Notebook zamrzá Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 18 bře 2016 13:22

zdá se mi to divný. Po 3 hod Zoek beze změny. Když ho chci zavřít, tak mi hází hlášku, že zoek.exe běží a ať počkám, že se ukončí sám. Co s tím?
Nahoru
Reklama
Top
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 18 bře 2016 14:31

Ukončit nešel ani ze správce úloh. Tak jsem restartoval comp a pak spustil CF.

ComboFix 16-03-18.01 - Jiří Jamník 18.03.2016 14:04:55.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2639 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý JamnÝk\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\~DFK69c5df.tmp
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\bass.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Jiří Jamník\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\PFRO.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\TEMP\SafeZone Installer\installer.exe . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-18 do 2016-03-18 )))))))))))))))))))))))))))))))
.
.
2016-03-18 13:16 . 2016-03-18 13:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-18 09:06 . 2016-03-18 09:06 -------- d-----w- C:\zoek_backup
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\windows\MATS
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\program files\Microsoft Fix it Center
2016-03-17 20:58 . 2016-03-17 20:58 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-17 20:58 . 2016-03-17 20:58 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-16 11:18 . 2016-03-17 22:18 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-16 11:17 . 2016-03-16 17:59 -------- d-----w- c:\programdata\RogueKiller
2016-03-16 11:10 . 2016-03-16 11:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.2620.dll
2016-03-16 11:05 . 2016-02-15 09:36 45992 ----a-w- c:\windows\system32\TURegOpt.exe
2016-03-16 11:05 . 2016-02-15 09:30 37288 ----a-w- c:\windows\system32\authuitu.dll
2016-03-16 11:05 . 2016-02-15 09:30 32680 ----a-w- c:\windows\SysWow64\authuitu.dll
2016-03-16 11:01 . 2016-03-16 11:03 -------- d-----w- c:\program files (x86)\AVG
2016-03-16 11:01 . 2016-03-16 11:03 -------- d-----w- c:\programdata\Avg
2016-03-16 11:00 . 2016-03-16 11:04 -------- d-----w- c:\users\Jiří Jamník\AppData\Local\Avg
2016-03-16 11:00 . 2016-03-16 11:00 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-16 06:55 . 2016-03-16 08:24 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-16 06:54 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-16 06:54 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-16 06:54 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-16 06:54 . 2016-03-16 06:54 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-16 05:42 . 2016-03-16 05:42 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.3980.dll
2016-03-15 22:01 . 2016-03-15 23:34 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-15 13:57 . 2016-03-16 19:53 -------- d-----w- c:\program files\trend micro
2016-03-15 08:37 . 2016-03-15 08:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.5468.dll
2016-03-15 08:13 . 2016-03-15 08:12 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-15 08:13 . 2016-03-15 08:12 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-03-15 08:12 . 2016-03-15 08:12 52184 ----a-w- c:\windows\avastSS.scr
2016-03-15 05:56 . 2016-02-19 01:53 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\mpengine.dll
2016-02-21 21:41 . 2016-02-21 21:41 -------- d-----w- c:\program files (x86)\OpenXML-ODF Translator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-15 08:14 . 2011-03-09 08:47 1070904 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-03-15 08:14 . 2010-12-01 09:54 107792 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2016-03-15 08:14 . 2010-12-01 09:54 463744 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-03-15 08:13 . 2013-04-26 12:00 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-03-15 08:13 . 2013-12-30 19:55 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-03-15 08:12 . 2014-05-07 14:24 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-03-15 08:12 . 2013-04-26 12:00 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-03-15 08:12 . 2012-03-14 15:34 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-03-15 08:12 . 2015-08-25 15:58 154024 ----a-w- c:\windows\system32\drivers\ngvss.sys
2016-03-15 08:10 . 2013-06-13 14:34 462304 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2016-03-11 05:51 . 2010-11-20 13:49 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-06 10:48 . 2016-02-10 18:49 25839104 ----a-w- c:\windows\system32\mshtml.dll
2016-02-06 10:32 . 2016-02-10 18:49 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-02-06 10:24 . 2016-02-10 18:49 2887680 ----a-w- c:\windows\system32\iertutil.dll
2016-02-06 10:11 . 2016-02-10 18:49 615936 ----a-w- c:\windows\system32\ieui.dll
2016-02-06 10:10 . 2016-02-10 18:49 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-02-06 09:54 . 2016-02-10 18:49 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-02-06 09:37 . 2016-02-10 18:49 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-02-06 09:32 . 2016-02-10 18:49 14458368 ----a-w- c:\windows\system32\ieframe.dll
2016-02-06 09:09 . 2016-02-10 18:49 1547264 ----a-w- c:\windows\system32\urlmon.dll
2016-01-22 20:31 . 2016-02-10 18:48 387784 ----a-w- c:\windows\system32\iedkcs32.dll
2016-01-22 06:56 . 2016-02-10 18:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-01-22 06:41 . 2016-02-10 18:48 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-01-22 06:40 . 2016-02-10 18:48 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-01-22 06:40 . 2016-02-10 18:48 417792 ----a-w- c:\windows\system32\html.iec
2016-01-22 06:40 . 2016-02-10 18:48 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-01-22 06:40 . 2016-02-10 18:48 571904 ----a-w- c:\windows\system32\vbscript.dll
2016-01-22 06:33 . 2016-02-10 18:48 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-01-22 06:32 . 2016-02-10 18:48 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-01-22 06:29 . 2016-02-10 18:48 6052352 ----a-w- c:\windows\system32\jscript9.dll
2016-01-22 06:27 . 2016-02-10 18:48 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-01-22 06:27 . 2016-02-10 18:48 817664 ----a-w- c:\windows\system32\jscript.dll
2016-01-22 06:27 . 2016-02-10 18:48 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-01-22 06:27 . 2016-02-10 18:46 5573056 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-01-22 06:27 . 2016-02-10 18:46 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-01-22 06:27 . 2016-02-10 18:46 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-01-22 06:24 . 2016-02-10 18:46 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-01-22 06:20 . 2016-02-10 18:46 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-01-22 06:20 . 2016-02-10 18:46 243712 ----a-w- c:\windows\system32\wow64.dll
2016-01-22 06:20 . 2016-02-10 18:46 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-01-22 06:20 . 2016-02-10 18:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-01-22 06:20 . 2016-02-10 18:48 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-01-22 06:20 . 2016-02-10 18:46 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-01-22 06:20 . 2016-02-10 18:46 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-22 06:20 . 2016-02-10 18:46 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-01-22 06:20 . 2016-02-10 18:46 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-01-22 06:20 . 2016-02-10 18:46 503808 ----a-w- c:\windows\system32\srcore.dll
2016-01-22 06:20 . 2016-02-10 18:46 50176 ----a-w- c:\windows\system32\srclient.dll
2016-01-22 06:19 . 2016-02-10 18:45 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:19 . 2016-02-10 18:46 28160 ----a-w- c:\windows\system32\secur32.dll
2016-01-22 06:19 . 2016-02-10 18:46 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:19 . 2016-02-10 18:46 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-01-22 06:18 . 2016-02-10 18:46 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 18:46 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:18 . 2016-02-10 18:46 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-01-22 06:17 . 2016-02-10 18:48 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-01-22 06:17 . 2016-02-10 18:46 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-01-22 06:17 . 2016-02-10 18:46 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:17 . 2016-02-10 18:46 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-01-22 06:16 . 2016-02-10 18:46 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-01-22 06:16 . 2016-02-10 18:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-01-22 06:16 . 2016-02-10 18:46 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-01-22 06:15 . 2016-02-10 18:46 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-01-22 06:15 . 2016-02-10 18:46 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-01-22 06:15 . 2016-02-10 18:46 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-01-22 06:15 . 2016-02-10 18:45 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:13 . 2016-02-10 18:46 3993536 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-01-22 06:13 . 2016-02-10 18:46 3938752 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-01-22 06:13 . 2016-02-10 18:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-01-22 06:13 . 2016-02-10 18:46 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-01-22 06:13 . 2016-02-10 18:46 22016 ----a-w- c:\windows\system32\credssp.dll
2016-01-22 06:12 . 2016-02-10 18:45 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-01-22 06:12 . 2016-02-10 18:46 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 686080 ----a-w- c:\windows\system32\adtschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-01-15 8619224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-08-12 73832]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-03-15 7137664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-12-13 1085656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
.
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys;c:\windows\SYSNATIVE\drivers\LUMDriver.sys [x]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe;c:\program files\Microsoft Fix it Center\Matsvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
R4 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-03-15 08:12 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKU-Default-Run-ZoneAlarm Windows 10 Upgrader - c:\programdata\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-{3651C800-6E7A-47E1-AEAD-ACF68509BF8D} - c:\programdata\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}\setup_amr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\SysWOW64\brsvc01a.exe
c:\windows\SysWOW64\brss01a.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2016-03-18 14:28:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-18 13:28
.
Před spuštěním: Volných bajtů: 37,192,978,432
Po spuštění: Volných bajtů: 36,452,462,592
.
- - End Of File - - 09B57C749AC6C64E73BBB045C011574E
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43294
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod jaro3 » 18 bře 2016 15:08

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

nemůžeš mít dva antiviry , jeden odinstaluj a znovu Combofix.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 18 bře 2016 16:16

Jak to myslíš dva? Zonealarm používám pouze jako firewall a avast jako antivirus. Mám teda odinstalovat zonealarm? A jakej firewall mám nainstalovat?
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 18 bře 2016 19:08

Odinstaloval jsem Zonealarm, restartoval, ale pořád tam byl a pracoval. I když ho nemám v naistalovaných programech ani v menu start, tak v program files je a běží.

tady je log z CF

ComboFix 16-03-18.01 - Jiří Jamník 18.03.2016 18:42:06.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2146 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý JamnÝk\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-18 do 2016-03-18 )))))))))))))))))))))))))))))))
.
.
2016-03-18 17:53 . 2016-03-18 17:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-18 16:32 . 2016-03-18 17:32 -------- d-----w- c:\programdata\Comodo
2016-03-18 09:06 . 2016-03-18 09:06 -------- d-----w- C:\zoek_backup
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\windows\MATS
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\program files\Microsoft Fix it Center
2016-03-17 20:58 . 2016-03-17 20:58 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-17 20:58 . 2016-03-17 20:58 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-16 11:18 . 2016-03-17 22:18 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-16 11:17 . 2016-03-16 17:59 -------- d-----w- c:\programdata\RogueKiller
2016-03-16 11:10 . 2016-03-16 11:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.2620.dll
2016-03-16 11:05 . 2016-02-15 09:36 45992 ----a-w- c:\windows\system32\TURegOpt.exe
2016-03-16 11:05 . 2016-02-15 09:30 37288 ----a-w- c:\windows\system32\authuitu.dll
2016-03-16 11:05 . 2016-02-15 09:30 32680 ----a-w- c:\windows\SysWow64\authuitu.dll
2016-03-16 11:01 . 2016-03-16 11:03 -------- d-----w- c:\program files (x86)\AVG
2016-03-16 11:01 . 2016-03-16 11:03 -------- d-----w- c:\programdata\Avg
2016-03-16 11:00 . 2016-03-16 11:04 -------- d-----w- c:\users\Jiří Jamník\AppData\Local\Avg
2016-03-16 11:00 . 2016-03-16 11:00 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-16 06:55 . 2016-03-16 08:24 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-16 06:54 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-16 06:54 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-16 06:54 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-16 06:54 . 2016-03-16 06:54 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-15 22:01 . 2016-03-15 23:34 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-15 13:57 . 2016-03-16 19:53 -------- d-----w- c:\program files\trend micro
2016-03-15 08:37 . 2016-03-15 08:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.5468.dll
2016-03-15 08:13 . 2016-03-15 08:12 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-15 08:13 . 2016-03-15 08:12 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-03-15 08:12 . 2016-03-15 08:12 52184 ----a-w- c:\windows\avastSS.scr
2016-03-15 05:56 . 2016-02-19 01:53 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\mpengine.dll
2016-02-21 21:41 . 2016-02-21 21:41 -------- d-----w- c:\program files (x86)\OpenXML-ODF Translator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-15 08:14 . 2011-03-09 08:47 1070904 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-03-15 08:14 . 2010-12-01 09:54 107792 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2016-03-15 08:14 . 2010-12-01 09:54 463744 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-03-15 08:13 . 2013-04-26 12:00 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-03-15 08:13 . 2013-12-30 19:55 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-03-15 08:12 . 2014-05-07 14:24 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-03-15 08:12 . 2013-04-26 12:00 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-03-15 08:12 . 2012-03-14 15:34 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-03-15 08:12 . 2015-08-25 15:58 154024 ----a-w- c:\windows\system32\drivers\ngvss.sys
2016-03-15 08:10 . 2013-06-13 14:34 462304 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2016-03-11 05:51 . 2010-11-20 13:49 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-06 10:48 . 2016-02-10 18:49 25839104 ----a-w- c:\windows\system32\mshtml.dll
2016-02-06 10:32 . 2016-02-10 18:49 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-02-06 10:24 . 2016-02-10 18:49 2887680 ----a-w- c:\windows\system32\iertutil.dll
2016-02-06 10:11 . 2016-02-10 18:49 615936 ----a-w- c:\windows\system32\ieui.dll
2016-02-06 10:10 . 2016-02-10 18:49 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-02-06 09:54 . 2016-02-10 18:49 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-02-06 09:37 . 2016-02-10 18:49 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-02-06 09:32 . 2016-02-10 18:49 14458368 ----a-w- c:\windows\system32\ieframe.dll
2016-02-06 09:09 . 2016-02-10 18:49 1547264 ----a-w- c:\windows\system32\urlmon.dll
2016-01-22 20:31 . 2016-02-10 18:48 387784 ----a-w- c:\windows\system32\iedkcs32.dll
2016-01-22 06:56 . 2016-02-10 18:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-01-22 06:41 . 2016-02-10 18:48 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-01-22 06:40 . 2016-02-10 18:48 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-01-22 06:40 . 2016-02-10 18:48 417792 ----a-w- c:\windows\system32\html.iec
2016-01-22 06:40 . 2016-02-10 18:48 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-01-22 06:40 . 2016-02-10 18:48 571904 ----a-w- c:\windows\system32\vbscript.dll
2016-01-22 06:33 . 2016-02-10 18:48 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-01-22 06:32 . 2016-02-10 18:48 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-01-22 06:29 . 2016-02-10 18:48 6052352 ----a-w- c:\windows\system32\jscript9.dll
2016-01-22 06:27 . 2016-02-10 18:48 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-01-22 06:27 . 2016-02-10 18:48 817664 ----a-w- c:\windows\system32\jscript.dll
2016-01-22 06:27 . 2016-02-10 18:48 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-01-22 06:27 . 2016-02-10 18:46 5573056 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-01-22 06:27 . 2016-02-10 18:46 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-01-22 06:27 . 2016-02-10 18:46 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-01-22 06:24 . 2016-02-10 18:46 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-01-22 06:20 . 2016-02-10 18:46 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-01-22 06:20 . 2016-02-10 18:46 243712 ----a-w- c:\windows\system32\wow64.dll
2016-01-22 06:20 . 2016-02-10 18:46 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-01-22 06:20 . 2016-02-10 18:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-01-22 06:20 . 2016-02-10 18:48 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-01-22 06:20 . 2016-02-10 18:46 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-01-22 06:20 . 2016-02-10 18:46 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-22 06:20 . 2016-02-10 18:46 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-01-22 06:20 . 2016-02-10 18:46 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-01-22 06:20 . 2016-02-10 18:46 503808 ----a-w- c:\windows\system32\srcore.dll
2016-01-22 06:20 . 2016-02-10 18:46 50176 ----a-w- c:\windows\system32\srclient.dll
2016-01-22 06:19 . 2016-02-10 18:45 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:19 . 2016-02-10 18:46 28160 ----a-w- c:\windows\system32\secur32.dll
2016-01-22 06:19 . 2016-02-10 18:46 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:19 . 2016-02-10 18:46 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-01-22 06:18 . 2016-02-10 18:46 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 18:46 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:18 . 2016-02-10 18:46 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-01-22 06:17 . 2016-02-10 18:48 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-01-22 06:17 . 2016-02-10 18:46 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-01-22 06:17 . 2016-02-10 18:46 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:17 . 2016-02-10 18:46 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-01-22 06:16 . 2016-02-10 18:46 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-01-22 06:16 . 2016-02-10 18:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-01-22 06:16 . 2016-02-10 18:46 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-01-22 06:15 . 2016-02-10 18:46 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-01-22 06:15 . 2016-02-10 18:46 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-01-22 06:15 . 2016-02-10 18:46 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-01-22 06:15 . 2016-02-10 18:45 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:13 . 2016-02-10 18:46 3993536 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-01-22 06:13 . 2016-02-10 18:46 3938752 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-01-22 06:13 . 2016-02-10 18:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-01-22 06:13 . 2016-02-10 18:46 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-01-22 06:13 . 2016-02-10 18:46 22016 ----a-w- c:\windows\system32\credssp.dll
2016-01-22 06:12 . 2016-02-10 18:45 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-01-22 06:12 . 2016-02-10 18:46 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 686080 ----a-w- c:\windows\system32\adtschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-08-12 73832]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-03-18 7139256]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-12-13 1085656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys;c:\windows\SYSNATIVE\drivers\LUMDriver.sys [x]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe;c:\program files\Microsoft Fix it Center\Matsvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [x]
S4 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
S4 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe;c:\program files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [x]
S4 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-03-15 08:12 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-{3651C800-6E7A-47E1-AEAD-ACF68509BF8D} - c:\programdata\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}\setup_amr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-03-18 18:57:19
ComboFix-quarantined-files.txt 2016-03-18 17:57
ComboFix2.txt 2016-03-18 13:28
.
Před spuštěním: Volných bajtů: 37,147,504,640
Po spuštění: Volných bajtů: 37,562,773,504
.
- - End Of File - - 32AB91D464C173729C5F961617A38A34
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod jerabina » 18 bře 2016 20:09

Odinstaluj vše od McAfee a AVG TuneUp

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::

Folder::
c:\windows\TEMP\SafeZone Installer
c:\programdata\RogueKiller
c:\program files (x86)\CheckPoint
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Emsisoft Anti-Malware
c:\program files (x86)\AVG\AVG PC TuneUp

File::
c:\programdata\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}\setup_amr.exe

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"=-
"Adobe ARM"=-

[-HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

Driver::
SkypeUpdate
cleanhlp
TuneUpUtilitiesDrv
TuneUp.UtilitiesSvc
ZAPrivacyService

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
Obrázek
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 18 bře 2016 20:40

MCafee v programech nevidím. Odinstaloval jsem tedy jen AVG tuneUp
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 18 bře 2016 21:07

ComboFix 16-03-18.01 - Jiří Jamník 18.03.2016 20:49:32.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.1678 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý JamnÝk\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ji°Ý JamnÝk\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-18 do 2016-03-18 )))))))))))))))))))))))))))))))
.
.
2016-03-18 20:01 . 2016-03-18 20:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-18 18:32 . 2016-03-18 18:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.3820.dll
2016-03-18 16:32 . 2016-03-18 17:32 -------- d-----w- c:\programdata\Comodo
2016-03-18 09:06 . 2016-03-18 09:06 -------- d-----w- C:\zoek_backup
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\windows\MATS
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\program files\Microsoft Fix it Center
2016-03-17 20:58 . 2016-03-17 20:58 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-17 20:58 . 2016-03-17 20:58 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-16 11:18 . 2016-03-17 22:18 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-16 11:17 . 2016-03-16 17:59 -------- d-----w- c:\programdata\RogueKiller
2016-03-16 11:10 . 2016-03-16 11:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.2620.dll
2016-03-16 11:01 . 2016-03-18 19:38 -------- d-----w- c:\program files (x86)\AVG
2016-03-16 11:01 . 2016-03-18 19:38 -------- d-----w- c:\programdata\Avg
2016-03-16 11:00 . 2016-03-16 11:04 -------- d-----w- c:\users\Jiří Jamník\AppData\Local\Avg
2016-03-16 11:00 . 2016-03-16 11:00 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-16 06:55 . 2016-03-16 08:24 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-16 06:54 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-16 06:54 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-16 06:54 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-16 06:54 . 2016-03-16 06:54 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-15 22:01 . 2016-03-15 23:34 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-15 13:57 . 2016-03-16 19:53 -------- d-----w- c:\program files\trend micro
2016-03-15 08:37 . 2016-03-15 08:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.5468.dll
2016-03-15 08:13 . 2016-03-15 08:12 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-15 08:13 . 2016-03-15 08:12 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-03-15 08:12 . 2016-03-15 08:12 52184 ----a-w- c:\windows\avastSS.scr
2016-03-15 05:56 . 2016-02-19 01:53 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\mpengine.dll
2016-02-21 21:41 . 2016-02-21 21:41 -------- d-----w- c:\program files (x86)\OpenXML-ODF Translator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-15 08:14 . 2011-03-09 08:47 1070904 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-03-15 08:14 . 2010-12-01 09:54 107792 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2016-03-15 08:14 . 2010-12-01 09:54 463744 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-03-15 08:13 . 2013-04-26 12:00 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-03-15 08:13 . 2013-12-30 19:55 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-03-15 08:12 . 2014-05-07 14:24 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-03-15 08:12 . 2013-04-26 12:00 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-03-15 08:12 . 2012-03-14 15:34 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-03-15 08:12 . 2015-08-25 15:58 154024 ----a-w- c:\windows\system32\drivers\ngvss.sys
2016-03-15 08:10 . 2013-06-13 14:34 462304 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2016-03-11 05:51 . 2010-11-20 13:49 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-06 10:48 . 2016-02-10 18:49 25839104 ----a-w- c:\windows\system32\mshtml.dll
2016-02-06 10:32 . 2016-02-10 18:49 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-02-06 10:24 . 2016-02-10 18:49 2887680 ----a-w- c:\windows\system32\iertutil.dll
2016-02-06 10:11 . 2016-02-10 18:49 615936 ----a-w- c:\windows\system32\ieui.dll
2016-02-06 10:10 . 2016-02-10 18:49 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-02-06 09:54 . 2016-02-10 18:49 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-02-06 09:37 . 2016-02-10 18:49 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-02-06 09:32 . 2016-02-10 18:49 14458368 ----a-w- c:\windows\system32\ieframe.dll
2016-02-06 09:09 . 2016-02-10 18:49 1547264 ----a-w- c:\windows\system32\urlmon.dll
2016-01-22 20:31 . 2016-02-10 18:48 387784 ----a-w- c:\windows\system32\iedkcs32.dll
2016-01-22 06:56 . 2016-02-10 18:48 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-01-22 06:41 . 2016-02-10 18:48 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-01-22 06:40 . 2016-02-10 18:48 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-01-22 06:40 . 2016-02-10 18:48 417792 ----a-w- c:\windows\system32\html.iec
2016-01-22 06:40 . 2016-02-10 18:48 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-01-22 06:40 . 2016-02-10 18:48 571904 ----a-w- c:\windows\system32\vbscript.dll
2016-01-22 06:33 . 2016-02-10 18:48 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-01-22 06:32 . 2016-02-10 18:48 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-01-22 06:29 . 2016-02-10 18:48 6052352 ----a-w- c:\windows\system32\jscript9.dll
2016-01-22 06:27 . 2016-02-10 18:48 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-01-22 06:27 . 2016-02-10 18:48 817664 ----a-w- c:\windows\system32\jscript.dll
2016-01-22 06:27 . 2016-02-10 18:48 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-01-22 06:27 . 2016-02-10 18:46 5573056 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-01-22 06:27 . 2016-02-10 18:46 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2016-01-22 06:27 . 2016-02-10 18:46 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2016-01-22 06:24 . 2016-02-10 18:46 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-01-22 06:20 . 2016-02-10 18:46 362496 ----a-w- c:\windows\system32\wow64win.dll
2016-01-22 06:20 . 2016-02-10 18:46 243712 ----a-w- c:\windows\system32\wow64.dll
2016-01-22 06:20 . 2016-02-10 18:46 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2016-01-22 06:20 . 2016-02-10 18:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2016-01-22 06:20 . 2016-02-10 18:48 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-01-22 06:20 . 2016-02-10 18:46 210432 ----a-w- c:\windows\system32\wdigest.dll
2016-01-22 06:20 . 2016-02-10 18:46 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-22 06:20 . 2016-02-10 18:46 28672 ----a-w- c:\windows\system32\sspisrv.dll
2016-01-22 06:20 . 2016-02-10 18:46 135680 ----a-w- c:\windows\system32\sspicli.dll
2016-01-22 06:20 . 2016-02-10 18:46 503808 ----a-w- c:\windows\system32\srcore.dll
2016-01-22 06:20 . 2016-02-10 18:46 50176 ----a-w- c:\windows\system32\srclient.dll
2016-01-22 06:19 . 2016-02-10 18:45 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:19 . 2016-02-10 18:46 28160 ----a-w- c:\windows\system32\secur32.dll
2016-01-22 06:19 . 2016-02-10 18:46 344064 ----a-w- c:\windows\system32\schannel.dll
2016-01-22 06:19 . 2016-02-10 18:46 1214464 ----a-w- c:\windows\system32\rpcrt4.dll
2016-01-22 06:18 . 2016-02-10 18:46 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 18:46 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:18 . 2016-02-10 18:46 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2016-01-22 06:17 . 2016-02-10 18:48 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-01-22 06:17 . 2016-02-10 18:46 312320 ----a-w- c:\windows\system32\ncrypt.dll
2016-01-22 06:17 . 2016-02-10 18:46 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:17 . 2016-02-10 18:46 315392 ----a-w- c:\windows\system32\msv1_0.dll
2016-01-22 06:16 . 2016-02-10 18:46 60416 ----a-w- c:\windows\system32\msobjs.dll
2016-01-22 06:16 . 2016-02-10 18:46 146432 ----a-w- c:\windows\system32\msaudite.dll
2016-01-22 06:16 . 2016-02-10 18:46 1461248 ----a-w- c:\windows\system32\lsasrv.dll
2016-01-22 06:15 . 2016-02-10 18:46 730112 ----a-w- c:\windows\system32\kerberos.dll
2016-01-22 06:15 . 2016-02-10 18:46 422400 ----a-w- c:\windows\system32\KernelBase.dll
2016-01-22 06:15 . 2016-02-10 18:46 1163264 ----a-w- c:\windows\system32\kernel32.dll
2016-01-22 06:15 . 2016-02-10 18:45 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:13 . 2016-02-10 18:46 3993536 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-01-22 06:13 . 2016-02-10 18:46 3938752 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-01-22 06:13 . 2016-02-10 18:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2016-01-22 06:13 . 2016-02-10 18:46 43520 ----a-w- c:\windows\system32\cryptbase.dll
2016-01-22 06:13 . 2016-02-10 18:46 22016 ----a-w- c:\windows\system32\credssp.dll
2016-01-22 06:12 . 2016-02-10 18:45 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 6656 ----a-w- c:\windows\system32\apisetschema.dll
2016-01-22 06:12 . 2016-02-10 18:46 880128 ----a-w- c:\windows\system32\advapi32.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-22 06:12 . 2016-02-10 18:46 686080 ----a-w- c:\windows\system32\adtschema.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-08-12 73832]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-03-18 7139256]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-12-13 1085656]
"ZoneAlarm Installer"="c:\program files (x86)\CheckPoint\Install\Launcher.exe" [2016-03-18 439096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys;c:\windows\SYSNATIVE\drivers\LUMDriver.sys [x]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe;c:\program files\Microsoft Fix it Center\Matsvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TuneUpUtilitiesDrv
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-03-15 08:12 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-{3651C800-6E7A-47E1-AEAD-ACF68509BF8D} - c:\programdata\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}\setup_amr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-03-18 21:06:26
ComboFix-quarantined-files.txt 2016-03-18 20:06
ComboFix2.txt 2016-03-18 17:57
ComboFix3.txt 2016-03-18 13:28
.
Před spuštěním: Volných bajtů: 36,681,527,296
Po spuštění: Volných bajtů: 37,355,728,896
.
- - End Of File - - 5A298B7C0FB3622B3332C4469D5AE122
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43294
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod jaro3 » 19 bře 2016 10:14

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
Folder::
c:\program files (x86)\AVG
c:\programdata\Avg
c:\users\Jiří Jamník\AppData\Local\Avg

RegNull::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 19 bře 2016 20:27

Včera večer se mi stáhla a nainstalovala automatická aktualizace windows. Doufám, že to nebude problém. Nicméně jdu postupovat dál podle tvých instrukcí.
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 19 bře 2016 20:58

ComboFix 16-03-18.01 - Jiří Jamník 19.03.2016 20:36:12.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2006 [GMT 1:00]
Spuštěný z: c:\users\Ji°Ý JamnÝk\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Ji°Ý JamnÝk\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-19 do 2016-03-19 )))))))))))))))))))))))))))))))
.
.
2016-03-19 19:50 . 2016-03-19 19:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-18 19:17 . 2015-11-19 14:07 994760 ----a-w- c:\windows\system32\ucrtbase.dll
2016-03-18 19:16 . 2016-02-08 20:38 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-03-18 19:15 . 2016-02-11 18:52 1733592 ----a-w- c:\windows\system32\ntdll.dll
2016-03-18 19:14 . 2016-02-05 17:48 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-03-18 19:14 . 2016-02-05 18:54 41472 ----a-w- c:\windows\system32\lpk.dll
2016-03-18 19:14 . 2016-02-05 18:54 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-03-18 19:14 . 2016-02-05 18:53 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-03-18 19:14 . 2016-02-05 18:53 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-03-18 19:14 . 2016-02-05 18:50 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-03-18 19:14 . 2016-02-05 18:44 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-03-18 19:14 . 2016-02-05 18:42 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-03-18 19:14 . 2016-02-05 17:43 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-03-18 19:14 . 2016-02-05 17:43 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-03-18 18:32 . 2016-03-18 18:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.3820.dll
2016-03-18 16:32 . 2016-03-18 17:32 -------- d-----w- c:\programdata\Comodo
2016-03-18 09:06 . 2016-03-18 09:06 -------- d-----w- C:\zoek_backup
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\windows\MATS
2016-03-17 21:55 . 2016-03-17 21:59 -------- d-----w- c:\program files\Microsoft Fix it Center
2016-03-17 20:58 . 2016-03-17 20:58 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-17 20:58 . 2016-03-17 20:58 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-16 11:18 . 2016-03-17 22:18 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-16 11:17 . 2016-03-16 17:59 -------- d-----w- c:\programdata\RogueKiller
2016-03-16 11:10 . 2016-03-16 11:10 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.2620.dll
2016-03-16 11:01 . 2016-03-18 19:38 -------- d-----w- c:\program files (x86)\AVG
2016-03-16 11:01 . 2016-03-18 19:38 -------- d-----w- c:\programdata\Avg
2016-03-16 11:00 . 2016-03-16 11:04 -------- d-----w- c:\users\Jiří Jamník\AppData\Local\Avg
2016-03-16 11:00 . 2016-03-16 11:00 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-03-16 06:55 . 2016-03-16 08:24 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-16 06:54 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-16 06:54 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-16 06:54 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-16 06:54 . 2016-03-16 06:54 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-15 22:01 . 2016-03-15 23:34 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-15 13:57 . 2016-03-16 19:53 -------- d-----w- c:\program files\trend micro
2016-03-15 08:37 . 2016-03-15 08:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\offreg.5468.dll
2016-03-15 08:13 . 2016-03-15 08:12 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-15 08:13 . 2016-03-15 08:12 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-03-15 08:12 . 2016-03-15 08:12 52184 ----a-w- c:\windows\avastSS.scr
2016-03-15 05:56 . 2016-02-19 01:53 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{662AA173-B432-48A0-8862-28CE6258DC34}\mpengine.dll
2016-02-21 21:41 . 2016-02-21 21:41 -------- d-----w- c:\program files (x86)\OpenXML-ODF Translator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-15 08:14 . 2011-03-09 08:47 1070904 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-03-15 08:14 . 2010-12-01 09:54 107792 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2016-03-15 08:14 . 2010-12-01 09:54 463744 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-03-15 08:13 . 2013-04-26 12:00 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-03-15 08:13 . 2013-12-30 19:55 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-03-15 08:12 . 2014-05-07 14:24 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-03-15 08:12 . 2013-04-26 12:00 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-03-15 08:12 . 2012-03-14 15:34 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-03-15 08:12 . 2015-08-25 15:58 154024 ----a-w- c:\windows\system32\drivers\ngvss.sys
2016-03-15 08:10 . 2013-06-13 14:34 462304 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2016-03-11 05:51 . 2010-11-20 13:49 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 18:48 . 2016-03-18 19:15 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-18 19:15 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-18 19:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-01-22 06:19 . 2016-02-10 18:45 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-10 18:46 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 18:46 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-10 18:46 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-10 18:45 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:12 . 2016-02-10 18:45 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:04 . 2016-02-10 18:46 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-10 18:46 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-10 18:46 114176 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-10 18:46 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-10 18:45 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:59 . 2016-02-10 18:45 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-01-22 05:19 . 2016-02-10 18:45 3231232 ----a-w- c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-10 18:45 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-01-20 05:56 . 2015-03-26 09:33 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-01-16 19:01 . 2016-02-10 18:47 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-10 18:47 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-01-07 17:42 . 2016-02-10 18:48 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-01-06 19:02 . 2016-02-10 18:49 24576 ----a-w- c:\windows\system32\jnwmon.dll
2016-01-06 19:02 . 2016-02-10 18:49 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-01-06 18:41 . 2016-02-10 18:49 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2009-02-13 10:02 . 2009-02-13 10:02 80896 ----a-w- c:\program files\devcon_amd64.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-08-12 73832]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-03-18 7139256]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-12-13 1085656]
"ZoneAlarm Installer"="c:\program files (x86)\CheckPoint\Install\Launcher.exe" [2016-03-18 439096]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2010-03-03 4581280]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PPort12reminder"="c:\program files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\programdata\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
.
R2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
R2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys;c:\windows\SYSNATIVE\drivers\LUMDriver.sys [x]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe;c:\program files\Microsoft Fix it Center\Matsvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R4 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe;c:\program files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys;c:\program files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe;c:\program files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-03-15 08:12 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Jiří Jamník\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Jiří Jamník\AppData\Roaming\Mozilla\Firefox\Profiles\gexw2bdx.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-{3651C800-6E7A-47E1-AEAD-ACF68509BF8D} - c:\programdata\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}\setup_amr.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-03-19 20:55:12
ComboFix-quarantined-files.txt 2016-03-19 19:55
ComboFix2.txt 2016-03-18 20:06
ComboFix3.txt 2016-03-18 17:57
ComboFix4.txt 2016-03-18 13:28
.
Před spuštěním: Volných bajtů: 36,460,929,024
Po spuštění: Volných bajtů: 36,268,978,176
.
- - End Of File - - 9AC7F416B72850D7ED23A9708ABC4510
Nahoru
robotus
Level 1
Level 1
Příspěvky: 92
Registrován: březen 16
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Notebook zamrzá Prosím o kontrolu logu

Příspěvekod robotus » 19 bře 2016 21:26

akorát jsem teda uděla nejdřív scan z aswMBR a až pak HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:08, on 19.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Users\Jiří Jamník\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r install /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" /w
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: Skype Click to Call Updater (c2cautoupdatesvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (file missing)
O23 - Service: Skype Click to Call PNR Service (c2cpnrsvc) - Unknown owner - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11076 bytes
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 132 hostů