Prosím o kontrolu, prodloužil se start, nelze spustit obnovu Vyřešeno

[gajo64]

RogueKiller V10.2.0.0 (x64) [Jan 19 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : PEPA [Práva správce]
Mód : Smazat -- Datum : 02/09/2015 23:02:53

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 93.153.117.33 93.153.117.1 8.8.8.8 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 93.153.117.33 93.153.117.1 8.8.8.8 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 93.153.117.33 93.153.117.1 8.8.8.8 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16} | DhcpNameServer : 93.153.117.33 93.153.117.1 8.8.8.8 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16} | DhcpNameServer : 93.153.117.33 93.153.117.1 8.8.8.8 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16} | DhcpNameServer : 93.153.117.33 93.153.117.1 8.8.8.8 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nevybráno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD502HJ ATA Device +++++
--- User ---
[MBR] aa6ee25c89038e20432e4b0f47e5a4a3
[BSP] 58095e2e40519d2367c3c7a58a95c0e2 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 89900 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 184322048 | Size: 200000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 593922048 | Size: 186936 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_02032015_174521.log - RKreport_DEL_02042015_221220.log - RKreport_DEL_02082015_234504.log - RKreport_DEL_02082015_234511.log
RKreport_SCN_02032015_055319.log - RKreport_SCN_02032015_174327.log - RKreport_SCN_02042015_221156.log - RKreport_SCN_02082015_234450.log
RKreport_SCN_02092015_230109.log - RKreport_DEL_02092015_230213.log - RKreport_DEL_02092015_230219.log

[Reklama]

[gajo64]

ZÁROVEŇ S CRYSTALDISKINF SE MI NAINSTALOVAL A SPUSTIL PC MECHANIK 2015 A ZAHLÁSIL TENTO VÝSLEDEK:

[gajo64]

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2015/02/09 23:18:27

-- Controller Map ----------------------------------------------------------
- ATA Channel 1 (1) [ATA]
+ Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- Optiarc DVD RW AD-7243S ATA Device
- ATA Channel 1 (1)
+ Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
+ ATA Channel 0 (0)
- SAMSUNG HD502HJ ATA Device
- ATA Channel 1 (1)
- Iniciátor iSCSI společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD502HJ : 500,1 GB [0/2/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD502HJ
----------------------------------------------------------------------------
Model : SAMSUNG HD502HJ
Firmware : 1AJ100E4
Serial Number : S20BJ9AZ106349
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 10484 hod.
Power On Count : 2469 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000001 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _83 _82 _25 0000000014E3 Čas na roztočení ploten
04 _98 _98 __0 0000000008C9 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000028F4 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 252 252 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 0000000009A5 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000003 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _60 __0 002800100021 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 00000000000F Počet chyb při zápisu sektorů
DF 252 252 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 0000000009B1 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 3042 4A39 415A 3130 3633 3439 2020 2020 2020
020: 0000 8000 0004 3141 4A31 3030 4534 5341 4D53 554E
030: 4720 4844 3530 3248 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 01FF 0028 746B 7F69 4123 7469 BC41 4123 207F 0024
090: 0024 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 57EF 3A38 0000 0000 0000 0000 4000 0000 5002 4E92
110: 01B0 9B8A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 74A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 01 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 53 52 E3
020: 14 00 00 00 00 00 04 32 00 62 62 C9 08 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 F4 28 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 FC FC 00 00 00 00 00 00 00 0C 32 00 62 62 A5
080: 09 00 00 00 00 00 BF 22 00 64 64 03 00 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 3C 21 00 10 00 28 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC FC 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 64 64 01
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 0F 00 00 00 00
0F0: 00 00 DF 32 00 FC FC 00 00 00 00 00 00 00 E1 32
100: 00 64 64 B1 09 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 94 11 00 5B
170: 03 00 01 00 02 4B 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B

[gajo64]

