Prosím o kontrolu (pc občas zamrzne)
Re: Prosím o kontrolu (pc občas zamrzne)
od doby co jsem v pátek začal s čištěním, tak nedošlo zatím k žádnému zamrznutí a mám i pocit, že pc reaguje svižněji
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu (pc občas zamrzne)
To je dobře 
Aktualizuj Javu
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Aktualizuj Javu
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
Folder::
c:\program files\Skype\Updater
c:\program files\Google\Update
c:\program files\IObit
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
Driver::
SkypeUpdate
RegLock::
[HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\G*e*n*i*e*"!\FM Genie Scout 10]
"GameDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010"
"SaveDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010\\"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2010\\data\\db\\1000\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000058
"GraphStep"=dword:00000001
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:00009fe8
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000000
"Version"=dword:00000074
"UniqueID"="36-AEB0-E2FF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
[HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\G*e*n*i*e*"!\FM Genie Scout 13]
"GameDir"="c:\\FM Genie Scout 13\\games"
"ShortlistDir"="c:\\FM Genie Scout 13\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 13"
"SaveDir"="c:\\FM Genie Scout 13\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a201
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="36-AEB0-E2FF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000006
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000005
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000001
"TopFormationFeatureNum"=dword:00000004
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000039
"GameLoadedCounter"=dword:00000000Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Re: Prosím o kontrolu (pc občas zamrzne)
Java mi nejde aktualizovat, hlásí že bych potřeboval novější operační systém (mám XP)
tady log z combofix:
ComboFix 16-08-21.02 - Honzik 24.08.2016 9:25.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3575.2668 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honzik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honzik\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdate.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.31.5\goopdate.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_am.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ar.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_bg.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_bn.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ca.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_cs.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_da.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_de.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_el.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_en.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_es.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_et.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fa.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fi.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fil.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_gu.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_hi.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_hr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_hu.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_id.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_is.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_it.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_iw.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ja.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_kn.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ko.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_lt.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_lv.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ml.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_mr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ms.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_nl.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_no.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_pl.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ro.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ru.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sk.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sl.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sv.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sw.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ta.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_te.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_th.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_tr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_uk.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ur.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_vi.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.31.5\psmachine.dll
c:\program files\Google\Update\1.3.31.5\psmachine_64.dll
c:\program files\Google\Update\1.3.31.5\psuser.dll
c:\program files\Google\Update\1.3.31.5\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.31.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-07-24 do 2016-08-24 )))))))))))))))))))))))))))))))
.
.
2016-08-22 13:42 . 2016-08-22 13:55 -------- d-----w- C:\zoek_backup
2016-08-19 08:16 . 2016-08-19 08:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2016-08-18 13:13 . 2016-08-18 13:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Oracle
2016-08-18 12:37 . 2016-08-19 08:02 -------- d-----w- C:\AdwCleaner
2016-08-13 11:18 . 2016-08-19 16:58 -------- d-----w- c:\program files\Traders Way MetaTrader 4
2016-07-28 20:37 . 2016-07-28 20:37 -------- d-----w- c:\documents and settings\Honzik\Local Settings\Data aplikací\RescueTime.com
2016-07-28 20:37 . 2016-07-28 20:37 -------- d-----w- c:\program files\RescueTime
