-12-11 15:00 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2016-12-10 10:22 . 2016-12-10 10:22 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2016-12-10 10:22 . 2016-12-10 10:22 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2016-12-10 10:22 . 2016-12-12 09:01 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2016-12-10 10:22 . 2016-12-10 10:22 -------- d-----w- c:\users\Kedar\AppData\Local\Zemana
2016-12-10 10:16 . 2016-12-12 14:16 -------- d-----w- c:\users\Kedar\AppData\Local\Temp
2016-12-10 10:16 . 2016-12-10 10:07 24064 ----a-w- c:\windows\zoek-delete.exe
2016-12-10 09:53 . 2016-12-10 09:53 -------- d-----w- c:\users\Kedar\AppData\Local\TeamViewer
2016-12-09 19:15 . 2016-12-09 19:16 -------- d-----w- c:\users\Kedar\AppData\Roaming\AirshipsGame
2016-12-09 18:06 . 2016-12-09 18:06 -------- d-----w- c:\users\Kedar\AppData\Roaming\Promotion Software GmbH
2016-12-09 14:31 . 2016-12-09 14:31 -------- d-----w- C:\zoek_backup
2016-12-07 15:23 . 2016-12-07 15:24 -------- d-----w- C:\AdwCleaner
2016-12-07 15:21 . 2016-12-09 17:18 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-12-07 15:21 . 2016-12-07 15:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-12-07 15:21 . 2016-03-10 13:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-12-07 15:21 . 2016-03-10 13:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-12-07 15:21 . 2016-03-10 13:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-12-03 12:55 . 2016-12-03 12:55 -------- d-----w- c:\users\Kedar\AppData\Roaming\MPC-HC
2016-11-30 19:43 . 2016-11-30 19:43 -------- d-----w- c:\users\Kedar\Cisco Packet Tracer 7.0
2016-11-19 13:54 . 2016-11-19 13:54 -------- d-----w- c:\users\Kedar\AppData\Roaming\Factorio
2016-11-17 15:55 . 2016-11-17 15:55 -------- d-----w- c:\users\Kedar\AppData\Local\Colossal Order
2016-11-17 14:40 . 2016-11-17 14:49 -------- d-----w- c:\program files\Adobe
2016-11-17 14:14 . 2016-11-17 14:38 -------- d-----w- c:\users\Kedar\AppData\Roaming\avidemux
2016-11-17 11:39 . 2016-11-17 11:39 -------- d-----w- c:\users\Kedar\AppData\Roaming\Atari
2016-11-17 09:43 . 2016-11-17 09:43 -------- d-----w- c:\programdata\Sophos
2016-11-17 09:43 . 2016-11-17 09:43 -------- d-----w- c:\program files (x86)\Sophos
2016-11-16 17:22 . 2016-11-17 10:53 -------- d-sh--w- c:\users\Kedar\6FfDVvSzsUk0gBUp
2016-11-16 17:22 . 2016-11-16 17:22 -------- d-----w- c:\users\Kedar\AppData\Local\fYWackaApf
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-12 13:48 . 2016-03-17 16:58 1048576 ----a-w- c:\windows\PE_Rom.dll
2016-12-08 19:12 . 2016-06-10 13:08 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-12-08 16:12 . 2016-04-05 11:23 226168 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2016-12-08 16:12 . 2016-04-05 11:23 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-11-09 21:30 . 2016-03-17 17:47 141011376 -c--a-w- c:\windows\system32\MRT.exe
2016-11-09 16:12 . 2016-03-17 17:10 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-11-09 16:12 . 2016-03-17 17:10 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-11-02 15:36 . 2016-11-09 14:50 382696 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 15:32 . 2016-11-09 14:50 41472 ----a-w- c:\windows\system32\lpk.dll
2016-11-02 15:32 . 2016-11-09 14:50 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-11-02 15:32 . 2016-11-09 14:50 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-11-02 15:32 . 2016-11-09 14:50 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-11-02 15:22 . 2016-11-09 14:50 308456 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-11-02 15:16 . 2016-11-09 14:50 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-11-02 15:16 . 2016-11-09 14:50 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-11-02 15:16 . 2016-11-09 14:50 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-11-02 14:53 . 2016-11-09 14:50 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-10-30 10:45 . 2016-03-28 18:29 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-10-28 03:59 . 2016-11-09 14:50 394440 ----a-w- c:\windows\system32\iedkcs32.dll