ComboFix 15-02-09.01 - PEPA 09.02.2015 23:25:43.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.10238.7586 [GMT 1:00]
Spuštěný z: c:\users\PEPA\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\PEPA\AppData\Roaming\Microsoft\Windows\Templates\temp.exe
c:\users\PEPA\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-09 do 2015-02-09 )))))))))))))))))))))))))))))))
.
.
2015-02-09 22:07 . 2015-02-09 22:07 -------- d-----w- c:\users\PEPA\AppData\Roaming\Uniblue
2015-02-09 22:07 . 2015-02-09 22:07 -------- d-----w- c:\program files (x86)\Uniblue
2015-02-09 22:07 . 2015-02-09 22:07 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-02-09 22:07 . 2015-02-09 22:07 -------- d-----w- c:\users\PEPA\AppData\Roaming\OpenCandy
2015-02-09 06:11 . 2015-02-09 06:11 -------- d-----w- c:\users\PEPA\AppData\Local\ElevatedDiagnostics
2015-02-08 23:21 . 2015-02-08 22:54 24064 ----a-w- c:\windows\zoek-delete.exe
2015-02-08 22:38 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E234B90B-38A5-448E-88DC-39F0E792885E}\mpengine.dll
2015-02-03 16:49 . 2015-02-05 19:22 -------- d-----w- C:\zoek_backup
2015-02-03 04:48 . 2015-02-09 21:57 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-03 04:48 . 2015-02-03 04:48 -------- d-----w- c:\programdata\RogueKiller
2015-02-01 12:17 . 2015-02-02 19:55 -------- d-----w- C:\AdwCleaner
2015-01-28 20:55 . 2015-01-28 20:55 -------- d-----w- c:\users\PEPA\AppData\Local\Tracker Software
2015-01-28 19:23 . 2013-09-28 02:56 285208 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2015-01-28 18:28 . 2015-01-28 18:29 -------- d-----w- c:\windows\system32\WinSxS
2015-01-28 18:21 . 2015-01-28 18:21 -------- d-----w- c:\users\PEPA\AppData\Local\Microsoft Corporation
2015-01-28 18:20 . 2015-01-28 18:20 -------- d-----w- c:\program files (x86)\Microsoft Windows 7 Upgrade Advisor
2015-01-27 17:55 . 2015-01-27 17:55 -------- d-----w- c:\users\PEPA\AppData\Roaming\ProductData
2015-01-27 17:55 . 2015-01-27 17:55 -------- d-----w- c:\programdata\IObit
2015-01-27 17:55 . 2015-01-27 17:55 -------- d-----w- c:\program files (x86)\IObit
2015-01-25 13:42 . 2009-04-30 23:00 17408 ----a-w- c:\windows\system32\esxcdev.dll
2015-01-25 13:42 . 2009-04-30 23:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2015-01-25 13:42 . 2008-11-16 23:00 459776 ----a-w- c:\windows\system32\esxwiaud.dll
2015-01-25 13:34 . 2015-01-25 13:34 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2015-01-25 13:34 . 2015-01-25 13:34 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2015-01-25 13:34 . 2003-02-27 15:12 696320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2015-01-25 13:34 . 2002-12-05 13:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2015-01-25 13:34 . 2002-12-02 14:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2015-01-25 13:34 . 2002-12-02 12:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2015-01-25 13:34 . 2002-12-02 12:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2015-01-21 07:31 . 2015-01-21 07:31 4877488 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-01-20 22:43 . 2015-02-06 03:32 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2015-01-20 22:15 . 2015-01-20 22:15 20160 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2015-01-20 22:15 . 2015-01-28 16:44 -------- d-----w- c:\program files (x86)\Glary Utilities 5
2015-01-15 20:58 . 2015-01-15 21:11 -------- d-----w- c:\users\PEPA\AppData\Local\Microsoft Games
2015-01-15 18:56 . 2015-01-20 00:16 -------- d-----w- c:\users\PEPA\AppData\Local\PDFCreator
2015-01-15 17:30 . 2015-01-15 17:30 -------- d-----w- c:\program files\Tracker Software
2015-01-15 05:38 . 2015-01-15 05:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-01-15 05:38 . 2015-01-15 05:38 -------- d-----w- c:\program files (x86)\Java
2015-01-13 21:09 . 2015-01-14 05:22 -------- d-----w- c:\users\PEPA\AppData\Roaming\PDF Architect 2
2015-01-13 20:57 . 2015-01-13 20:57 -------- d-----w- c:\program files (x86)\PDF Architect 2
2015-01-13 20:55 . 2015-01-13 20:55 -------- d-----w- c:\programdata\PDF Architect 2
2015-01-13 20:55 . 2014-12-16 19:01 114872 ----a-w- c:\windows\system32\pdfcmon.dll
2015-01-13 20:55 . 2015-01-15 18:29 -------- d-----w- c:\program files\PDFCreator
