Prosím o kontrolu.

Ben · Příspěvekod **Ben** » 02 lis 2014 12:56

ComboFix 14-10-29.01 - asus 02.11.2014 12:20:29.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1331 [GMT 1:00]
Spuštěný z: c:\users\asus\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\ASPG_icon.ico
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-02 do 2014-11-02 )))))))))))))))))))))))))))))))
.
.
2014-11-02 11:38 . 2014-11-02 11:38 -------- d-----w- c:\users\asus\AppData\Local\temp
2014-11-02 11:38 . 2014-11-02 11:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-01 09:09 . 2014-11-01 08:45 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-31 17:31 . 2014-10-31 17:31 -------- d-----w- c:\users\asus\AppData\Local\CrashDumps
2014-10-31 17:28 . 2014-11-01 08:31 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-31 17:28 . 2014-10-31 17:28 -------- d-----w- c:\programdata\RogueKiller
2014-10-30 17:40 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-28 19:37 . 2014-10-28 19:37 -------- d-----w- c:\users\asus\AppData\Local\GHISLER
2014-10-28 19:31 . 2014-10-28 19:31 -------- d-----w- c:\users\asus\AppData\Roaming\GHISLER
2014-10-28 19:31 . 2014-10-28 19:31 -------- d-----w- c:\program files\totalcmd
2014-10-28 18:02 . 2014-10-28 18:02 -------- d-----w- c:\windows\ERUNT
2014-10-28 18:01 . 2014-11-01 09:07 -------- d-----w- C:\zoek_backup
2014-10-28 13:50 . 2014-10-30 17:50 -------- d-----w- C:\AdwCleaner
2014-10-28 13:49 . 2014-11-02 07:42 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-28 13:49 . 2014-10-28 15:31 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-10-28 13:49 . 2014-10-28 13:49 -------- d-----w- c:\programdata\Malwarebytes
2014-10-28 13:49 . 2014-10-01 10:11 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-28 13:49 . 2014-10-01 10:11 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-28 13:49 . 2014-10-01 10:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-23 15:38 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-23 15:38 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-23 15:38 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-23 15:35 . 2014-09-27 23:29 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-10-23 15:33 . 2014-09-04 23:27 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
2014-10-23 15:32 . 2014-09-16 16:56 66560 ----a-w- c:\windows\system32\packager.dll
2014-10-23 14:32 . 2014-09-19 22:38 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-10-23 13:39 . 2014-09-19 22:38 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2014-10-23 13:39 . 2014-09-19 22:36 768512 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2014-10-23 13:39 . 2014-09-19 22:44 1810432 ----a-w- c:\windows\system32\jscript9.dll
2014-10-03 17:01 . 2014-10-03 17:01 -------- d-----w- c:\program files\Common Files\COMODO
2014-10-03 15:16 . 2014-10-03 15:16 43152 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-01 19:00 . 2012-04-07 12:34 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-01 19:00 . 2011-06-11 08:56 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-01 13:32 . 2013-11-04 10:27 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-10-03 15:16 . 2014-05-13 21:45 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-10-03 15:16 . 2014-05-13 21:45 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-10-03 15:16 . 2014-05-13 21:45 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-10-03 15:16 . 2014-05-13 21:45 57800 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-10-03 15:16 . 2014-05-13 21:45 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-10-03 15:16 . 2014-05-13 21:45 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-10-03 15:16 . 2014-05-13 21:45 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-10-03 15:16 . 2014-05-13 21:45 55112 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-10-03 15:16 . 2014-05-13 21:45 276432 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-09 06:24 . 2014-09-25 01:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-23 01:03 . 2014-08-28 03:49 297984 ----a-w- c:\windows\system32\gdi32.dll
2008-12-23 20:36 . 2008-12-23 20:36 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-10-03 15:16 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-10-01 22065760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-23 17149952]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-12-29 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-06-02 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-06-02 47672]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-10-03 4085896]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2014-09-24 2327248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe" [2014-9-25 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 19:00]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-11-02 12:38
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????
.
skenování skrytých souborů ...
.
.
C:\ADSM_PData_0150
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1422435658-2611298230-2045513592-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c9,73,9a,f5,74,94,6a,f2,1a,41,8a,76,bf,13,15,ce,67,dc,db,0e,3c,b4,58,
d4,33,5f,43,61,c8,c1,f0,90,8a,5c,0d,1e,62,11,a2,37,b1,76,81,09,4f,9e,2f,92,\
"??"=hex:92,49,3e,03,f4,d6,c3,32,74,6f,e8,2e,79,b2,65,26
.
[HKEY_USERS\S-1-5-21-1422435658-2611298230-2045513592-1000\Software\SecuROM\License information*]
"datasecu"=hex:33,a2,ff,6d,7f,09,8f,6f,db,0e,0c,ae,2a,e3,19,71,a8,13,eb,af,44,
02,35,07,e1,0f,f2,15,aa,f0,7e,54,40,0f,60,03,3c,31,2b,db,21,76,d6,2d,d8,5b,\
"rkeysecu"=hex:11,26,26,19,5a,7d,d1,4d,5e,cf,03,83,9d,ac,dd,e4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(692)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
Celkový čas: 2014-11-02 12:40:37
ComboFix-quarantined-files.txt 2014-11-02 11:40
.
Před spuštěním: Volných bajtů: 23 116 406 784
Po spuštění: Volných bajtů: 23 069 663 232
.
- - End Of File - - 7508D73C9EE76611124732C9219D0EC3
C13321C508C7F78EBB5FDB47BD94464D