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-08-19 08:17 . 2015-07-11 14:58 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-08-05 14:50 . 2014-10-03 11:00 224616 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-07-20 10:04 . 2010-03-29 15:01 26176 ---ha-w- c:\windows\system32\hamachi.sys
2016-07-16 07:11 . 2012-05-05 07:58 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-07-16 07:11 . 2011-12-12 12:14 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-07-14 14:50 . 2012-03-15 14:05 438296 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-07-01 14:49 . 2016-07-01 14:49 184592 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2016-07-01 14:49 . 2012-03-15 14:05 66688 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2016-07-01 14:49 . 2014-10-03 11:06 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-07-01 14:49 . 2014-10-03 11:00 91680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-07-01 14:49 . 2014-10-03 11:00 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-07-01 14:49 . 2012-03-15 14:05 64272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2016-07-01 14:48 . 2016-07-01 14:49 921280 ----a-w- c:\windows\ucrtbase.dll
2016-07-01 14:48 . 2016-07-01 14:49 319248 ----a-w- c:\windows\system32\aswBoot.exe
2016-07-01 14:48 . 2016-07-01 14:48 53208 ----a-w- c:\windows\avastSS.scr
2016-07-01 14:48 . 2016-07-01 14:49 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-07-01 14:48 . 2012-03-15 14:05 816304 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-06-02 17:27 . 2007-08-20 12:41 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2016-06-02 17:27 . 2009-09-26 10:59 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2016-06-02 17:27 . 2007-08-20 12:41 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt9]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-07-01 14:48 831464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Overwolf"="c:\program files\Overwolf\OverwolfLauncher.exe" [2016-08-14 247344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2011-05-12 20053608]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-10-05 112152]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-08-09 8900328]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-12-23 98304]
"DivX Download Manager"="c:\program files\divx\divx plus web player\ddmservice.exe" [2010-12-08 63360]
"Dropbox"="c:\program files\Dropbox\Client\Dropbox.exe" [2016-08-16 23892200]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2016-07-20 5565960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2012-1-17 409088]
RescueTime.lnk - c:\program files\RescueTime\RescueTime.exe [2016-7-28 3628544]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2016-07-20 10:09 5565960 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
2012-03-09 17:39 3339776 ----a-w- c:\program files\OSCAR Editor X7\OscarEditor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\GamePark\\GameparkClient.exe"=
"c:\\Program Files\\GamePark\\GamePark.url"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"c:\\Program Files\\Counter-Strike\\hl.exe"=
"c:\\Documents and Settings\\Honzik\\Dokumenty\\Aplikace\\různě hry\\bulanci.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA SPORTS\\NHL07\\nhl2007.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold_Crusader_Extreme.exe"=
"c:\\Documents and Settings\\Honzik\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\MetaTrader 5\\metatester.exe"=
"c:\\Program Files\\MetaTrader-Admiral Markets\\metatester.exe"=
"c:\\Program Files\\Hearthstone\\Hearthstone.exe"=
"c:\\Quake III Arena\\Quake3\\quake3.exe"=
"c:\\Program Files\\EA SPORTS\\FIFA 07\\fifa07.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Dropbox\\Client\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26000:TCP"= 26000:TCP:Gamepark
"26000:UDP"= 26000:UDP:Gamepark
"29999:TCP"= 29999:TCP:Gamepark
"29999:UDP"= 29999:UDP:Gamepark
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [3.10.2014 13:00 60424]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswvmm.sys [3.10.2014 13:00 224616]
R0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [11.9.2006 14:01 67960]
R0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [3.11.2006 10:24 61312]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.12.2006 20:17 639224]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [1.1.2010 3:12 18544]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [1.7.2016 16:49 35096]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15.3.2012 16:05 816304]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [15.3.2012 16:05 438296]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [3.10.2014 13:06 34008]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.10.2014 13:00 91680]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [20.7.2016 12:08 1901576]
R2 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe;c:\documents and settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe [14.7.2016 21:42 155336]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [18.1.2012 16:09 12184]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [20.7.2016 12:05 405424]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [1.1.2010 3:13 2655768]
R3 aswStmXP;Avast StreamFilter Driver;c:\windows\system32\drivers\aswStmXP.sys [1.7.2016 16:49 184592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [11.8.2012 22:45 103040]
S2 dbupdate;Dropbox Update Service (dbupdate);c:\program files\Dropbox\Update\DropboxUpdate.exe [3.10.2015 9:05 136048]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.1.2010 3:12 1691480]
S3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files\Dropbox\Update\DropboxUpdate.exe [3.10.2015 9:05 136048]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [7.6.2012 12:31 135584]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [1.1.2010 3:18 24944]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [1.1.2010 3:12 41088]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files\Overwolf\OverwolfUpdater.exe [14.8.2016 13:45 1310448]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11.8.2012 19:35 27064]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [1.11.2011 22:06 155520]
.
Obsah adresáře 'Naplánované úlohy'
.
2016-08-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 07:11]
.