2015-01-13 20:16 . 2015-01-13 20:18 -------- d-----w- C:\Bitová kopie
2015-01-11 21:46 . 2015-01-15 05:38 -------- d-----w- c:\programdata\Oracle
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-04 20:28 . 2014-12-16 15:09 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-21 07:31 . 2012-04-03 13:31 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-21 07:31 . 2011-08-22 08:21 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-15 05:38 . 2014-01-19 09:13 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-27 09:23 . 2014-02-28 19:36 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-27 03:40 . 2014-11-27 03:40 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-27 03:40 . 2014-08-15 19:57 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-27 03:40 . 2014-02-28 19:36 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-27 03:40 . 2014-02-28 19:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-27 03:40 . 2014-02-28 19:36 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-27 03:40 . 2014-02-28 19:36 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-27 03:40 . 2014-02-28 19:36 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-27 03:40 . 2014-02-28 19:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-27 03:40 . 2014-11-27 03:40 43152 ----a-w- c:\windows\avastSS.scr
2014-11-21 05:14 . 2014-12-16 15:08 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-12-16 15:08 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-12-16 15:08 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
2014-10-10 15:03 37928 ----a-w- c:\program files (x86)\PDF Architect 2\creator-ie-helper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{DEEB13D7-CEA9-45FB-B77C-E039BEC85221}"= "c:\program files (x86)\PDF Architect 2\creator-ie-plugin.dll" [2014-10-10 478760]
.
[HKEY_CLASSES_ROOT\clsid\{deeb13d7-cea9-45fb-b77c-e039bec85221}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{30CEDC3C-254F-4827-9A25-A4AA041826CC}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
.
c:\users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 AQFileRestore;AQFileRestore;c:\windows\system32\DRIVERS\AQFileRestore.sys;c:\windows\SYSNATIVE\DRIVERS\AQFileRestore.sys [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\DRIVERS\OlyCamComm.sys;c:\windows\SYSNATIVE\DRIVERS\OlyCamComm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R4 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
R4 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R4 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-05 23:41 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 07:31]
.
2015-01-26 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2015-01-19 07:25]
.
2015-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-04 23:19]
.
2015-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-04 23:19]
.
2015-02-09 c:\windows\Tasks\PC-Mechanic Maintenance.job
- c:\program files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe [2015-02-09 11:19]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-27 03:40 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
Trusted Zone: google.com\mail
Trusted Zone: ing.cz\www
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: seznam.cz\email
Trusted Zone: seznam.cz\www
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
TCP: DhcpNameServer = 93.153.117.33 93.153.117.1 8.8.8.8
TCP: Interfaces\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Fotoknihy online_Fotoknihy online - c:\windows\system32\Fotoknihy online_Fotoknihy online_uninstaller.exe
AddRemove-Sweet Home 3D - c:\windows\system32\javaws.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3752027927-3630821355-4230685425-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
.
**************************************************************************
.
Celkový čas: 2015-02-09 23:53:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-09 22:52
.
Před spuštěním: Volných bajtů: 36 650 598 400
Po spuštění: Volných bajtů: 36 578 959 360
.
- - End Of File - - E787D58C68EB494C8AEFD8BD37F8DDBA
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Odinstaluj:
Spyware Terminator (pokud najdeš)
PC-Mechanic