2016-10-27 19:13 . 2016-11-09 14:50 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-10-27 19:13 . 2016-11-09 14:50 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-10-27 18:55 . 2016-11-09 14:50 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-10-27 18:54 . 2016-11-09 14:50 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-10-27 18:54 . 2016-11-09 14:50 417792 ----a-w- c:\windows\system32\html.iec
2016-10-27 18:53 . 2016-11-09 14:50 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-10-27 18:53 . 2016-11-09 14:50 576000 ----a-w- c:\windows\system32\vbscript.dll
2016-10-27 18:51 . 2016-11-09 14:50 2896384 ----a-w- c:\windows\system32\iertutil.dll
2016-10-27 18:44 . 2016-11-09 14:50 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-10-27 18:43 . 2016-11-09 14:50 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-10-27 18:38 . 2016-11-09 14:50 615936 ----a-w- c:\windows\system32\ieui.dll
2016-10-27 18:37 . 2016-11-09 14:50 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-10-27 18:37 . 2016-11-09 14:50 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-10-27 18:37 . 2016-11-09 14:50 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-10-27 18:37 . 2016-11-09 14:50 817664 ----a-w- c:\windows\system32\jscript.dll
2016-10-27 18:28 . 2016-11-09 14:50 25763328 ----a-w- c:\windows\system32\mshtml.dll
2016-10-27 18:28 . 2016-11-09 14:50 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-10-27 18:24 . 2016-11-09 14:50 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-10-27 18:19 . 2016-11-09 14:50 6047744 ----a-w- c:\windows\system32\jscript9.dll
2016-10-27 18:15 . 2016-11-09 14:50 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-10-27 18:13 . 2016-11-09 14:50 107520 ----a-w- c:\windows\system32\inseng.dll
2016-10-27 18:09 . 2016-11-09 14:50 199680 ----a-w- c:\windows\system32\msrating.dll
2016-10-27 18:08 . 2016-11-09 14:50 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-10-27 18:05 . 2016-11-09 14:50 315392 ----a-w- c:\windows\system32\dxtrans.dll
2016-10-27 18:02 . 2016-11-09 14:50 152064 ----a-w- c:\windows\system32\occache.dll
2016-10-27 17:49 . 2016-11-09 14:50 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-10-27 17:46 . 2016-11-09 14:50 725504 ----a-w- c:\windows\system32\ie4uinit.exe
2016-10-27 17:46 . 2016-11-09 14:50 806912 ----a-w- c:\windows\system32\msfeeds.dll
2016-10-27 17:44 . 2016-11-09 14:50 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-10-27 17:44 . 2016-11-09 14:50 2131456 ----a-w- c:\windows\system32\inetcpl.cpl
2016-10-27 17:17 . 2016-11-09 14:50 15257088 ----a-w- c:\windows\system32\ieframe.dll
2016-10-27 17:16 . 2016-11-09 14:50 2920448 ----a-w- c:\windows\system32\wininet.dll
2016-10-27 17:03 . 2016-11-09 14:50 1543680 ----a-w- c:\windows\system32\urlmon.dll
2016-10-27 16:54 . 2016-11-09 14:50 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-10-27 14:50 . 2016-10-27 14:50 715038 ----a-w- c:\windows\unins000.exe
2016-10-25 15:02 . 2016-11-09 14:50 3219456 ----a-w- c:\windows\system32\win32k.sys
2016-10-22 17:54 . 2016-11-09 14:50 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-10-22 17:36 . 2016-11-09 14:50 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-10-22 17:36 . 2016-11-09 14:50 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-10-22 17:35 . 2016-11-09 14:50 498688 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-10-22 17:35 . 2016-11-09 14:50 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-10-22 17:34 . 2016-11-09 14:50 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-10-22 17:21 . 2016-11-09 14:50 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-10-22 17:20 . 2016-11-09 14:50 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-10-22 17:04 . 2016-11-09 14:50 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-10-22 16:44 . 2016-11-09 14:50 4608000 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-10-22 16:43 . 2016-11-09 14:50 2055680 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-10-22 16:43 . 2016-11-09 14:50 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-10-22 16:12 . 2016-11-09 14:50 2444800 ----a-w- c:\windows\SysWow64\wininet.dll