2016-08-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-01 14:48]
.
2016-08-24 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-10-03 07:05]
.
2016-08-24 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-10-03 07:05]
.
2016-08-24 c:\windows\Tasks\Opera scheduled Autoupdate 1262298452.job
- c:\program files\Opera\launcher.exe [2009-12-31 12:29]
.
2016-08-23 c:\windows\Tasks\Overwolf Updater Task.job
- c:\program files\Overwolf\OverwolfUpdater.exe [2016-08-14 11:45]
.
2016-08-24 c:\windows\Tasks\SafeZone scheduled Autoupdate 1467438189.job
- c:\program files\AVAST Software\SZBrowser\launcher.exe [2016-07-02 13:03]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/?clid=22668
IE: Clip selection - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Nová poznámka - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
TCP: DhcpNameServer = 10.3.254.179 88.83.160.1
TCP: Interfaces\{48C3E7D4-42F5-491A-9FF0-BDC622AFD4C2}: NameServer = 8.8.8.8
TCP: Interfaces\{645A233A-9386-4466-8F2B-A73774C6CB09}: NameServer = 8.8.8.8
TCP: Interfaces\{B24B0124-61EE-4332-84B3-732C45BE057C}: NameServer = 8.8.8.8
FF - ProfilePath - c:\documents and settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-08-24 09:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\OverwolfUpdater]
"ImagePath"="\"\"c:\program files\Overwolf\OverwolfUpdater.exe\" /RunningFrom SCM\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\G*e*n*i*e*"!\FM Genie Scout 10]
"GameDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010"
"SaveDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010\\"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2010\\data\\db\\1000\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000058
"GraphStep"=dword:00000001
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:00009fe8
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000000
"Version"=dword:00000074
"UniqueID"="36-AEB0-E2FF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\G*e*n*i*e*"!\FM Genie Scout 13]
"GameDir"="c:\\FM Genie Scout 13\\games"
"ShortlistDir"="c:\\FM Genie Scout 13\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 13"
"SaveDir"="c:\\FM Genie Scout 13\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a201
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="36-AEB0-E2FF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000006
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000005
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000001
"TopFormationFeatureNum"=dword:00000004
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000039
"GameLoadedCounter"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1112)
c:\program files\Dropbox\Client\DropboxExt.40.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\MSVCP140.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\VCRUNTIME140.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-runtime-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\ucrtbase.DLL
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-string-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-errorhandling-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-file-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-namedpipe-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-handle-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-file-l2-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-heap-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-libraryloader-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-synch-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-processthreads-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-processenvironment-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-datetime-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-localization-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-sysinfo-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-synch-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-console-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-debug-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-file-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-profile-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-memory-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-util-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-rtlsupport-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-interlocked-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-string-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-convert-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-locale-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-math-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-time-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-filesystem-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-utility-l1-1-0.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2016-08-24 09:48:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-08-24 07:48
ComboFix2.txt 2016-08-23 13:02
.
Před spuštěním: Volných bajtů: 17 324 875 776
Po spuštění: Volných bajtů: 17 284 173 824
.
- - End Of File - - DAC49A4CFE6B8F660DE1A225C1044B36
413FC2A0C716421B3158746D63736515
tady log z combofix:
ComboFix 16-08-21.02 - Honzik 24.08.2016 9:25.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3575.2668 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honzik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honzik\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.31.5\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdate.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.31.5\goopdate.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_am.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ar.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_bg.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_bn.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ca.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_cs.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_da.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_de.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_el.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_en.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_es.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_et.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fa.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fi.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fil.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_fr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_gu.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_hi.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_hr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_hu.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_id.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_is.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_it.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_iw.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ja.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_kn.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ko.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_lt.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_lv.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ml.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_mr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ms.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_nl.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_no.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_pl.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ro.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ru.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sk.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sl.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sv.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_sw.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ta.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_te.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_th.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_tr.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_uk.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_ur.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_vi.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.31.5\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.31.5\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.31.5\psmachine.dll
c:\program files\Google\Update\1.3.31.5\psmachine_64.dll
c:\program files\Google\Update\1.3.31.5\psuser.dll
c:\program files\Google\Update\1.3.31.5\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.31.5\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-07-24 do 2016-08-24 )))))))))))))))))))))))))))))))
.
.
2016-08-22 13:42 . 2016-08-22 13:55 -------- d-----w- C:\zoek_backup
2016-08-19 08:16 . 2016-08-19 08:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2016-08-18 13:13 . 2016-08-18 13:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Oracle
2016-08-18 12:37 . 2016-08-19 08:02 -------- d-----w- C:\AdwCleaner
2016-08-13 11:18 . 2016-08-19 16:58 -------- d-----w- c:\program files\Traders Way MetaTrader 4
2016-07-28 20:37 . 2016-07-28 20:37 -------- d-----w- c:\documents and settings\Honzik\Local Settings\Data aplikací\RescueTime.com
2016-07-28 20:37 . 2016-07-28 20:37 -------- d-----w- c:\program files\RescueTime
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-08-19 08:17 . 2015-07-11 14:58 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-08-05 14:50 . 2014-10-03 11:00 224616 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-07-20 10:04 . 2010-03-29 15:01 26176 ---ha-w- c:\windows\system32\hamachi.sys
2016-07-16 07:11 . 2012-05-05 07:58 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-07-16 07:11 . 2011-12-12 12:14 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-07-14 14:50 . 2012-03-15 14:05 438296 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-07-01 14:49 . 2016-07-01 14:49 184592 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2016-07-01 14:49 . 2012-03-15 14:05 66688 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2016-07-01 14:49 . 2014-10-03 11:06 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-07-01 14:49 . 2014-10-03 11:00 91680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-07-01 14:49 . 2014-10-03 11:00 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-07-01 14:49 . 2012-03-15 14:05 64272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2016-07-01 14:48 . 2016-07-01 14:49 921280 ----a-w- c:\windows\ucrtbase.dll
2016-07-01 14:48 . 2016-07-01 14:49 319248 ----a-w- c:\windows\system32\aswBoot.exe
2016-07-01 14:48 . 2016-07-01 14:48 53208 ----a-w- c:\windows\avastSS.scr
2016-07-01 14:48 . 2016-07-01 14:49 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-07-01 14:48 . 2012-03-15 14:05 816304 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-06-02 17:27 . 2007-08-20 12:41 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2016-06-02 17:27 . 2009-09-26 10:59 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2016-06-02 17:27 . 2007-08-20 12:41 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt10]
@="{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt9]
@="{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}]
2016-08-16 18:53 216896 ----a-w- c:\program files\Dropbox\Client\DropboxExt.40.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-07-01 14:48 831464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Overwolf"="c:\program files\Overwolf\OverwolfLauncher.exe" [2016-08-14 247344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2011-05-12 20053608]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-10-05 112152]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-08-09 8900328]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-12-23 98304]
"DivX Download Manager"="c:\program files\divx\divx plus web player\ddmservice.exe" [2010-12-08 63360]
"Dropbox"="c:\program files\Dropbox\Client\Dropbox.exe" [2016-08-16 23892200]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2016-07-20 5565960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
GamePark klient 2.lnk - c:\program files\GamePark2\gpcl.exe [2012-1-17 409088]
RescueTime.lnk - c:\program files\RescueTime\RescueTime.exe [2016-7-28 3628544]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2016-07-20 10:09 5565960 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarEditor]
2012-03-09 17:39 3339776 ----a-w- c:\program files\OSCAR Editor X7\OscarEditor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\GamePark\\GameparkClient.exe"=
"c:\\Program Files\\GamePark\\GamePark.url"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\The All-Seeing Eye\\eye.exe"=
"c:\\Program Files\\Counter-Strike\\hl.exe"=
"c:\\Documents and Settings\\Honzik\\Dokumenty\\Aplikace\\různě hry\\bulanci.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA SPORTS\\NHL07\\nhl2007.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold_Crusader_Extreme.exe"=
"c:\\Documents and Settings\\Honzik\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\MetaTrader 5\\metatester.exe"=
"c:\\Program Files\\MetaTrader-Admiral Markets\\metatester.exe"=
"c:\\Program Files\\Hearthstone\\Hearthstone.exe"=
"c:\\Quake III Arena\\Quake3\\quake3.exe"=
"c:\\Program Files\\EA SPORTS\\FIFA 07\\fifa07.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Dropbox\\Client\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26000:TCP"= 26000:TCP:Gamepark
"26000:UDP"= 26000:UDP:Gamepark
"29999:TCP"= 29999:TCP:Gamepark
"29999:UDP"= 29999:UDP:Gamepark
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [3.10.2014 13:00 60424]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswvmm.sys [3.10.2014 13:00 224616]
R0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [11.9.2006 14:01 67960]
R0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [3.11.2006 10:24 61312]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.12.2006 20:17 639224]
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [1.1.2010 3:12 18544]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [1.7.2016 16:49 35096]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15.3.2012 16:05 816304]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [15.3.2012 16:05 438296]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [3.10.2014 13:06 34008]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.10.2014 13:00 91680]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [20.7.2016 12:08 1901576]
R2 HuaweiHiSuiteService.exe;HuaweiHiSuiteService.exe;c:\documents and settings\All Users\Data aplikací\HandSetService\HuaweiHiSuiteService.exe [14.7.2016 21:42 155336]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [18.1.2012 16:09 12184]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn Hamachi\LMIGuardianSvc.exe [20.7.2016 12:05 405424]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [1.1.2010 3:13 2655768]
R3 aswStmXP;Avast StreamFilter Driver;c:\windows\system32\drivers\aswStmXP.sys [1.7.2016 16:49 184592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [11.8.2012 22:45 103040]
S2 dbupdate;Dropbox Update Service (dbupdate);c:\program files\Dropbox\Update\DropboxUpdate.exe [3.10.2015 9:05 136048]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [1.1.2010 3:12 1691480]
S3 dbupdatem;Dropbox Update Service (dbupdatem);c:\program files\Dropbox\Update\DropboxUpdate.exe [3.10.2015 9:05 136048]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [7.6.2012 12:31 135584]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [1.1.2010 3:18 24944]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [1.1.2010 3:12 41088]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files\Overwolf\OverwolfUpdater.exe [14.8.2016 13:45 1310448]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [11.8.2012 19:35 27064]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [1.11.2011 22:06 155520]
.
Obsah adresáře 'Naplánované úlohy'
.
2016-08-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 07:11]
.
2016-08-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2016-07-01 14:48]
.
2016-08-24 c:\windows\Tasks\DropboxUpdateTaskMachineCore.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-10-03 07:05]
.
2016-08-24 c:\windows\Tasks\DropboxUpdateTaskMachineUA.job
- c:\program files\Dropbox\Update\DropboxUpdate.exe [2015-10-03 07:05]
.
2016-08-24 c:\windows\Tasks\Opera scheduled Autoupdate 1262298452.job
- c:\program files\Opera\launcher.exe [2009-12-31 12:29]
.
2016-08-23 c:\windows\Tasks\Overwolf Updater Task.job
- c:\program files\Overwolf\OverwolfUpdater.exe [2016-08-14 11:45]
.
2016-08-24 c:\windows\Tasks\SafeZone scheduled Autoupdate 1467438189.job
- c:\program files\AVAST Software\SZBrowser\launcher.exe [2016-07-02 13:03]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/?clid=22668
IE: Clip selection - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: Download with GetRight - c:\program files\GetRight\GRdownload.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Nová poznámka - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Open with GetRight Browser - c:\program files\GetRight\GRbrowse.htm
TCP: DhcpNameServer = 10.3.254.179 88.83.160.1
TCP: Interfaces\{48C3E7D4-42F5-491A-9FF0-BDC622AFD4C2}: NameServer = 8.8.8.8
TCP: Interfaces\{645A233A-9386-4466-8F2B-A73774C6CB09}: NameServer = 8.8.8.8
TCP: Interfaces\{B24B0124-61EE-4332-84B3-732C45BE057C}: NameServer = 8.8.8.8
FF - ProfilePath - c:\documents and settings\Honzik\Data aplikací\Mozilla\Firefox\Profiles\52184y9o.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2016-08-24 09:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\OverwolfUpdater]
"ImagePath"="\"\"c:\program files\Overwolf\OverwolfUpdater.exe\" /RunningFrom SCM\""
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\G*e*n*i*e*"!\FM Genie Scout 10]
"GameDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010"
"SaveDir"="c:\\Documents and Settings\\Honzik\\Dokumenty\\Sports Interactive\\Football Manager 2010\\"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2010\\data\\db\\1000\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000058
"GraphStep"=dword:00000001
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:00009fe8
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000000
"Version"=dword:00000074
"UniqueID"="36-AEB0-E2FF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
.
[HKEY_USERS\S-1-5-21-4169299674-1468450816-3153339792-1006\Software\G*e*n*i*e*"!\FM Genie Scout 13]
"GameDir"="c:\\FM Genie Scout 13\\games"
"ShortlistDir"="c:\\FM Genie Scout 13\\shortlists"
"FMPath"=""
"ScreenshotsDir"="c:\\FM Genie Scout 13"
"SaveDir"="c:\\FM Genie Scout 13\\"
"HistoryDir"="c:\\FM Genie Scout 13\\History Points"
"HistoryAutoTracking"=dword:00000000
"LangDB"="c:\\FM Genie Scout 13\\lang_db.dat"
"LastSaveGame"=""
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Steklo Black"
"LastUpdateCheck"=dword:0000a201
"VersionOf201"=dword:0000007b
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"ShowGuidNotification2"=dword:00000000
"ShowQuickGuideNotification"=dword:00000000
"ShowDonateNotification"=dword:00000000
"Version"=dword:00000158
"UniqueID"="36-AEB0-E2FF"
"Currency"=dword:00000056
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""
"PlayerSearchFeatureNum"=dword:00000006
"StaffSearchFeatureNum"=dword:00000000
"ClubSearchFeatureNum"=dword:00000005
"FilterByClubFeatureNum"=dword:00000000
"CompareFeatureNum"=dword:00000000
"ShortlistFeatureNum"=dword:00000000
"ExportFeatureNum"=dword:00000000
"HistoryFeatureNum"=dword:00000000
"LanguageDBFeatureNum"=dword:00000000
"HintsFeatureNum"=dword:00000001
"GenieReportFeatureNum"=dword:00000001
"TopFormationFeatureNum"=dword:00000004
"ScreenshotFeatureNum"=dword:00000000
"AdClicksNum"=dword:00000000
"AdImpressionsNum"=dword:00000039
"GameLoadedCounter"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(924)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1112)
c:\program files\Dropbox\Client\DropboxExt.40.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\MSVCP140.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\VCRUNTIME140.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-runtime-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\ucrtbase.DLL
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-string-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-errorhandling-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-timezone-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-file-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-namedpipe-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-handle-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-file-l2-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-heap-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-libraryloader-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-synch-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-processthreads-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-processenvironment-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-datetime-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-localization-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-sysinfo-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-synch-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-console-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-debug-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-processthreads-l1-1-1.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-file-l1-2-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-profile-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-memory-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-util-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-rtlsupport-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-core-interlocked-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-string-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-heap-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-stdio-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-convert-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-locale-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-math-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-multibyte-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-time-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-filesystem-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-environment-l1-1-0.dll
c:\windows\WinSxS\x86_Avast.VC140.CRT_fcc99ee6193ebbca_14.0.23918.0_x-ww_d1a3fa5e\api-ms-win-crt-utility-l1-1-0.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2016-08-24 09:48:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-08-24 07:48
ComboFix2.txt 2016-08-23 13:02
.
Před spuštěním: Volných bajtů: 17 324 875 776
Po spuštění: Volných bajtů: 17 284 173 824
.
- - End Of File - - DAC49A4CFE6B8F660DE1A225C1044B36
413FC2A0C716421B3158746D63736515
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu (pc občas zamrzne)
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt
Co problémy? + nový log z HJT
Start-Spustit a zadej ComboFix /Uninstall
====================================================
Vyčisti systém CCleanerem
====================================================
Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt
Co problémy? + nový log z HJT
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 84 hostů