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\system32\DRIVERS\stflt.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate
sp_rsdrv2

Registry::
[-HKEY_CLASSES_ROOT\clsid\{deeb13d7-cea9-45fb-b77c-e039bec85221}]
[-HKEY_CLASSES_ROOT\TypeLib\{30CEDC3C-254F-4827-9A25-A4AA041826CC}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-

RegLock::
[HKEY_USERS\S-1-5-21-3752027927-3630821355-4230685425-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[gajo64]

ComboFix 15-02-09.01 - PEPA 10.02.2015 8:35.2.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.10238.8397 [GMT 1:00]
Spuštěný z: c:\users\PEPA\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PEPA\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\DRIVERS\stflt.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.26.9\goopdate.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.26.9\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.26.9\psmachine.dll
c:\program files (x86)\Google\Update\1.3.26.9\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.26.9\psuser.dll
c:\program files (x86)\Google\Update\1.3.26.9\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{11286E2F-18BA-43DC-A157-783F1C5821BA}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{5671666A-20BB-4F6A-B7CF-3A3F5FCC9401}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\system32\DRIVERS\stflt.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SP_RSDRV2
-------\Service_SkypeUpdate
-------\Service_sp_rsdrv2
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-01-10 do 2015-02-10 )))))))))))))))))))))))))))))))
.
.
2015-02-10 07:53 . 2015-02-10 07:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-02-10 07:53 . 2015-02-10 07:53 -------- d-----w- c:\users\Alexandra\AppData\Local\temp
2015-02-09 22:53 . 2015-02-10 07:57 -------- d-----w- c:\users\PEPA\AppData\Local\temp
2015-02-09 22:07 . 2015-02-10 07:16 -------- d-----w- c:\users\PEPA\AppData\Roaming\Uniblue
2015-02-09 22:07 . 2015-02-09 22:07 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-02-09 22:07 . 2015-02-09 22:07 -------- d-----w- c:\users\PEPA\AppData\Roaming\OpenCandy
2015-02-09 06:11 . 2015-02-10 06:07 -------- d-----w- c:\users\PEPA\AppData\Local\ElevatedDiagnostics
2015-02-08 23:21 . 2015-02-08 22:54 24064 ----a-w- c:\windows\zoek-delete.exe
2015-02-08 22:38 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E234B90B-38A5-448E-88DC-39F0E792885E}\mpengine.dll
2015-02-03 16:49 . 2015-02-05 19:22 -------- d-----w- C:\zoek_backup
2015-02-03 04:48 . 2015-02-09 21:57 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-02-03 04:48 . 2015-02-03 04:48 -------- d-----w- c:\programdata\RogueKiller
2015-02-01 12:17 . 2015-02-02 19:55 -------- d-----w- C:\AdwCleaner
2015-01-28 20:55 . 2015-01-28 20:55 -------- d-----w- c:\users\PEPA\AppData\Local\Tracker Software
2015-01-28 19:23 . 2013-09-28 02:56 285208 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2015-01-28 18:28 . 2015-01-28 18:29 -------- d-----w- c:\windows\system32\WinSxS
2015-01-28 18:21 . 2015-01-28 18:21 -------- d-----w- c:\users\PEPA\AppData\Local\Microsoft Corporation
2015-01-28 18:20 . 2015-01-28 18:20 -------- d-----w- c:\program files (x86)\Microsoft Windows 7 Upgrade Advisor
2015-01-27 17:55 . 2015-01-27 17:55 -------- d-----w- c:\users\PEPA\AppData\Roaming\ProductData
2015-01-27 17:55 . 2015-01-27 17:55 -------- d-----w- c:\programdata\IObit
2015-01-27 17:55 . 2015-01-27 17:55 -------- d-----w- c:\program files (x86)\IObit
2015-01-25 13:42 . 2009-04-30 23:00 17408 ----a-w- c:\windows\system32\esxcdev.dll
2015-01-25 13:42 . 2009-04-30 23:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2015-01-25 13:42 . 2008-11-16 23:00 459776 ----a-w- c:\windows\system32\esxwiaud.dll
2015-01-25 13:34 . 2015-01-25 13:34 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2015-01-25 13:34 . 2015-01-25 13:34 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2015-01-25 13:34 . 2003-02-27 15:12 696320 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2015-01-25 13:34 . 2002-12-05 13:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2015-01-25 13:34 . 2002-12-02 14:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2015-01-25 13:34 . 2002-12-02 12:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2015-01-25 13:34 . 2002-12-02 12:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2015-01-21 07:31 . 2015-01-21 07:31 4877488 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-01-20 22:43 . 2015-02-06 03:32 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2015-01-20 22:15 . 2015-01-20 22:15 20160 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2015-01-20 22:15 . 2015-02-10 07:17 -------- d-----w- c:\program files (x86)\Glary Utilities 5