2016-10-15 15:31 . 2016-11-09 14:50 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-10-15 15:31 . 2016-11-09 14:50 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-10-15 15:13 . 2016-11-09 14:50 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-10-15 15:13 . 2016-11-09 14:50 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-10-13 11:20 . 2016-03-17 18:20 293352 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-10-11 15:37 . 2016-11-09 14:50 370920 ----a-w- c:\windows\system32\clfs.sys
2016-10-11 15:32 . 2016-12-04 11:10 345600 ----a-w- c:\windows\system32\schannel.dll
2016-10-11 15:32 . 2016-12-04 11:10 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-10-11 15:31 . 2016-11-09 14:50 1068544 ----a-w- c:\windows\system32\msctf.dll
2016-10-11 15:31 . 2016-11-09 14:50 878080 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-10-11 15:31 . 2016-11-09 14:50 457216 ----a-w- c:\windows\system32\imkr80.ime
2016-10-11 15:31 . 2016-11-09 14:50 176128 ----a-w- c:\windows\system32\tintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\quick.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\qintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\phon.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\chajei.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\cintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 132608 ----a-w- c:\windows\system32\pintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 1148416 ----a-w- c:\windows\system32\IMJP10.IME
2016-10-11 15:31 . 2016-11-09 14:50 246784 ----a-w- c:\windows\system32\input.dll
2016-10-11 15:18 . 2016-12-04 11:10 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-10-11 15:18 . 2016-12-04 11:10 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-10-11 15:18 . 2016-11-09 14:50 829952 ----a-w- c:\windows\SysWow64\msctf.dll
2016-10-11 15:18 . 2016-11-09 14:50 90112 ----a-w- c:\windows\SysWow64\pintlgnt.ime
2016-10-11 15:18 . 2016-11-09 14:50 701440 ----a-w- c:\windows\SysWow64\IMJP10K.DLL
2016-10-11 15:18 . 2016-11-09 14:50 430080 ----a-w- c:\windows\SysWow64\imkr80.ime
2016-10-11 15:18 . 2016-11-09 14:50 126976 ----a-w- c:\windows\SysWow64\tintlgnt.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\quick.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\qintlgnt.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\phon.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\chajei.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\cintlgnt.ime
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-10-11 11:21 1743664 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-10-11 11:21 1743664 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-10-11 11:21 1743664 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-11-15 27219928]
"Steam"="d:\programfiles\steam.exe" [2016-10-13 2860832]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2016-10-18 7943072]
"Spotify Web Helper"="c:\users\Kedar\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-12-08 1444976]
"Spotify"="c:\users\Kedar\AppData\Roaming\Spotify\Spotify.exe" [2016-12-08 7095408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-15 9080768]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2016-08-22 596640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2016-04-07 2313408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys;c:\windows\SYSNATIVE\DRIVERS\awealloc.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VSStandardCollectorService140;Visual Studio Standard Collector Service;d:\visual\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;d:\visual\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsRamDisk;ASUS Ram Disk Driver;c:\windows\system32\DRIVERS\asramdisk.sys;c:\windows\SYSNATIVE\DRIVERS\asramdisk.sys [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 RzSurroundVADStreamingService;RzSurroundVADStreamingService;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [x]
S2 STCServ;Intel(R) Common Connectivity Framework;c:\program files\Intel\STCServ\STCServ.exe;c:\program files\Intel\STCServ\STCServ.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 ATP;ASUS Touchpad;c:\windows\system32\DRIVERS\AsusTP.sys;c:\windows\SYSNATIVE\DRIVERS\AsusTP.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 RZSURROUNDVADService;Razer Surround Audio Service;c:\windows\system32\drivers\RzSurroundVAD.sys;c:\windows\SYSNATIVE\drivers\RzSurroundVAD.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-17 16:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-04-01 21:18 426160 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-04-01 21:18 426160 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-04-01 21:18 426160 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-10-11 11:17 2351920 ----a-w- d:\office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-10-11 11:17 2351920 ----a-w- d:\office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-10-11 11:17 2351920 ----a-w- d:\office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-09-13 15:23 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-06 7573720]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-04-11 36352]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"IntelConnectCenter"="c:\program files\Intel\ConnectCenter\bin\ICCLauncher.exe" [2015-03-16 90112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-09-30 1842624]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-06-21 662016]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-03-22 508128]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2016-12-09 14011120]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do Microsoft Excelu - d:\office\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - d:\office\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{04fa3a35-1f49-4510-8051-819cdc1e6e01} - c:\programdata\Package Cache\{04fa3a35-1f49-4510-8051-819cdc1e6e01}\vs_community.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{0f3d8dd5-54af-4404-a01c-4967e485a065} - c:\programdata\Package Cache\{0f3d8dd5-54af-4404-a01c-4967e485a065}\CCF_Manager.exe
AddRemove-{2b6a696c-656b-45d8-962b-bd4ccd22e8e7} - c:\programdata\Package Cache\{2b6a696c-656b-45d8-962b-bd4ccd22e8e7}\VS14-KB3151378.exe
AddRemove-{2e085fd2-a3e4-4b39-8e10-6b8d35f55244} - c:\programdata\Package Cache\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\VC_redist.x86.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{463d5540-8dfd-4eef-92e5-b729b3b73cfb} - c:\programdata\Package Cache\{463d5540-8dfd-4eef-92e5-b729b3b73cfb}\NDP461-DevPack-KB3105179-ENU.exe
AddRemove-{78c1b501-a6eb-4f29-88c5-84189564827e} - c:\programdata\Package Cache\{78c1b501-a6eb-4f29-88c5-84189564827e}\VS2015.2.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{c6c5a357-c7ca-4a5f-9789-3bb1af579253} - c:\programdata\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{dab68466-3a7d-41a8-a5cf-415e3ff8ef71} - c:\programdata\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe
AddRemove-{f246427c-ba07-4464-839c-d9e302f19375} - c:\programdata\Package Cache\{f246427c-ba07-4464-839c-d9e302f19375}\NDP461-DevPack-KB3105179-CSY.exe
AddRemove-{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e} - c:\programdata\Package Cache\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}\SetupChipset.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2016-12-12 15:17:33
ComboFix-quarantined-files.txt 2016-12-12 14:17
.
Před spuštěním: 6 414 221 312
Po spuštění: 6 223 966 208
.
- - End Of File - - 5E26FC25FA81B559D6E87B004C02D596
5FB38429D5D77768867C76DCBDB35194

Příspěvekod **jaro3** » 12 pro 2016 18:04

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_207_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_207_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\PE_Rom.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

c:\users\Kedar\6FfDVvSzsUk0gBUp
c:\users\Kedar\AppData\Local\fYWackaApf

znáš ty složky? Co v nich je?

kedar700 · Příspěvekod **kedar700** » 13 pro 2016 16:09

c:\windows\PE_Rom.dll https://www.virustotal.com/cs/file/a580 ... 481641498/

v te složce c:\users\Kedar\6FfDVvSzsUk0gBUp nic není
a v tehle je c:\users\Kedar\AppData\Local\fYWackaApf https://www.virustotal.com/cs/file/7299 ... 481641643/

ComboFix 16-12-06.01 - Kedar 13.12.2016 15:42:38.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16384.13013 [GMT 1:00]
Spuštěný z: c:\users\Kedar\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kedar\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-11-13 do 2016-12-13 )))))))))))))))))))))))))))))))
.
.
2016-12-13 14:45 . 2016-12-13 14:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-12-13 14:45 . 2016-12-13 14:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-12-13 13:59 . 2016-12-13 13:59 -------- d-----w- c:\users\Kedar\AppData\Local\Chromium
2016-12-12 17:07 . 2016-12-12 18:16 -------- d-----w- c:\users\Kedar\AppData\Roaming\Transport Fever
2016-12-11 15:00 . 2016-12-11 15:00 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2016-12-10 10:22 . 2016-12-10 10:22 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2016-12-10 10:22 . 2016-12-10 10:22 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2016-12-10 10:22 . 2016-12-12 09:01 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2016-12-10 10:22 . 2016-12-10 10:22 -------- d-----w- c:\users\Kedar\AppData\Local\Zemana
2016-12-10 10:16 . 2016-12-13 14:48 -------- d-----w- c:\users\Kedar\AppData\Local\Temp
2016-12-10 10:16 . 2016-12-10 10:07 24064 ----a-w- c:\windows\zoek-delete.exe
2016-12-10 09:53 . 2016-12-10 09:53 -------- d-----w- c:\users\Kedar\AppData\Local\TeamViewer
2016-12-09 19:15 . 2016-12-09 19:16 -------- d-----w- c:\users\Kedar\AppData\Roaming\AirshipsGame
2016-12-09 18:06 . 2016-12-09 18:06 -------- d-----w- c:\users\Kedar\AppData\Roaming\Promotion Software GmbH
2016-12-09 14:31 . 2016-12-09 14:31 -------- d-----w- C:\zoek_backup
2016-12-07 15:23 . 2016-12-07 15:24 -------- d-----w- C:\AdwCleaner
2016-12-07 15:21 . 2016-12-09 17:18 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-12-07 15:21 . 2016-12-07 15:21 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-12-07 15:21 . 2016-03-10 13:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-12-07 15:21 . 2016-03-10 13:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-12-07 15:21 . 2016-03-10 13:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-12-03 12:55 . 2016-12-03 12:55 -------- d-----w- c:\users\Kedar\AppData\Roaming\MPC-HC
2016-11-30 19:43 . 2016-11-30 19:43 -------- d-----w- c:\users\Kedar\Cisco Packet Tracer 7.0
2016-11-19 13:54 . 2016-11-19 13:54 -------- d-----w- c:\users\Kedar\AppData\Roaming\Factorio
2016-11-17 15:55 . 2016-11-17 15:55 -------- d-----w- c:\users\Kedar\AppData\Local\Colossal Order
2016-11-17 14:40 . 2016-11-17 14:49 -------- d-----w- c:\program files\Adobe
2016-11-17 14:14 . 2016-11-17 14:38 -------- d-----w- c:\users\Kedar\AppData\Roaming\avidemux
2016-11-17 11:39 . 2016-11-17 11:39 -------- d-----w- c:\users\Kedar\AppData\Roaming\Atari
2016-11-17 09:43 . 2016-11-17 09:43 -------- d-----w- c:\programdata\Sophos
2016-11-17 09:43 . 2016-11-17 09:43 -------- d-----w- c:\program files (x86)\Sophos
2016-11-16 17:22 . 2016-11-17 10:53 -------- d-sh--w- c:\users\Kedar\6FfDVvSzsUk0gBUp
2016-11-16 17:22 . 2016-11-16 17:22 -------- d-----w- c:\users\Kedar\AppData\Local\fYWackaApf
2016-11-16 14:34 . 2016-11-16 14:34 61120 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.AdomdClient.resources.dll
2016-11-16 14:34 . 2016-11-16 14:34 48824 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Xmla.resources.dll
2016-11-16 14:34 . 2016-11-16 14:34 20672 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Streaming.resources.dll
2016-11-16 14:34 . 2016-11-16 14:34 192192 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Amo.resources.dll
2016-11-15 14:22 . 2016-11-15 14:22 8494784 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msolap110_xl.dll
2016-11-15 14:22 . 2016-11-15 14:22 74758336 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmdlocal_xl.dll
2016-11-15 14:22 . 2016-11-15 14:22 278208 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrw_xl.dll
2016-11-15 14:22 . 2016-11-15 14:22 21070528 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmsrv_xl.dll
2016-11-15 14:22 . 2016-11-15 14:22 196800 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrwbin_xl.dll
2016-11-15 14:22 . 2016-11-15 14:22 11484864 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmgdsrv_xl.dll
2016-11-15 03:05 . 2016-11-15 03:05 650944 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.AdomdClient.dll
2016-11-15 03:05 . 2016-11-15 03:05 1482432 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.Amo.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-13 14:12 . 2016-03-17 17:10 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-12-13 14:12 . 2016-03-17 17:10 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-12-13 14:00 . 2016-03-17 16:58 1048576 ----a-w- c:\windows\PE_Rom.dll
2016-12-08 19:12 . 2016-06-10 13:08 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-12-08 16:12 . 2016-04-05 11:23 226168 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2016-12-08 16:12 . 2016-04-05 11:23 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-11-09 21:30 . 2016-03-17 17:47 141011376 -c--a-w- c:\windows\system32\MRT.exe
2016-11-02 15:36 . 2016-11-09 14:50 382696 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 15:32 . 2016-11-09 14:50 41472 ----a-w- c:\windows\system32\lpk.dll
2016-11-02 15:32 . 2016-11-09 14:50 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-11-02 15:32 . 2016-11-09 14:50 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-11-02 15:32 . 2016-11-09 14:50 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-11-02 15:22 . 2016-11-09 14:50 308456 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-11-02 15:16 . 2016-11-09 14:50 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-11-02 15:16 . 2016-11-09 14:50 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-11-02 15:16 . 2016-11-09 14:50 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-11-02 14:53 . 2016-11-09 14:50 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-10-30 10:45 . 2016-03-28 18:29 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-10-28 03:59 . 2016-11-09 14:50 394440 ----a-w- c:\windows\system32\iedkcs32.dll
2016-10-27 19:13 . 2016-11-09 14:50 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-10-27 19:13 . 2016-11-09 14:50 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-10-27 18:55 . 2016-11-09 14:50 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-10-27 18:54 . 2016-11-09 14:50 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-10-27 18:54 . 2016-11-09 14:50 417792 ----a-w- c:\windows\system32\html.iec
2016-10-27 18:53 . 2016-11-09 14:50 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-10-27 18:53 . 2016-11-09 14:50 576000 ----a-w- c:\windows\system32\vbscript.dll
2016-10-27 18:51 . 2016-11-09 14:50 2896384 ----a-w- c:\windows\system32\iertutil.dll
2016-10-27 18:44 . 2016-11-09 14:50 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-10-27 18:43 . 2016-11-09 14:50 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-10-27 18:38 . 2016-11-09 14:50 615936 ----a-w- c:\windows\system32\ieui.dll
2016-10-27 18:37 . 2016-11-09 14:50 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-10-27 18:37 . 2016-11-09 14:50 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-10-27 18:37 . 2016-11-09 14:50 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-10-27 18:37 . 2016-11-09 14:50 817664 ----a-w- c:\windows\system32\jscript.dll
2016-10-27 18:28 . 2016-11-09 14:50 25763328 ----a-w- c:\windows\system32\mshtml.dll
2016-10-27 18:28 . 2016-11-09 14:50 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-10-27 18:24 . 2016-11-09 14:50 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-10-27 18:19 . 2016-11-09 14:50 6047744 ----a-w- c:\windows\system32\jscript9.dll
2016-10-27 18:15 . 2016-11-09 14:50 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-10-27 18:13 . 2016-11-09 14:50 107520 ----a-w- c:\windows\system32\inseng.dll
2016-10-27 18:09 . 2016-11-09 14:50 199680 ----a-w- c:\windows\system32\msrating.dll
2016-10-27 18:08 . 2016-11-09 14:50 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-10-27 18:05 . 2016-11-09 14:50 315392 ----a-w- c:\windows\system32\dxtrans.dll
2016-10-27 18:02 . 2016-11-09 14:50 152064 ----a-w- c:\windows\system32\occache.dll
2016-10-27 17:49 . 2016-11-09 14:50 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-10-27 17:46 . 2016-11-09 14:50 725504 ----a-w- c:\windows\system32\ie4uinit.exe
2016-10-27 17:46 . 2016-11-09 14:50 806912 ----a-w- c:\windows\system32\msfeeds.dll
2016-10-27 17:44 . 2016-11-09 14:50 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-10-27 17:44 . 2016-11-09 14:50 2131456 ----a-w- c:\windows\system32\inetcpl.cpl
2016-10-27 17:17 . 2016-11-09 14:50 15257088 ----a-w- c:\windows\system32\ieframe.dll
2016-10-27 17:16 . 2016-11-09 14:50 2920448 ----a-w- c:\windows\system32\wininet.dll
2016-10-27 17:03 . 2016-11-09 14:50 1543680 ----a-w- c:\windows\system32\urlmon.dll
2016-10-27 16:54 . 2016-11-09 14:50 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-10-27 14:50 . 2016-10-27 14:50 715038 ----a-w- c:\windows\unins000.exe
2016-10-25 15:02 . 2016-11-09 14:50 3219456 ----a-w- c:\windows\system32\win32k.sys
2016-10-22 17:54 . 2016-11-09 14:50 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-10-22 17:36 . 2016-11-09 14:50 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-10-22 17:36 . 2016-11-09 14:50 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-10-22 17:35 . 2016-11-09 14:50 498688 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-10-22 17:35 . 2016-11-09 14:50 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-10-22 17:34 . 2016-11-09 14:50 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-10-22 17:21 . 2016-11-09 14:50 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-10-22 17:20 . 2016-11-09 14:50 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-10-22 17:04 . 2016-11-09 14:50 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-10-22 16:44 . 2016-11-09 14:50 4608000 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-10-22 16:43 . 2016-11-09 14:50 2055680 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-10-22 16:43 . 2016-11-09 14:50 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-10-22 16:12 . 2016-11-09 14:50 2444800 ----a-w- c:\windows\SysWow64\wininet.dll
2016-10-15 15:31 . 2016-11-09 14:50 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-10-15 15:31 . 2016-11-09 14:50 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-10-15 15:13 . 2016-11-09 14:50 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-10-15 15:13 . 2016-11-09 14:50 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-10-13 11:20 . 2016-03-17 18:20 293352 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-10-11 15:37 . 2016-11-09 14:50 370920 ----a-w- c:\windows\system32\clfs.sys
2016-10-11 15:32 . 2016-12-04 11:10 345600 ----a-w- c:\windows\system32\schannel.dll
2016-10-11 15:32 . 2016-12-04 11:10 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-10-11 15:31 . 2016-11-09 14:50 1068544 ----a-w- c:\windows\system32\msctf.dll
2016-10-11 15:31 . 2016-11-09 14:50 878080 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-10-11 15:31 . 2016-11-09 14:50 457216 ----a-w- c:\windows\system32\imkr80.ime
2016-10-11 15:31 . 2016-11-09 14:50 176128 ----a-w- c:\windows\system32\tintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\quick.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\qintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\phon.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\chajei.ime
2016-10-11 15:31 . 2016-11-09 14:50 175104 ----a-w- c:\windows\system32\cintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 132608 ----a-w- c:\windows\system32\pintlgnt.ime
2016-10-11 15:31 . 2016-11-09 14:50 1148416 ----a-w- c:\windows\system32\IMJP10.IME
2016-10-11 15:31 . 2016-11-09 14:50 246784 ----a-w- c:\windows\system32\input.dll
2016-10-11 15:18 . 2016-12-04 11:10 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-10-11 15:18 . 2016-12-04 11:10 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-10-11 15:18 . 2016-11-09 14:50 829952 ----a-w- c:\windows\SysWow64\msctf.dll
2016-10-11 15:18 . 2016-11-09 14:50 90112 ----a-w- c:\windows\SysWow64\pintlgnt.ime
2016-10-11 15:18 . 2016-11-09 14:50 701440 ----a-w- c:\windows\SysWow64\IMJP10K.DLL
2016-10-11 15:18 . 2016-11-09 14:50 430080 ----a-w- c:\windows\SysWow64\imkr80.ime
2016-10-11 15:18 . 2016-11-09 14:50 126976 ----a-w- c:\windows\SysWow64\tintlgnt.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\quick.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\qintlgnt.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\phon.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\chajei.ime
2016-10-11 15:18 . 2016-11-09 14:50 125952 ----a-w- c:\windows\SysWow64\cintlgnt.ime
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-11-15 14:26 1743664 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-11-15 14:26 1743664 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-11-15 14:26 1743664 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-11-15 27219928]
"Steam"="d:\programfiles\steam.exe" [2016-12-09 2876704]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2016-10-18 7943072]
"Spotify Web Helper"="c:\users\Kedar\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-12-08 1444976]
"Spotify"="c:\users\Kedar\AppData\Roaming\Spotify\Spotify.exe" [2016-12-08 7095408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-15 9080768]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2016-08-22 596640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-09-22 587288]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2016-04-07 2313408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 STCServ;Intel(R) Common Connectivity Framework;c:\program files\Intel\STCServ\STCServ.exe;c:\program files\Intel\STCServ\STCServ.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\DRIVERS\awealloc.sys;c:\windows\SYSNATIVE\DRIVERS\awealloc.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VSStandardCollectorService140;Visual Studio Standard Collector Service;d:\visual\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe;d:\visual\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Podpora skenování WSD přes UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 asstor64;asstor64;c:\windows\system32\DRIVERS\asstor64.sys;c:\windows\SYSNATIVE\DRIVERS\asstor64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [x]
S2 AsRamDisk;ASUS Ram Disk Driver;c:\windows\system32\DRIVERS\asramdisk.sys;c:\windows\SYSNATIVE\DRIVERS\asramdisk.sys [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [x]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 RzSurroundVADStreamingService;RzSurroundVADStreamingService;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AsusVBus;AsusVBus;c:\windows\system32\DRIVERS\AsusVBus.sys;c:\windows\SYSNATIVE\DRIVERS\AsusVBus.sys [x]
S3 ATP;ASUS Touchpad;c:\windows\system32\DRIVERS\AsusTP.sys;c:\windows\SYSNATIVE\DRIVERS\AsusTP.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 RZSURROUNDVADService;Razer Surround Audio Service;c:\windows\system32\drivers\RzSurroundVAD.sys;c:\windows\SYSNATIVE\drivers\RzSurroundVAD.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NAL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-12-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-17 14:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-04-01 21:18 426160 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-04-01 21:18 426160 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-04-01 21:18 426160 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-11-15 14:22 2351920 ----a-w- d:\office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-11-15 14:22 2351920 ----a-w- d:\office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-11-15 14:22 2351920 ----a-w- d:\office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-09-13 15:23 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-06 7573720]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-04-11 36352]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"IntelConnectCenter"="c:\program files\Intel\ConnectCenter\bin\ICCLauncher.exe" [2015-03-16 90112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-09-30 1842624]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-06-21 662016]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2016-03-22 508128]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2016-12-09 14011120]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do Microsoft Excelu - d:\office\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - d:\office\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Kedar\AppData\Roaming\Mozilla\Firefox\Profiles\ibxyzb8e.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{04fa3a35-1f49-4510-8051-819cdc1e6e01} - c:\programdata\Package Cache\{04fa3a35-1f49-4510-8051-819cdc1e6e01}\vs_community.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{0f3d8dd5-54af-4404-a01c-4967e485a065} - c:\programdata\Package Cache\{0f3d8dd5-54af-4404-a01c-4967e485a065}\CCF_Manager.exe
AddRemove-{2b6a696c-656b-45d8-962b-bd4ccd22e8e7} - c:\programdata\Package Cache\{2b6a696c-656b-45d8-962b-bd4ccd22e8e7}\VS14-KB3151378.exe
AddRemove-{2e085fd2-a3e4-4b39-8e10-6b8d35f55244} - c:\programdata\Package Cache\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\VC_redist.x86.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{463d5540-8dfd-4eef-92e5-b729b3b73cfb} - c:\programdata\Package Cache\{463d5540-8dfd-4eef-92e5-b729b3b73cfb}\NDP461-DevPack-KB3105179-ENU.exe
AddRemove-{78c1b501-a6eb-4f29-88c5-84189564827e} - c:\programdata\Package Cache\{78c1b501-a6eb-4f29-88c5-84189564827e}\VS2015.2.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{c6c5a357-c7ca-4a5f-9789-3bb1af579253} - c:\programdata\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{dab68466-3a7d-41a8-a5cf-415e3ff8ef71} - c:\programdata\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe
AddRemove-{f246427c-ba07-4464-839c-d9e302f19375} - c:\programdata\Package Cache\{f246427c-ba07-4464-839c-d9e302f19375}\NDP461-DevPack-KB3105179-CSY.exe
AddRemove-{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e} - c:\programdata\Package Cache\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}\SetupChipset.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_24_0_0_186_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_24_0_0_186_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.24"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_24_0_0_186.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
c:\program files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
c:\program files (x86)\ASUS\AI Suite III\AISuite3.exe
c:\program files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\TeamViewer\TeamViewer.exe
c:\program files (x86)\TeamViewer\tv_w32.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
.
**************************************************************************
.
Celkový čas: 2016-12-13 15:52:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-12-13 14:52
ComboFix2.txt 2016-12-12 14:17
.
Před spuštěním: 3 983 200 256
Po spuštění: 4 186 632 192
.
- - End Of File - - 08A7B4F0CBF7FD2701CA8B3A32099F02
5FB38429D5D77768867C76DCBDB35194

Příspěvekod **jaro3** » 13 pro 2016 17:43

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT + informuj o problémech.

Pomale zapnutí Win7 Vyřešeno

Pomale zapnutí Win7 Vyřešeno

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Re: Pomale zapnutí Win7

Kdo je online