ComboFix 14-10-02.01 - Honza 03.10.2014 23:19:14.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1172 [GMT 2:00]
Spuštěný z: c:\users\Honza\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Honza\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Honza\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-03 do 2014-10-03 )))))))))))))))))))))))))))))))
.
.
2014-10-03 11:36 . 2014-10-03 11:36 -------- d-----w- c:\users\Honza\AppData\Local\Apps
2014-10-03 09:01 . 2014-10-03 09:01 -------- d-----w- c:\program files\SopCast
2014-10-02 21:39 . 2014-10-02 21:25 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-02 21:39 . 2014-10-03 21:31 -------- d-----w- c:\users\Honza\AppData\Local\Temp
2014-10-02 21:25 . 2014-10-02 21:38 -------- d-----w- C:\zoek_backup
2014-10-02 17:34 . 2014-10-02 20:07 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 17:34 . 2014-10-02 17:34 -------- d-----w- c:\programdata\RogueKiller
2014-10-02 17:03 . 2014-10-02 17:03 -------- d-----w- c:\windows\ERUNT
2014-10-02 16:17 . 2014-10-02 21:43 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-02 16:16 . 2014-10-02 16:16 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-10-02 16:16 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-02 16:16 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-02 16:11 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-02 16:10 . 2014-10-02 16:56 -------- d-----w- C:\AdwCleaner
2014-10-01 18:15 . 2014-09-25 01:40 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-23 17:39 . 2014-09-09 21:47 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-14 21:36 . 2014-09-14 21:36 -------- d-----w- c:\program files\Firefly Studios
2014-09-14 21:35 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-09-14 21:35 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-09-14 21:35 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-09-14 21:35 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-09-14 21:35 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-09-14 21:35 . 2014-09-14 21:35 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-09-14 21:35 . 2014-09-14 21:35 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-09-14 11:53 . 2014-09-14 11:53 -------- d-----w- c:\program files\iPod
2014-09-14 11:53 . 2014-09-14 11:54 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-14 11:53 . 2014-09-14 11:54 -------- d-----w- c:\program files\iTunes
2014-09-14 11:30 . 2014-09-14 11:30 -------- d-----w- c:\program files\Avira
2014-09-09 23:04 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-09 19:26 . 2014-07-07 01:40 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-09 19:26 . 2014-07-07 01:40 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-09 19:26 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-09 19:26 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-09 19:25 . 2014-09-05 01:52 445952 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 19:25 . 2014-09-05 01:47 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-09-08 18:56 . 2014-09-08 18:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-25 18:37 . 2012-11-27 17:27 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-25 18:37 . 2012-11-27 17:27 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-02 19:37 . 2014-09-02 19:37 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-08-30 18:47 . 2014-08-30 18:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-08-30 18:47 . 2014-08-30 18:47 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-08-27 17:19 . 2014-08-27 17:19 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-08-23 01:46 . 2014-08-27 18:14 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 00:42 . 2014-08-27 18:14 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-07-31 20:24 . 2013-05-07 15:32 35848 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-28 12:52 . 2014-07-28 12:52 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll
2014-07-28 12:52 . 2014-07-28 12:52 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2014-07-25 13:50 . 2014-06-11 16:02 1291280 ----a-w- c:\windows\system32\nvspbridge.dll
2014-07-25 13:50 . 2014-01-07 19:54 1126480 ----a-w- c:\windows\system32\nvspcap.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-14 01:42 . 2014-08-14 20:24 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-09 18:04 . 2014-07-09 18:04 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 18:04 . 2014-07-09 18:04 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 18:04 . 2014-07-09 18:04 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 18:04 . 2014-07-09 18:04 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 18:04 . 2014-07-09 18:04 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 18:04 . 2014-07-09 18:04 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 18:01 . 2014-07-09 18:01 646144 ----a-w- c:\windows\system32\osk.exe
2014-07-09 18:01 . 2014-07-09 18:01 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 18:01 . 2014-07-09 18:01 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 01:29 . 2014-08-14 20:23 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 01:29 . 2014-08-14 20:23 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-12-11 13:14 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="d:\programy\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"ASUS Ai Charger"="c:\program files\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2012-08-13 547984]
"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-09-14 1501080]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-04-13 12021464]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-07-25 1126480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-09-01 152392]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2014-9-17 36024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-07-31 10:15 43816 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\programy\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-09-01 02:47 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-28 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-19 37352]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-28 242240]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S2 AntiVirSchedulerService;Avira Scheduler;d:\programy\Avira\AntiVir Desktop\sched.exe [2014-08-14 430160]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-27 160048]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [2013-08-26 9216]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 17536800]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 AiCharger;AiCharger;c:\windows\system32\drivers\AiCharger.sys [2012-03-22 13952]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 19232]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-03-01 683736]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 18:06 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 18:37]
.
2014-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-20 16:03]
.
2014-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-12-20 16:03]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Minecraft 1.2.0_02 - c:\users\Honza\AppData\Roaming\Uninstal.exe
AddRemove-Sweet Home 3D_is1 - c:\program files\Sweet Home 3D\unins000.exe
AddRemove-{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1 - c:\program files\HellSpy Klient\unins000.exe
AddRemove-{70e83cd8-4bd5-4039-ab5a-6b94a8abb641} - c:\programdata\Package Cache\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}\Avira.OE.Setup.Bundle.exe
AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe
AddRemove-{D75631CF-2FDC-0744-E663-07BF3CCA96F6} - c:\progra~2\INSTAL~1\{682F0~1\Setup.exe
AddRemove-MyFreeCodec - c:\program files\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1368)
c:\windows\system32\AUDIOSES.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe
d:\programy\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
d:\programy\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2014-10-03 23:35:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-03 21:35
.
Před spuštěním: Volných bajtů: 27 856 388 096
Po spuštění: Volných bajtů: 27 395 059 712
.
- - End Of File - - 1EDD5660C2609D5E96C47BA28A64CCE5
A36C5E4F47E84449FF07ED3517B43A31
Prosím o kontrolu HiJackThis (Zpomalený počítač) Vyřešeno
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
„V šedesátých letech se jeden mnich na protest upálil. Nedali jste mi na výběr. Na protest proti nelidskosti udělám totéž, upálím mnicha!“
Šéf ♥ South Park ♥
Šéf ♥ South Park ♥
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Kód: Vybrat vše
ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files\Google\Update
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
ComboFix 14-10-02.01 - Honza 04.10.2014 21:21:39.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1286 [GMT 2:00]
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdate.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.24.15\goopdate.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_am.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ar.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_bg.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_bn.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ca.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_cs.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_da.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_de.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_el.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_en.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_es.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_et.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fa.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fil.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_gu.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hu.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_id.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_is.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_it.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_iw.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ja.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_kn.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ko.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_lt.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_lv.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ml.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_mr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ms.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_nl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_no.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ro.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ru.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sk.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sv.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sw.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ta.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_te.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_th.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_tr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_uk.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ur.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_vi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.24.15\psmachine.dll
c:\program files\Google\Update\1.3.24.15\psmachine_64.dll
c:\program files\Google\Update\1.3.24.15\psuser.dll
c:\program files\Google\Update\1.3.24.15\psuser_64.dll
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.17.7290.4094\gsync.msi
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\users\Honza\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Honza\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-04 do 2014-10-04 )))))))))))))))))))))))))))))))
.
.
2014-10-03 11:36 . 2014-10-03 11:36 -------- d-----w- c:\users\Honza\AppData\Local\Apps
2014-10-03 09:01 . 2014-10-03 09:01 -------- d-----w- c:\program files\SopCast
2014-10-02 21:39 . 2014-10-02 21:25 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-02 21:39 . 2014-10-04 19:35 -------- d-----w- c:\users\Honza\AppData\Local\Temp
2014-10-02 21:25 . 2014-10-02 21:38 -------- d-----w- C:\zoek_backup
2014-10-02 17:34 . 2014-10-02 20:07 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 17:34 . 2014-10-02 17:34 -------- d-----w- c:\programdata\RogueKiller
2014-10-02 17:03 . 2014-10-02 17:03 -------- d-----w- c:\windows\ERUNT
2014-10-02 16:17 . 2014-10-02 21:43 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-02 16:16 . 2014-10-02 16:16 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-10-02 16:16 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-02 16:16 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-02 16:11 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-02 16:10 . 2014-10-02 16:56 -------- d-----w- C:\AdwCleaner
2014-10-01 18:15 . 2014-09-25 01:40 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-23 17:39 . 2014-09-09 21:47 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-14 21:36 . 2014-09-14 21:36 -------- d-----w- c:\program files\Firefly Studios
2014-09-14 21:35 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-09-14 21:35 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-09-14 21:35 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-09-14 21:35 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-09-14 21:35 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-09-14 21:35 . 2014-09-14 21:35 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-09-14 21:35 . 2014-09-14 21:35 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-09-14 11:53 . 2014-09-14 11:53 -------- d-----w- c:\program files\iPod
2014-09-14 11:53 . 2014-09-14 11:54 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-14 11:53 . 2014-09-14 11:54 -------- d-----w- c:\program files\iTunes
2014-09-14 11:30 . 2014-09-14 11:30 -------- d-----w- c:\program files\Avira
2014-09-09 23:04 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-09 19:26 . 2014-07-07 01:40 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-09 19:26 . 2014-07-07 01:40 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-09 19:26 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-09 19:26 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-09 19:25 . 2014-09-05 01:52 445952 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 19:25 . 2014-09-05 01:47 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-09-08 18:56 . 2014-09-08 18:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-25 18:37 . 2012-11-27 17:27 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-25 18:37 . 2012-11-27 17:27 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-02 19:37 . 2014-09-02 19:37 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-08-30 18:47 . 2014-08-30 18:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-08-30 18:47 . 2014-08-30 18:47 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-08-27 17:19 . 2014-08-27 17:19 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-08-23 01:46 . 2014-08-27 18:14 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 00:42 . 2014-08-27 18:14 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-07-31 20:24 . 2013-05-07 15:32 35848 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-28 12:52 . 2014-07-28 12:52 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll
2014-07-28 12:52 . 2014-07-28 12:52 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2014-07-25 13:50 . 2014-06-11 16:02 1291280 ----a-w- c:\windows\system32\nvspbridge.dll
2014-07-25 13:50 . 2014-01-07 19:54 1126480 ----a-w- c:\windows\system32\nvspcap.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-14 01:42 . 2014-08-14 20:24 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-09 18:04 . 2014-07-09 18:04 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 18:04 . 2014-07-09 18:04 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 18:04 . 2014-07-09 18:04 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 18:04 . 2014-07-09 18:04 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 18:04 . 2014-07-09 18:04 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 18:04 . 2014-07-09 18:04 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 18:01 . 2014-07-09 18:01 646144 ----a-w- c:\windows\system32\osk.exe
2014-07-09 18:01 . 2014-07-09 18:01 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 18:01 . 2014-07-09 18:01 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 01:29 . 2014-08-14 20:23 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 01:29 . 2014-08-14 20:23 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-12-11 13:14 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="d:\programy\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"ASUS Ai Charger"="c:\program files\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2012-08-13 547984]
"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-09-14 1501080]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-04-13 12021464]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-07-25 1126480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-09-01 152392]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2014-9-17 36024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-07-31 10:15 43816 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\programy\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-09-01 02:47 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-28 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-19 37352]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-28 242240]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S2 AntiVirSchedulerService;Avira Scheduler;d:\programy\Avira\AntiVir Desktop\sched.exe [2014-08-14 430160]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-27 160048]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [2013-08-26 9216]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 17536800]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 AiCharger;AiCharger;c:\windows\system32\drivers\AiCharger.sys [2012-03-22 13952]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 19232]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-03-01 683736]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 18:06 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 18:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2612)
c:\windows\system32\stobject.dll
c:\windows\system32\prnfldr.dll
c:\windows\system32\FunDisc.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe
d:\programy\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
d:\programy\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-10-04 21:40:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-04 19:40
ComboFix2.txt 2014-10-03 21:35
.
Před spuštěním: Volných bajtů: 27 745 431 552
Po spuštění: Volných bajtů: 27 415 224 320
.
- - End Of File - - 388FCDB9B99B75EF0CFABF884E353318
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2046.1286 [GMT 2:00]
Spuštěný z: c:\users\Honza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Honza\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdate.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.24.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.24.15\goopdate.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_am.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ar.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_bg.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_bn.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ca.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_cs.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_da.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_de.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_el.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_en.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_es.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_et.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fa.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fil.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_fr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_gu.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_hu.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_id.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_is.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_it.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_iw.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ja.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_kn.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ko.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_lt.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_lv.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ml.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_mr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ms.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_nl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_no.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ro.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ru.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sk.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sl.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sv.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_sw.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ta.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_te.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_th.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_tr.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_uk.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_ur.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_vi.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.24.15\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.24.15\psmachine.dll
c:\program files\Google\Update\1.3.24.15\psmachine_64.dll
c:\program files\Google\Update\1.3.24.15\psuser.dll
c:\program files\Google\Update\1.3.24.15\psuser_64.dll
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.17.7290.4094\gsync.msi
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.124\37.0.2062.124_37.0.2062.120_chrome_updater.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\users\Honza\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Honza\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-04 do 2014-10-04 )))))))))))))))))))))))))))))))
.
.
2014-10-03 11:36 . 2014-10-03 11:36 -------- d-----w- c:\users\Honza\AppData\Local\Apps
2014-10-03 09:01 . 2014-10-03 09:01 -------- d-----w- c:\program files\SopCast
2014-10-02 21:39 . 2014-10-02 21:25 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-02 21:39 . 2014-10-04 19:35 -------- d-----w- c:\users\Honza\AppData\Local\Temp
2014-10-02 21:25 . 2014-10-02 21:38 -------- d-----w- C:\zoek_backup
2014-10-02 17:34 . 2014-10-02 20:07 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-02 17:34 . 2014-10-02 17:34 -------- d-----w- c:\programdata\RogueKiller
2014-10-02 17:03 . 2014-10-02 17:03 -------- d-----w- c:\windows\ERUNT
2014-10-02 16:17 . 2014-10-02 21:43 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-02 16:16 . 2014-10-02 16:16 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-10-02 16:16 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-02 16:16 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-02 16:11 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-10-02 16:10 . 2014-10-02 16:56 -------- d-----w- C:\AdwCleaner
2014-10-01 18:15 . 2014-09-25 01:40 519680 ----a-w- c:\windows\system32\qdvd.dll
2014-09-23 17:39 . 2014-09-09 21:47 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-14 21:36 . 2014-09-14 21:36 -------- d-----w- c:\program files\Firefly Studios
2014-09-14 21:35 . 2002-12-05 12:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-09-14 21:35 . 2002-12-05 12:12 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-09-14 21:35 . 2002-12-02 13:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-09-14 21:35 . 2002-12-02 11:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-09-14 21:35 . 2002-12-02 11:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-09-14 21:35 . 2014-09-14 21:35 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-09-14 21:35 . 2014-09-14 21:35 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-09-14 11:53 . 2014-09-14 11:53 -------- d-----w- c:\program files\iPod
2014-09-14 11:53 . 2014-09-14 11:54 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-14 11:53 . 2014-09-14 11:54 -------- d-----w- c:\program files\iTunes
2014-09-14 11:30 . 2014-09-14 11:30 -------- d-----w- c:\program files\Avira
2014-09-09 23:04 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-09 19:26 . 2014-07-07 01:40 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-09 19:26 . 2014-07-07 01:40 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-09-09 19:26 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-09 19:26 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-09 19:25 . 2014-09-05 01:52 445952 ----a-w- c:\windows\system32\aepdu.dll
2014-09-09 19:25 . 2014-09-05 01:47 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-09-08 18:56 . 2014-09-08 18:56 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-25 18:37 . 2012-11-27 17:27 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-25 18:37 . 2012-11-27 17:27 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-02 19:37 . 2014-09-02 19:37 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-08-30 18:47 . 2014-08-30 18:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-08-30 18:47 . 2014-08-30 18:47 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-08-27 17:19 . 2014-08-27 17:19 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-08-23 01:46 . 2014-08-27 18:14 305152 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 00:42 . 2014-08-27 18:14 2352640 ----a-w- c:\windows\system32\win32k.sys
2014-07-31 20:24 . 2013-05-07 15:32 35848 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-28 12:52 . 2014-07-28 12:52 6112072 ----a-w- c:\windows\system32\usbaaplrc.dll
2014-07-28 12:52 . 2014-07-28 12:52 45056 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2014-07-25 13:50 . 2014-06-11 16:02 1291280 ----a-w- c:\windows\system32\nvspbridge.dll
2014-07-25 13:50 . 2014-01-07 19:54 1126480 ----a-w- c:\windows\system32\nvspcap.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-14 01:42 . 2014-08-14 20:24 654336 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-09 18:04 . 2014-07-09 18:04 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 18:04 . 2014-07-09 18:04 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 18:04 . 2014-07-09 18:04 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 18:04 . 2014-07-09 18:04 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 18:04 . 2014-07-09 18:04 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 18:04 . 2014-07-09 18:04 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 18:01 . 2014-07-09 18:01 646144 ----a-w- c:\windows\system32\osk.exe
2014-07-09 18:01 . 2014-07-09 18:01 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 18:01 . 2014-07-09 18:01 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 01:29 . 2014-08-14 20:23 6144 ----a-w- c:\windows\system32\KBDYAK.DLL
2014-07-09 01:29 . 2014-08-14 20:23 6144 ----a-w- c:\windows\system32\KBDBASH.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2013-12-11 13:14 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-08-08 08:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="d:\programy\Avira\AntiVir Desktop\avgnt.exe" [2014-08-14 751184]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-10 16342528]
"ASUS Ai Charger"="c:\program files\ASUS\ASUS Ai Charger\AiChargerAP.exe" [2012-08-13 547984]
"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-09-14 1501080]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-04-13 12021464]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-07-25 1126480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Avira Systray"="c:\program files\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-09-01 152392]
.
c:\users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2014-9-17 36024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-07-31 10:15 43816 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\programy\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-09-01 02:47 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2014-05-16 116512]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-28 1343400]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-19 37352]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-28 242240]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S2 AntiVirSchedulerService;Avira Scheduler;d:\programy\Avira\AntiVir Desktop\sched.exe [2014-08-14 430160]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-08-27 160048]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [2013-08-26 9216]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 17536800]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
S3 AiCharger;AiCharger;c:\windows\system32\drivers\AiCharger.sys [2012-03-22 13952]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 19232]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-03-31 34080]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2014-03-01 683736]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 18:06 1096520 ----a-w- c:\program files\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-27 18:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - d:\programy\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2612)
c:\windows\system32\stobject.dll
c:\windows\system32\prnfldr.dll
c:\windows\system32\FunDisc.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe
d:\programy\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
d:\programy\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-10-04 21:40:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-04 19:40
ComboFix2.txt 2014-10-03 21:35
.
Před spuštěním: Volných bajtů: 27 745 431 552
Po spuštění: Volných bajtů: 27 415 224 320
.
- - End Of File - - 388FCDB9B99B75EF0CFABF884E353318
A36C5E4F47E84449FF07ED3517B43A31
„V šedesátých letech se jeden mnich na protest upálil. Nedali jste mi na výběr. Na protest proti nelidskosti udělám totéž, upálím mnicha!“
Šéf ♥ South Park ♥
Šéf ♥ South Park ♥
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:43:26, on 4.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Honza\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programy\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programy\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programy\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - D:\Programy\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 7524 bytes
Scan saved at 21:43:26, on 4.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16575)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Honza\Desktop\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programy\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O4 - HKLM\..\Run: [avgnt] "D:\Programy\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ASUS Ai Charger] C:\Program Files\ASUS\ASUS Ai Charger\AiChargerAP.exe
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Programy\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Programy\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - D:\Programy\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 7524 bytes
„V šedesátých letech se jeden mnich na protest upálil. Nedali jste mi na výběr. Na protest proti nelidskosti udělám totéž, upálím mnicha!“
Šéf ♥ South Park ♥
Šéf ♥ South Park ♥
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-10-04 21:46:25
-----------------------------
21:46:25.027 OS Version: Windows 6.1.7601 Service Pack 1
21:46:25.027 Number of processors: 2 586 0x6B01
21:46:25.042 ComputerName: HONZA-PC UserName: Honza
21:46:25.713 Initialize success
21:46:25.713 VM: initialized successfully
21:46:25.729 VM: Amd CPU virtualization not supported
21:47:09.477 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-6
21:47:09.493 Disk 0 Vendor: WDC_WD800JB-00JJC0 05.01C05 Size: 76318MB BusType: 3
21:47:09.493 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
21:47:09.508 Disk 1 Vendor: SAMSUNG_HD161HJ GF100-07 Size: 152626MB BusType: 3
21:47:09.618 Disk 0 MBR read successfully
21:47:09.633 Disk 0 MBR scan
21:47:09.633 Disk 0 Windows 7 default MBR code
21:47:09.633 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
21:47:09.649 Disk 0 Boot: NTFS code=2
21:47:09.649 Disk 0 scanning sectors +156296385
21:47:09.727 Disk 0 scanning C:\Windows\system32\drivers
21:47:17.262 Service scanning
21:47:37.526 Modules scanning
21:47:47.995 Disk 0 trace - called modules:
21:47:48.026 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:47:48.042 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86043168]
21:47:48.057 3 CLASSPNP.SYS[8939c59e] -> nt!IofCallDriver -> [0x85f6e918]
21:47:48.057 5 ACPI.sys[88e283d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-6[0x85f7b030]
21:47:48.073 Scan finished successfully
21:47:53.330 Disk 0 MBR has been saved successfully to "C:\Users\Honza\Desktop\MBR.dat"
21:47:53.330 The log file has been saved successfully to "C:\Users\Honza\Desktop\aswMBR.txt"
Run date: 2014-10-04 21:46:25
-----------------------------
21:46:25.027 OS Version: Windows 6.1.7601 Service Pack 1
21:46:25.027 Number of processors: 2 586 0x6B01
21:46:25.042 ComputerName: HONZA-PC UserName: Honza
21:46:25.713 Initialize success
21:46:25.713 VM: initialized successfully
21:46:25.729 VM: Amd CPU virtualization not supported
21:47:09.477 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T1L0-6
21:47:09.493 Disk 0 Vendor: WDC_WD800JB-00JJC0 05.01C05 Size: 76318MB BusType: 3
21:47:09.493 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
21:47:09.508 Disk 1 Vendor: SAMSUNG_HD161HJ GF100-07 Size: 152626MB BusType: 3
21:47:09.618 Disk 0 MBR read successfully
21:47:09.633 Disk 0 MBR scan
21:47:09.633 Disk 0 Windows 7 default MBR code
21:47:09.633 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
21:47:09.649 Disk 0 Boot: NTFS code=2
21:47:09.649 Disk 0 scanning sectors +156296385
21:47:09.727 Disk 0 scanning C:\Windows\system32\drivers
21:47:17.262 Service scanning
21:47:37.526 Modules scanning
21:47:47.995 Disk 0 trace - called modules:
21:47:48.026 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:47:48.042 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86043168]
21:47:48.057 3 CLASSPNP.SYS[8939c59e] -> nt!IofCallDriver -> [0x85f6e918]
21:47:48.057 5 ACPI.sys[88e283d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T1L0-6[0x85f7b030]
21:47:48.073 Scan finished successfully
21:47:53.330 Disk 0 MBR has been saved successfully to "C:\Users\Honza\Desktop\MBR.dat"
21:47:53.330 The log file has been saved successfully to "C:\Users\Honza\Desktop\aswMBR.txt"
„V šedesátých letech se jeden mnich na protest upálil. Nedali jste mi na výběr. Na protest proti nelidskosti udělám totéž, upálím mnicha!“
Šéf ♥ South Park ♥
Šéf ♥ South Park ♥
-
PavelKilleR
- Level 3
- Příspěvky: 508
- Registrován: září 08
- Bydliště: Chomutov
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
Naposledy upravil(a) Orcus dne 05 říj 2014 09:09, celkem upraveno 1 x.
Důvod: Smazán odkaz, přečti si prosím pravidla HJT sekce. Děkuji!
Důvod: Smazán odkaz, přečti si prosím pravidla HJT sekce. Děkuji!
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
Odinstaluj Advanced SystemCare 7. Je to příčina více problémů než řešení.
V HJT fixni:
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Co problémy?
V HJT fixni:
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Co problémy?
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač)
Je to podstatně lepší. Díky moc. Advance odinstaluju a co Avira je dobrej antivir nebo doporučuješ nějakej lepší?
„V šedesátých letech se jeden mnich na protest upálil. Nedali jste mi na výběr. Na protest proti nelidskosti udělám totéž, upálím mnicha!“
Šéf ♥ South Park ♥
Šéf ♥ South Park ♥
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu HiJackThis (Zpomalený počítač) Vyřešeno
Aviru ponech.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 110 hostů