2015-01-15 20:58 . 2015-01-15 21:11 -------- d-----w- c:\users\PEPA\AppData\Local\Microsoft Games
2015-01-15 18:56 . 2015-01-20 00:16 -------- d-----w- c:\users\PEPA\AppData\Local\PDFCreator
2015-01-15 17:30 . 2015-01-15 17:30 -------- d-----w- c:\program files\Tracker Software
2015-01-15 05:38 . 2015-01-15 05:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-01-15 05:38 . 2015-01-15 05:38 -------- d-----w- c:\program files (x86)\Java
2015-01-13 21:09 . 2015-01-14 05:22 -------- d-----w- c:\users\PEPA\AppData\Roaming\PDF Architect 2
2015-01-13 20:57 . 2015-01-13 20:57 -------- d-----w- c:\program files (x86)\PDF Architect 2
2015-01-13 20:55 . 2015-01-13 20:55 -------- d-----w- c:\programdata\PDF Architect 2
2015-01-13 20:55 . 2014-12-16 19:01 114872 ----a-w- c:\windows\system32\pdfcmon.dll
2015-01-13 20:55 . 2015-01-15 18:29 -------- d-----w- c:\program files\PDFCreator
2015-01-13 20:16 . 2015-01-13 20:18 -------- d-----w- C:\Bitová kopie
2015-01-11 21:46 . 2015-01-15 05:38 -------- d-----w- c:\programdata\Oracle
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-10 07:29 . 2014-12-16 15:09 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-21 07:31 . 2012-04-03 13:31 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-21 07:31 . 2011-08-22 08:21 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-15 05:38 . 2014-01-19 09:13 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-27 09:23 . 2014-02-28 19:36 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-27 03:40 . 2014-11-27 03:40 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-27 03:40 . 2014-08-15 19:57 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-27 03:40 . 2014-02-28 19:36 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-27 03:40 . 2014-02-28 19:36 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-27 03:40 . 2014-02-28 19:36 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-27 03:40 . 2014-02-28 19:36 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-27 03:40 . 2014-02-28 19:36 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-27 03:40 . 2014-02-28 19:36 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-27 03:40 . 2014-11-27 03:40 43152 ----a-w- c:\windows\avastSS.scr
2014-11-21 05:14 . 2014-12-16 15:08 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 05:14 . 2014-12-16 15:08 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-21 05:14 . 2014-12-16 15:08 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
2014-10-10 15:03 37928 ----a-w- c:\program files (x86)\PDF Architect 2\creator-ie-helper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{DEEB13D7-CEA9-45FB-B77C-E039BEC85221}"= "c:\program files (x86)\PDF Architect 2\creator-ie-plugin.dll" [2014-10-10 478760]
.
[HKEY_CLASSES_ROOT\clsid\{deeb13d7-cea9-45fb-b77c-e039bec85221}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{30CEDC3C-254F-4827-9A25-A4AA041826CC}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-27 5227112]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
.
c:\users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 AQFileRestore;AQFileRestore;c:\windows\system32\DRIVERS\AQFileRestore.sys;c:\windows\SYSNATIVE\DRIVERS\AQFileRestore.sys [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\DRIVERS\OlyCamComm.sys;c:\windows\SYSNATIVE\DRIVERS\OlyCamComm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R4 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
R4 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R4 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-05 23:41 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.111\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 07:31]
.
2015-01-26 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2015-01-19 07:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-27 03:40 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
Trusted Zone: google.com\mail
Trusted Zone: ing.cz\www
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\www
Trusted Zone: seznam.cz\email
Trusted Zone: seznam.cz\www
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
TCP: DhcpNameServer = 93.153.117.33 93.153.117.1 8.8.8.8
TCP: Interfaces\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Fotoknihy online_Fotoknihy online - c:\windows\system32\Fotoknihy online_Fotoknihy online_uninstaller.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
.
**************************************************************************
.
Celkový čas: 2015-02-10 09:01:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-02-10 08:01
ComboFix2.txt 2015-02-09 22:53
.
Před spuštěním: Volných bajtů: 36 696 698 880
Po spuštění: Volných bajtů: 36 483 878 912
.
- - End Of File - - 3FB5757F361833C0B2BA06670B794CE8
A36C5E4F47E84449FF07ED3517B43A31