Reklama

Příspěvekod **Orcus** » 02 lis 2014 19:36

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job

Folder::
c:\program files (x86)\Google\Update\
c:\program files\Skype\Updater\

RegLock::
.
[HKEY_USERS\S-1-5-21-1422435658-2611298230-2045513592-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c9,73,9a,f5,74,94,6a,f2,1a,41,8a,76,bf,13,15,ce,67,dc,db,0e,3c,b4,58,
d4,33,5f,43,61,c8,c1,f0,90,8a,5c,0d,1e,62,11,a2,37,b1,76,81,09,4f,9e,2f,92,\
"??"=hex:92,49,3e,03,f4,d6,c3,32,74,6f,e8,2e,79,b2,65,26
.
[HKEY_USERS\S-1-5-21-1422435658-2611298230-2045513592-1000\Software\SecuROM\License information*]
"datasecu"=hex:33,a2,ff,6d,7f,09,8f,6f,db,0e,0c,ae,2a,e3,19,71,a8,13,eb,af,44,
02,35,07,e1,0f,f2,15,aa,f0,7e,54,40,0f,60,03,3c,31,2b,db,21,76,d6,2d,d8,5b,\
"rkeysecu"=hex:11,26,26,19,5a,7d,d1,4d,5e,cf,03,83,9d,ac,dd,e4
.

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Ben · Příspěvekod **Ben** » 02 lis 2014 21:02

ComboFix 14-10-29.01 - asus 02.11.2014 20:14:12.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1077 [GMT 1:00]
Spuštěný z: c:\users\asus\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\asus\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-02 do 2014-11-02 )))))))))))))))))))))))))))))))
.
.
2014-11-02 19:22 . 2014-11-02 19:28 -------- d-----w- c:\users\asus\AppData\Local\temp
2014-11-01 09:09 . 2014-11-01 08:45 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-31 17:31 . 2014-10-31 17:31 -------- d-----w- c:\users\asus\AppData\Local\CrashDumps
2014-10-31 17:28 . 2014-11-02 18:08 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-31 17:28 . 2014-10-31 17:28 -------- d-----w- c:\programdata\RogueKiller
2014-10-30 17:40 . 2010-08-30 07:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-28 19:37 . 2014-10-28 19:37 -------- d-----w- c:\users\asus\AppData\Local\GHISLER
2014-10-28 19:31 . 2014-10-28 19:31 -------- d-----w- c:\users\asus\AppData\Roaming\GHISLER
2014-10-28 19:31 . 2014-10-28 19:31 -------- d-----w- c:\program files\totalcmd
2014-10-28 18:02 . 2014-10-28 18:02 -------- d-----w- c:\windows\ERUNT
2014-10-28 18:01 . 2014-11-01 09:07 -------- d-----w- C:\zoek_backup
2014-10-28 13:50 . 2014-10-30 17:50 -------- d-----w- C:\AdwCleaner
2014-10-28 13:49 . 2014-11-02 19:26 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-28 13:49 . 2014-10-28 15:31 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-10-28 13:49 . 2014-10-28 13:49 -------- d-----w- c:\programdata\Malwarebytes
2014-10-28 13:49 . 2014-10-01 10:11 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-28 13:49 . 2014-10-01 10:11 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-28 13:49 . 2014-10-01 10:11 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-23 15:38 . 2014-06-15 22:18 1131664 ----a-w- c:\windows\system32\dfshim.dll
2014-10-23 15:38 . 2014-06-13 18:22 81560 ----a-w- c:\windows\system32\mscories.dll
2014-10-23 15:38 . 2014-06-13 18:22 156824 ----a-w- c:\windows\system32\mscorier.dll
2014-10-23 15:35 . 2014-09-27 23:29 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-10-23 15:33 . 2014-09-04 23:27 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
2014-10-23 15:32 . 2014-09-16 16:56 66560 ----a-w- c:\windows\system32\packager.dll
2014-10-23 14:32 . 2014-09-19 22:38 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-10-23 13:39 . 2014-09-19 22:38 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2014-10-23 13:39 . 2014-09-19 22:36 768512 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2014-10-23 13:39 . 2014-09-19 22:44 1810432 ----a-w- c:\windows\system32\jscript9.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-02 19:26 . 2013-11-04 10:27 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-11-01 19:00 . 2012-04-07 12:34 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-01 19:00 . 2011-06-11 08:56 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-03 15:16 . 2014-05-13 21:45 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-10-03 15:16 . 2014-10-03 15:16 43152 ----a-w- c:\windows\avastSS.scr
2014-10-03 15:16 . 2014-05-13 21:45 779536 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-10-03 15:16 . 2014-05-13 21:45 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-10-03 15:16 . 2014-05-13 21:45 57800 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-10-03 15:16 . 2014-05-13 21:45 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-10-03 15:16 . 2014-05-13 21:45 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-10-03 15:16 . 2014-05-13 21:45 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-10-03 15:16 . 2014-05-13 21:45 55112 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-10-03 15:16 . 2014-05-13 21:45 276432 ----a-w- c:\windows\system32\aswBoot.exe
2014-09-09 06:24 . 2014-09-25 01:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-23 01:03 . 2014-08-28 03:49 297984 ----a-w- c:\windows\system32\gdi32.dll
2008-12-23 20:36 . 2008-12-23 20:36 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-10-03 15:16 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-10-01 22065760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-03-23 17149952]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-12-29 159744]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-06-02 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-06-02 47672]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-10-03 4085896]
"tvncontrol"="c:\program files\Common Files\COMODO\GeekBuddyRSP.exe" [2014-09-24 2327248]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe" [2014-9-25 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 19:00]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\VDeck\VDeck.exe -r???????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1422435658-2611298230-2045513592-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:c9,73,9a,f5,74,94,6a,f2,1a,41,8a,76,bf,13,15,ce,67,dc,db,0e,3c,b4,58,
d4,33,5f,43,61,c8,c1,f0,90,8a,5c,0d,1e,62,11,a2,37,b1,76,81,09,4f,9e,2f,92,\
"??"=hex:92,49,3e,03,f4,d6,c3,32,74,6f,e8,2e,79,b2,65,26
.
[HKEY_USERS\S-1-5-21-1422435658-2611298230-2045513592-1000\Software\SecuROM\License information*]
"datasecu"=hex:33,a2,ff,6d,7f,09,8f,6f,db,0e,0c,ae,2a,e3,19,71,a8,13,eb,af,44,
02,35,07,e1,0f,f2,15,aa,f0,7e,54,40,0f,60,03,3c,31,2b,db,21,76,d6,2d,d8,5b,\
"rkeysecu"=hex:11,26,26,19,5a,7d,d1,4d,5e,cf,03,83,9d,ac,dd,e4
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(696)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
- - - - - - - > 'Explorer.exe'(156)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\COMODO\launcher_service.exe
c:\windows\system32\AUDIODG.EXE
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\Malwarebytes Anti-Malware\mbamservice.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\Malwarebytes Anti-Malware\mbam.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\igfxsrvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2014-11-02 20:33:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-02 19:32
ComboFix2.txt 2014-11-02 11:40
.
Před spuštěním: Volných bajtů: 22 653 079 552
Po spuštění: Volných bajtů: 22 156 242 944
.
- - End Of File - - E6327B0DCE306190BDFFC6D4541015B8
C13321C508C7F78EBB5FDB47BD94464D
aswMBR version 1.0.1.2172 Copyright(c) 2014 AVAST Software
Run date: 2014-11-02 20:36:21
-----------------------------
20:36:21.310 OS Version: Windows 6.0.6002 Service Pack 2
20:36:21.310 Number of processors: 2 586 0x170A
20:36:21.326 ComputerName: ASUS-PC UserName: asus
20:36:23.245 Initialize success
20:36:23.260 VM: initialized successfully
20:36:23.260 VM: Intel CPU virtualization not supported
20:36:23.276 disk I/O iaStor.sys
20:36:26.973 AVAST engine defs: 14110201
20:38:14.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:38:14.805 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
20:38:14.899 Disk 0 MBR read successfully
20:38:14.899 Disk 0 MBR scan
20:38:14.915 Disk 0 Windows VISTA default MBR code
20:38:14.915 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12001 MB offset 63
20:38:14.930 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 238470 MB offset 24580096
20:38:14.946 Disk 0 Partition - 00 0F Extended LBA 226467 MB offset 512966656
20:38:14.977 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226466 MB offset 512968704
20:38:14.977 Disk 0 scanning sectors +976771072
20:38:15.071 Disk 0 scanning C:\Windows\system32\drivers
20:38:26.880 Service scanning
20:38:45.943 Modules scanning
20:38:59.921 Disk 0 trace - called modules:
20:38:59.936 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys halmacpi.dll iaStor.sys
20:38:59.952 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8814d968]
20:38:59.952 3 CLASSPNP.SYS[8c1a18b3] -> nt!IofCallDriver -> [0x8674f918]
20:38:59.967 5 acpi.sys[806a46bc] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8715f028]
20:39:00.763 AVAST engine scan C:\Windows
20:39:04.133 AVAST engine scan C:\Windows\system32
20:42:16.137 AVAST engine scan C:\Windows\system32\drivers
20:42:38.165 AVAST engine scan C:\Users\asus
20:51:27.753 AVAST engine scan C:\ProgramData
20:54:26.498 Disk 0 statistics 3058766/0/0 @ 2,15 MB/s
20:54:26.498 Scan finished successfully
20:57:59.017 Disk 0 MBR has been saved successfully to "C:\Users\asus\Desktop\MBR.dat"
20:57:59.033 The log file has been saved successfully to "C:\Users\asus\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 03 lis 2014 09:10

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT + info o problémech.

Ben · Příspěvekod **Ben** » 03 lis 2014 19:56

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:59, on 3.11.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16584)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDECK.EXE
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\asus\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\COMODO\GeekBuddy\launcher.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

--
End of file - 7120 bytes
Hodne se to zlepšilo. Až na to že to strašně dlouho startuje 3až4 min než to naběhne jinap ok

Příspěvekod **Orcus** » 03 lis 2014 22:47

Taky se podívej, kolik Ti tam toho startuje:
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

V HJT fixni toto:
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

===================================================

Stáhni si na svojí plochu StartupLite .exe by MalwareBytes

Tento program identifikuje a dává volbu k odstranění nepotřebných položek k vyprázdnění paměti.
Poklepej na ikonu StartupLite.exe (by MalwareBytes ) ke spuštění programu. Ve vistě a windows 7 spusť jako správce (pravým klik na ikonu a vyber-spustit jako správce).Vytvoří se list nepotřebných vstupů po spuštění. Nech všechny položky jako deaktivované a klikni na Continue . Restartuj PC.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Prosím o kontrolu. Vyřešeno

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu. Vyřešeno

Kdo je online