Prosím o kontrolu logu

dastin · Příspěvekod **dastin** » 12 zář 2013 12:53

12:44:18.0038 54668 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
12:44:18.0038 54668 uagp35 - ok
12:44:18.0054 54668 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
12:44:18.0054 54668 udfs - ok
12:44:18.0101 54668 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
12:44:18.0116 54668 UI0Detect - ok
12:44:18.0147 54668 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
12:44:18.0147 54668 uliagpkx - ok
12:44:18.0179 54668 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
12:44:18.0179 54668 umbus - ok
12:44:18.0194 54668 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
12:44:18.0210 54668 UmPass - ok
12:44:18.0397 54668 [ CBDEE152D73200EE49031A26310B9D3E ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:44:18.0413 54668 UNS - ok
12:44:18.0459 54668 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
12:44:18.0475 54668 upnphost - ok
12:44:18.0506 54668 [ C2C5672B001A471FCE195CC15910AED9 ] UrlFilter C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
12:44:18.0506 54668 UrlFilter - ok
12:44:18.0553 54668 [ C73CB90E6A2FF90FD02451A8DFC6AF8A ] usbbus C:\windows\system32\DRIVERS\lgx64bus.sys
12:44:18.0553 54668 usbbus - ok
12:44:18.0584 54668 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
12:44:18.0584 54668 usbccgp - ok
12:44:18.0662 54668 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
12:44:18.0662 54668 usbcir - ok
12:44:18.0709 54668 [ 856CE1F23785369BB5A2DE0AEDAD0AA7 ] UsbDiag C:\windows\system32\DRIVERS\lgx64diag.sys
12:44:18.0709 54668 UsbDiag - ok
12:44:18.0740 54668 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
12:44:18.0740 54668 usbehci - ok
12:44:18.0803 54668 [ 701DE703ED4C98DCDA396D393B9C1ABD ] usbezdisplay64 C:\windows\system32\drivers\usbezdisplay64.sys
12:44:18.0803 54668 usbezdisplay64 - ok
12:44:18.0881 54668 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
12:44:18.0896 54668 usbhub - ok
12:44:18.0927 54668 [ F81055629778D33C9317B32E4D2B58DB ] USBModem C:\windows\system32\DRIVERS\lgx64modem.sys
12:44:18.0927 54668 USBModem - ok
12:44:19.0005 54668 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
12:44:19.0005 54668 usbohci - ok
12:44:19.0037 54668 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
12:44:19.0037 54668 usbprint - ok
12:44:19.0068 54668 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
12:44:19.0083 54668 USBSTOR - ok
12:44:19.0146 54668 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
12:44:19.0146 54668 usbuhci - ok
12:44:19.0177 54668 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
12:44:19.0193 54668 usbvideo - ok
12:44:19.0224 54668 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
12:44:19.0239 54668 UxSms - ok
12:44:19.0271 54668 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
12:44:19.0271 54668 VaultSvc - ok
12:44:19.0317 54668 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
12:44:19.0317 54668 vdrvroot - ok
12:44:19.0349 54668 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
12:44:19.0364 54668 vds - ok
12:44:19.0380 54668 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
12:44:19.0380 54668 vga - ok
12:44:19.0395 54668 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
12:44:19.0411 54668 VgaSave - ok
12:44:19.0427 54668 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
12:44:19.0427 54668 vhdmp - ok
12:44:19.0458 54668 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
12:44:19.0458 54668 viaide - ok
12:44:19.0489 54668 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
12:44:19.0489 54668 volmgr - ok
12:44:19.0520 54668 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
12:44:19.0536 54668 volmgrx - ok
12:44:19.0551 54668 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
12:44:19.0551 54668 volsnap - ok
12:44:19.0598 54668 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
12:44:19.0598 54668 vsmraid - ok
12:44:19.0661 54668 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
12:44:19.0692 54668 VSS - ok
12:44:19.0723 54668 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
12:44:19.0723 54668 vwifibus - ok
12:44:19.0754 54668 [ 13A0DECD1794DE60A8427862C8669D27 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
12:44:19.0770 54668 vwififlt - ok
12:44:19.0785 54668 [ 49003B357D101CDC474937437ECF5ABC ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
12:44:19.0785 54668 vwifimp - ok
12:44:19.0848 54668 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
12:44:19.0863 54668 W32Time - ok
12:44:19.0895 54668 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
12:44:19.0895 54668 WacomPen - ok
12:44:19.0973 54668 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
12:44:19.0973 54668 WANARP - ok
12:44:19.0988 54668 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
12:44:19.0988 54668 Wanarpv6 - ok
12:44:20.0066 54668 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
12:44:20.0097 54668 WatAdminSvc - ok
12:44:20.0160 54668 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
12:44:20.0191 54668 wbengine - ok
12:44:20.0222 54668 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
12:44:20.0238 54668 WbioSrvc - ok
12:44:20.0269 54668 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
12:44:20.0285 54668 wcncsvc - ok
12:44:20.0316 54668 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:44:20.0316 54668 WcsPlugInService - ok
12:44:20.0347 54668 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
12:44:20.0347 54668 Wd - ok
12:44:20.0409 54668 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
12:44:20.0425 54668 Wdf01000 - ok
12:44:20.0441 54668 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
12:44:20.0456 54668 WdiServiceHost - ok
12:44:20.0456 54668 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
12:44:20.0472 54668 WdiSystemHost - ok
12:44:20.0503 54668 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
12:44:20.0519 54668 WebClient - ok
12:44:20.0550 54668 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
12:44:20.0565 54668 Wecsvc - ok
12:44:20.0581 54668 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
12:44:20.0597 54668 wercplsupport - ok
12:44:20.0643 54668 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
12:44:20.0659 54668 WerSvc - ok
12:44:20.0706 54668 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
12:44:20.0706 54668 WfpLwf - ok
12:44:20.0737 54668 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
12:44:20.0737 54668 WIMMount - ok
12:44:20.0831 54668 WinDefend - ok
12:44:20.0846 54668 WinHttpAutoProxySvc - ok
12:44:20.0909 54668 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
12:44:20.0924 54668 Winmgmt - ok
12:44:21.0002 54668 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
12:44:21.0049 54668 WinRM - ok
12:44:21.0111 54668 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
12:44:21.0111 54668 WinUsb - ok
12:44:21.0205 54668 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
12:44:21.0221 54668 Wlansvc - ok
12:44:21.0330 54668 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:44:21.0330 54668 wlcrasvc - ok
12:44:21.0423 54668 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:44:21.0455 54668 wlidsvc - ok
12:44:21.0470 54668 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
12:44:21.0470 54668 WmiAcpi - ok
12:44:21.0517 54668 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
12:44:21.0517 54668 wmiApSrv - ok
12:44:21.0548 54668 WMPNetworkSvc - ok
12:44:21.0579 54668 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
12:44:21.0595 54668 WPCSvc - ok
12:44:21.0611 54668 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
12:44:21.0626 54668 WPDBusEnum - ok
12:44:21.0642 54668 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
12:44:21.0642 54668 ws2ifsl - ok
12:44:21.0673 54668 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
12:44:21.0673 54668 wscsvc - ok
12:44:21.0689 54668 WSearch - ok
12:44:21.0782 54668 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
12:44:21.0829 54668 wuauserv - ok
12:44:21.0876 54668 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
12:44:21.0876 54668 WudfPf - ok
12:44:21.0938 54668 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
12:44:21.0954 54668 WUDFRd - ok
12:44:21.0969 54668 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
12:44:21.0985 54668 wudfsvc - ok
12:44:22.0016 54668 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll
12:44:22.0032 54668 WwanSvc - ok
12:44:22.0094 54668 ================ Scan global ===============================
12:44:22.0125 54668 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
12:44:22.0188 54668 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
12:44:22.0203 54668 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
12:44:22.0235 54668 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
12:44:22.0297 54668 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
12:44:22.0313 54668 [Global] - ok
12:44:22.0313 54668 ================ Scan MBR ==================================
12:44:22.0328 54668 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
12:44:22.0656 54668 \Device\Harddisk0\DR0 - ok
12:44:22.0671 54668 ================ Scan VBR ==================================
12:44:22.0671 54668 [ 3D495479955BFDB77B7037C32D47EF25 ] \Device\Harddisk0\DR0\Partition1
12:44:22.0671 54668 \Device\Harddisk0\DR0\Partition1 - ok
12:44:22.0687 54668 [ A3CF42259A4EF35E017BB3E11093EE53 ] \Device\Harddisk0\DR0\Partition2
12:44:22.0687 54668 \Device\Harddisk0\DR0\Partition2 - ok
12:44:22.0703 54668 [ 571963377CE5B6A991CA52A281A3CCE1 ] \Device\Harddisk0\DR0\Partition3
12:44:22.0718 54668 \Device\Harddisk0\DR0\Partition3 - ok
12:44:22.0718 54668 ============================================================
12:44:22.0718 54668 Scan finished
12:44:22.0718 54668 ============================================================
12:44:22.0734 54960 Detected object count: 0
12:44:22.0734 54960 Actual detected object count: 0
12:45:09.0975 51324 Deinitialize success

Reklama

Příspěvekod **Žbeky** » 12 zář 2013 14:45

Nějaké konkrétní problémy?

dastin · Příspěvekod **dastin** » 12 zář 2013 15:04

Sem tam mi notebook pracuje pomaleji než obvykle. Seká se mi hra, která by, si myslím, měla jet bez problému. A přišlo mi, že je plnej neptřebných souborů, apod. A taky prevence.

Příspěvekod **jaro3** » 12 zář 2013 18:04

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

dastin · Příspěvekod **dastin** » 13 zář 2013 08:39

ComboFix 13-09-12.01 - pc 13.09.2013 7:58.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3957.2312 [GMT 2:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\prefs.js
c:\users\pc\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\pc\AppData\Roaming\Roaming
c:\users\pc\AppData\Roaming\Roaming\HoldemManager\config\FTPRushTables.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-13 do 2013-09-13 )))))))))))))))))))))))))))))))
.
.
2013-09-13 06:12 . 2013-09-13 06:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-13 06:12 . 2013-09-13 06:12 -------- d-----w- c:\users\postgres\AppData\Local\temp
2013-09-12 18:00 . 2013-09-12 18:00 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{746B7ABC-26EF-43DF-BB4C-8E1F073EC8CE}\offreg.dll
2013-09-12 10:08 . 2013-09-12 10:49 -------- d-----w- c:\users\pc\AppData\Local\CrashDumps
2013-09-11 21:11 . 2013-09-11 21:11 -------- d-----w- c:\windows\ERUNT
2013-09-11 19:57 . 2013-09-11 19:57 -------- d-----w- c:\users\pc\AppData\Local\Adobe
2013-09-11 18:22 . 2013-09-11 18:22 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-09-11 18:20 . 2013-06-21 10:23 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-11 18:20 . 2013-06-21 10:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-11 18:20 . 2013-06-21 10:23 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-11 18:20 . 2013-06-21 10:23 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-11 18:20 . 2013-06-21 10:23 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-09-11 18:20 . 2013-06-21 10:23 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 18:19 . 2013-06-21 12:06 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-09-11 18:19 . 2013-06-21 12:06 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-09-11 18:10 . 2013-09-11 18:10 -------- d-----w- c:\users\pc\AppData\Local\NVIDIA
2013-09-11 18:04 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-09-11 18:04 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-09-11 18:04 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-09-11 17:57 . 2013-09-11 17:57 -------- d-----w- c:\programdata\Oracle
2013-09-11 17:57 . 2013-09-11 17:57 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-11 17:57 . 2013-09-11 17:56 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-11 17:57 . 2013-09-11 17:56 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-11 17:56 . 2013-09-11 17:56 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-11 17:56 . 2013-09-11 17:56 -------- d-----w- c:\program files (x86)\Java
2013-09-11 15:46 . 2013-09-11 15:46 -------- d-----w- c:\users\pc\AppData\Roaming\Malwarebytes
2013-09-11 15:45 . 2013-09-11 15:45 -------- d-----w- c:\programdata\Malwarebytes
2013-09-11 15:45 . 2013-09-11 15:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-11 15:45 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-11 15:36 . 2013-09-11 21:02 -------- d-----w- C:\AdwCleaner
2013-09-11 15:29 . 2013-09-11 15:29 -------- d-----w- c:\users\pc\AppData\Local\Apps
2013-09-11 08:57 . 2013-04-17 18:20 26432 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-09-11 08:39 . 2013-09-11 08:39 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-09-11 08:39 . 2013-09-12 18:03 -------- d-----w- c:\programdata\IObit
2013-09-11 08:39 . 2013-09-11 15:08 -------- d-----w- c:\users\pc\AppData\Roaming\IObit
2013-09-11 08:38 . 2013-09-12 18:03 -------- d-----w- c:\program files (x86)\IObit
2013-09-11 07:22 . 2013-09-11 07:22 -------- d-sh--w- c:\programdata\DSS
2013-09-11 07:05 . 2013-09-11 07:05 -------- d-----w- c:\program files (x86)\Origin Games
2013-09-11 07:03 . 2013-09-11 07:05 -------- d-----w- c:\users\pc\AppData\Roaming\Origin
2013-09-11 07:03 . 2013-09-11 07:05 -------- d-----w- c:\users\pc\AppData\Local\Origin
2013-09-11 07:02 . 2013-09-11 07:22 -------- d-----w- c:\programdata\Origin
2013-09-11 07:02 . 2013-09-13 05:30 -------- d-----w- c:\program files (x86)\Origin
2013-09-11 01:14 . 2013-08-10 05:20 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-09-10 22:04 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-10 21:51 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{746B7ABC-26EF-43DF-BB4C-8E1F073EC8CE}\mpengine.dll
2013-08-30 22:01 . 2013-08-30 22:01 -------- d-----w- c:\users\pc\AppData\Roaming\NVIDIA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 01:10 . 2011-09-17 00:34 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-02 01:48 . 2013-09-10 22:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-26 17:21 . 2013-06-26 17:21 23208 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 17:21 . 2013-06-26 17:21 28840 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 17:21 . 2013-06-26 17:21 273576 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 17:21 . 2013-06-26 17:21 1777320 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 17:21 . 2013-06-26 17:21 1130664 ----a-w- c:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 17:21 . 2013-06-26 17:21 767144 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-09-11 3549528]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="c:\program files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe" [2010-09-20 87336]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2013-06-14 1515328]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-22 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 subvgaproductmirr64;subvgaproductmirr64;c:\windows\system32\DRIVERS\subvgamirr64.sys;c:\windows\SYSNATIVE\DRIVERS\subvgamirr64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 usbezdisplay64;USB Projector;c:\windows\system32\drivers\usbezdisplay64.sys;c:\windows\SYSNATIVE\drivers\usbezdisplay64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w;c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-09 17:56]
.
2013-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15 15:13]
.
2013-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-15 15:13]
.
2013-09-13 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-11-01 09:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Registry Mechanic_is1 - c:\program files (x86)\Registry Mechanic\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\postgresql-8.4]
"ImagePath"="c:/postgreSQL/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\postgresql-8.4]
"ImagePath"="c:/postgreSQL/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-13 08:16:38
ComboFix-quarantined-files.txt 2013-09-13 06:16
.
Před spuštěním: Volných bajtů: 46 546 100 224
Po spuštění: Volných bajtů: 46 233 944 064
.
- - End Of File - - 933E90386F54FF17670F895827B14A71

Příspěvekod **jaro3** » 13 zář 2013 09:34

Odinstaluj:
IObit Malware Fighter

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

dastin · Příspěvekod **dastin** » 13 zář 2013 19:25

ComboFix 13-09-12.01 - pc 13.09.2013 18:42:12.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3957.2825 [GMT 2:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pc\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\pc\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-13 do 2013-09-13 )))))))))))))))))))))))))))))))
.
.
2013-09-13 16:56 . 2013-09-13 16:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-13 16:56 . 2013-09-13 16:56 -------- d-----w- c:\users\postgres\AppData\Local\temp
2013-09-13 16:56 . 2013-09-13 16:56 -------- d-----w- c:\users\postgres.DAVID\AppData\Local\temp
2013-09-13 16:56 . 2013-09-13 16:56 -------- d-----w- c:\users\postgres.DAVID.000\AppData\Local\temp
2013-09-13 16:56 . 2013-09-13 16:56 -------- d-----w- c:\users\FIFA\AppData\Local\temp
2013-09-13 16:56 . 2013-09-13 16:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-12 18:00 . 2013-09-12 18:00 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{746B7ABC-26EF-43DF-BB4C-8E1F073EC8CE}\offreg.dll
2013-09-12 10:08 . 2013-09-12 10:49 -------- d-----w- c:\users\pc\AppData\Local\CrashDumps
2013-09-11 21:11 . 2013-09-11 21:11 -------- d-----w- c:\windows\ERUNT
2013-09-11 19:57 . 2013-09-11 19:57 -------- d-----w- c:\users\pc\AppData\Local\Adobe
2013-09-11 18:22 . 2013-09-11 18:22 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-09-11 18:20 . 2013-06-21 10:23 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-11 18:20 . 2013-06-21 10:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-11 18:20 . 2013-06-21 10:23 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-11 18:20 . 2013-06-21 10:23 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-11 18:20 . 2013-06-21 10:23 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-09-11 18:20 . 2013-06-21 10:23 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 18:19 . 2013-06-21 12:06 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-09-11 18:19 . 2013-06-21 12:06 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-09-11 18:10 . 2013-09-11 18:10 -------- d-----w- c:\users\pc\AppData\Local\NVIDIA
2013-09-11 18:04 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-09-11 18:04 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-09-11 18:04 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-09-11 17:57 . 2013-09-11 17:57 -------- d-----w- c:\programdata\Oracle
2013-09-11 17:57 . 2013-09-11 17:57 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-11 17:57 . 2013-09-11 17:56 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-11 17:57 . 2013-09-11 17:56 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-11 17:56 . 2013-09-11 17:56 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-11 17:56 . 2013-09-11 17:56 -------- d-----w- c:\program files (x86)\Java
2013-09-11 15:46 . 2013-09-11 15:46 -------- d-----w- c:\users\pc\AppData\Roaming\Malwarebytes
2013-09-11 15:45 . 2013-09-11 15:45 -------- d-----w- c:\programdata\Malwarebytes
2013-09-11 15:45 . 2013-09-11 15:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-11 15:45 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-11 15:36 . 2013-09-11 21:02 -------- d-----w- C:\AdwCleaner
2013-09-11 15:29 . 2013-09-11 15:29 -------- d-----w- c:\users\pc\AppData\Local\Apps
2013-09-11 08:57 . 2013-04-17 18:20 26432 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-09-11 08:39 . 2013-09-11 08:39 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-09-11 08:39 . 2013-09-12 18:03 -------- d-----w- c:\programdata\IObit
2013-09-11 08:39 . 2013-09-11 15:08 -------- d-----w- c:\users\pc\AppData\Roaming\IObit
2013-09-11 08:38 . 2013-09-12 18:03 -------- d-----w- c:\program files (x86)\IObit
2013-09-11 07:22 . 2013-09-11 07:22 -------- d-sh--w- c:\programdata\DSS
2013-09-11 07:05 . 2013-09-11 07:05 -------- d-----w- c:\program files (x86)\Origin Games
2013-09-11 07:03 . 2013-09-11 07:05 -------- d-----w- c:\users\pc\AppData\Roaming\Origin
2013-09-11 07:03 . 2013-09-11 07:05 -------- d-----w- c:\users\pc\AppData\Local\Origin
2013-09-11 07:02 . 2013-09-11 07:22 -------- d-----w- c:\programdata\Origin
2013-09-11 07:02 . 2013-09-13 06:41 -------- d-----w- c:\program files (x86)\Origin
2013-09-11 01:14 . 2013-08-10 05:20 148992 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-09-10 22:04 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-10 21:51 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{746B7ABC-26EF-43DF-BB4C-8E1F073EC8CE}\mpengine.dll
2013-08-30 22:01 . 2013-08-30 22:01 -------- d-----w- c:\users\pc\AppData\Roaming\NVIDIA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 01:10 . 2011-09-17 00:34 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-02 01:48 . 2013-09-10 22:04 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 07:54 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 07:54 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 07:54 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 07:54 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 07:54 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 07:54 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 07:54 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 07:54 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 07:54 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 07:54 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 07:54 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 07:54 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 07:54 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 07:54 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 07:54 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-26 17:21 . 2013-06-26 17:21 23208 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 17:21 . 2013-06-26 17:21 28840 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 17:21 . 2013-06-26 17:21 273576 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 17:21 . 2013-06-26 17:21 1777320 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 17:21 . 2013-06-26 17:21 1130664 ----a-w- c:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 17:21 . 2013-06-26 17:21 767144 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-09-11 3549528]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="c:\program files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe" [2010-09-20 87336]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-11-15 112600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-10-22 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 subvgaproductmirr64;subvgaproductmirr64;c:\windows\system32\DRIVERS\subvgamirr64.sys;c:\windows\SYSNATIVE\DRIVERS\subvgamirr64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbezdisplay64;USB Projector;c:\windows\system32\drivers\usbezdisplay64.sys;c:\windows\SYSNATIVE\drivers\usbezdisplay64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w;c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-09 17:56]
.
2013-09-13 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~2\SMARTD~1\Messages\SDNotify.exe [2012-11-01 09:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Registry Mechanic_is1 - c:\program files (x86)\Registry Mechanic\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\postgresql-8.4]
"ImagePath"="c:/postgreSQL/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\postgresql-8.4]
"ImagePath"="c:/postgreSQL/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\postgresql\bin\pg_ctl.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Samsung\Easy Display Manager\WifiManager.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
.
**************************************************************************
.
Celkový čas: 2013-09-13 19:08:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-13 17:08
ComboFix2.txt 2013-09-13 06:16
.
Před spuštěním: Volných bajtů: 46 090 301 440
Po spuštění: Volných bajtů: 45 543 587 840
.
- - End Of File - - 7BDDB51A420AE8F40098DEAA8B8DBC15

dastin · Příspěvekod **dastin** » 13 zář 2013 19:29

Po restartu,po skenu ComboFixu mi vyskočila tahle hláška C:\Windows\System32\bcdedit.exe - Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění.

dastin · Příspěvekod **dastin** » 13 zář 2013 20:09

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-13 19:30:17
-----------------------------
19:30:17.568 OS Version: Windows x64 6.1.7601 Service Pack 1
19:30:17.568 Number of processors: 2 586 0x2505
19:30:17.568 ComputerName: DAVID UserName: pc
19:30:18.473 Initialize success
19:30:19.097 AVAST engine defs: 13091301
19:30:23.262 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:30:23.278 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 610480MB BusType: 3
19:30:23.449 Disk 0 MBR read successfully
19:30:23.449 Disk 0 MBR scan
19:30:23.449 Disk 0 unknown MBR code
19:30:23.465 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:30:23.496 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 236544 MB offset 206848
19:30:23.496 Disk 0 Partition - 00 0F Extended LBA 351916 MB offset 484648960
19:30:23.527 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 21917 MB offset 1205372928
19:30:23.590 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 351915 MB offset 484651008
19:30:23.621 Disk 0 scanning C:\windows\system32\drivers
19:30:34.775 Service scanning
19:30:59.673 Modules scanning
19:31:00.187 Disk 0 trace - called modules:
19:31:00.219 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
19:31:00.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004646380]
19:31:00.250 3 CLASSPNP.SYS[fffff88001b3243f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800448f050]
19:31:00.811 AVAST engine scan C:\windows
19:31:04.290 AVAST engine scan C:\windows\system32
19:33:40.306 AVAST engine scan C:\windows\system32\drivers
19:33:51.616 AVAST engine scan C:\Users\pc
19:51:09.517 AVAST engine scan C:\ProgramData
19:54:27.669 Scan finished successfully
20:06:25.069 Disk 0 MBR has been saved successfully to "C:\Users\pc\Desktop\MBR.dat"
20:06:25.084 The log file has been saved successfully to "C:\Users\pc\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 13 zář 2013 21:29

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Kromě Combofixu se ta hláška nevyskuje?

Co problémy?

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online