[gajo64]

SPUSTIL JSEM COMBOFIX A OBJEVILY SE 2 HLÁŠKY:

HJT A NASKOČILA HLÁŠKA:

[gajo64]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:09:46, on 10.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)

FIREFOX: 26.0 (cs)
Boot mode: Normal

Running processes:
C:\Users\PEPA\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O10 - Broken Internet access because of LSP provider 'c:\program files (x86)\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{70ECFAA1-2CC5-4AD7-B4FD-F7F85AA49E16}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 5562 bytes

[gajo64]

VIDÍM, ŽE JPEG HJT HLÁŠKA JE NEČITELNÝ, TAK JEŠTĚ JEDNOU:

[jaro3]

Hlášky myslím nejsou důležité.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

ten ASWMBR log je kde?

Co problémy?

[gajo64]

TADY JEŠTĚ POSLEDNÍ LOG - ASWMBR A POSLÉZE PROVEDU DALŠÍ...


aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-02-10 09:21:24
-----------------------------
09:21:24.479 OS Version: Windows x64 6.1.7601 Service Pack 1
09:21:24.479 Number of processors: 2 586 0x170A
09:21:24.479 ComputerName: PEPA3 UserName: PEPA
09:21:24.760 Initialize success
09:21:24.760 VM: initialized successfully
09:21:24.760 VM: Intel CPU supported virtualized
09:21:33.694 VM: supported disk I/O ataport.SYS
09:21:37.188 AVAST engine defs: 15020901
09:22:37.482 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-2
09:22:37.482 Disk 0 Vendor: SAMSUNG_HD502HJ 1AJ100E4 Size: 476938MB BusType: 3
09:22:37.638 VM: Disk 0 MBR read successfully
09:22:37.638 Disk 0 MBR scan
09:22:37.654 Disk 0 Windows 7 default MBR code
09:22:37.654 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:22:37.669 Disk 0 default boot code
09:22:37.685 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 89900 MB offset 206848
09:22:37.716 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 200000 MB offset 184322048
09:22:37.716 Disk 0 Partition - 00 0F Extended LBA 186936 MB offset 593922048
09:22:37.747 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 160000 MB offset 593924096
09:22:37.779 Disk 0 scanning C:\Windows\system32\drivers
09:22:46.171 Service scanning
09:23:00.851 Modules scanning
09:23:00.851 Disk 0 trace - called modules:
09:23:00.867 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys
09:23:00.867 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008ed5060]
09:23:00.867 3 CLASSPNP.SYS[fffff880018d943f] -> nt!IofCallDriver -> [0xfffffa80088c9240]
09:23:00.867 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-2[0xfffffa8008a1d680]
09:23:01.054 AVAST engine scan C:\Windows
09:23:02.801 AVAST engine scan C:\Windows\system32
09:25:04.606 AVAST engine scan C:\Windows\system32\drivers
09:25:13.217 AVAST engine scan C:\Users\PEPA
09:27:37.502 AVAST engine scan C:\ProgramData
09:29:07.077 Disk 0 statistics 3802045/0/26 @ 5,94 MB/s
09:29:07.093 Scan finished successfully
09:29:27.170 Disk 0 MBR has been saved successfully to "C:\Users\PEPA\Desktop\MBR.dat"
09:29:27.170 The log file has been saved successfully to "C:\Users\PEPA\Desktop\aswMBR.txt"

[gajo64]

Bohužel, s mým PC toto vše nic neudělalo (zatvrzelý mameluk jeden ☺).
Zasílám výsledky svého nynějšího snažení: