Pomalé PC - rok staré Vyřešeno

[jaro3]

Ponech si Avast...žádný antivir není na 100%.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir i firewall.
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Reklama]

[Skeleton]

Omlouvam se ted jsem pryc. Budu na to mit cas az v nedeli. Pisu z mobilu.

Dekuji

[jaro3]

OK.

[Skeleton]

RogueKiller V10.8.6.0 (x64) [Jun 22 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Pepa [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mód : Smazat -- Datum : 06/28/2015 12:49:11

¤¤¤ Procesy : 2 ¤¤¤
[AV.Killer] RapportMgmtService.exe(220) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe[7] VT(1) -> Zastaveno [DrvNtTerm]
[Proc.RunPE] hasplms.exe(1788) -- C:\Windows\System32\hasplms.exe[7] -> Zastaveno [TermProc]

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.106.33.2 10.106.47.1 [(Private Address) (XX)][(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.106.33.2 10.106.47.1 [(Private Address) (XX)][(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.106.33.2 10.106.47.1 [(Private Address) (XX)][(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{87A1C866-9DA4-4FD3-B597-61D076D4C7E2} | DhcpNameServer : 10.106.33.2 10.106.47.1 [(Private Address) (XX)][(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{87A1C866-9DA4-4FD3-B597-61D076D4C7E2} | DhcpNameServer : 10.106.33.2 10.106.47.1 [(Private Address) (XX)][(Private Address) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{87A1C866-9DA4-4FD3-B597-61D076D4C7E2} | DhcpNameServer : 10.106.33.2 10.106.47.1 [(Private Address) (XX)][(Private Address) (XX)] -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FIREFX:Addon] p335shxv.default-1356991751223 : Avast Online Security [wrc@avast.com] -> Smazáno
[PUM.HomePage][FIREFX:Config] p335shxv.default-1356991751223 : user_pref("browser.startup.homepage", "https://www.seznam.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 93914227eab9541daeb8cf13b026b8af
[BSP] 1fec0ee34153aa8808ad64d032b32cd2 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 199899 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600000 | Size: 753867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_06192015_093602.log - RKreport_DEL_06192015_093949.log - RKreport_DEL_06192015_094006.log - RKreport_DEL_06192015_094011.log
RKreport_DEL_06192015_094012.log - RKreport_DEL_06192015_094013.log - RKreport_SCN_06192015_094304.log - RKreport_DEL_06192015_094435.log
RKreport_SCN_06282015_124851.log

[Skeleton]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Pepa on ne 28.06.2015 at 12:52:28,63.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pepa\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

28.6.2015 12:53:15 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\IObit deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\ZoomBrowser deleted successfully
C:\Users\Pepa\AppData\Roaming\BitTorrent deleted successfully
C:\Users\Pepa\AppData\Roaming\DeskSoft deleted successfully
C:\Users\Pepa\AppData\Roaming\IObit deleted successfully
C:\Users\Pepa\AppData\Roaming\Opera Software deleted successfully
C:\Users\Pepa\AppData\Roaming\rmi deleted successfully
C:\Users\Pepa\AppData\Roaming\ZoomBrowser EX deleted successfully
C:\Users\Pepa\AppData\Local\FMSoftwareStudio deleted successfully
C:\Users\Pepa\AppData\Local\Opera Software deleted successfully
C:\Users\Pepa\AppData\Local\VirtualStore deleted successfully
C:\Users\Pepa\AppData\Local\WarThunder deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10B78292-669-47F9-AF3D-4841A7AC241F} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15BB3A2C-FA81-4409-AB5B-F55E23A641FB} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28D3769B-F524-4EC3-9DA8-8F638BBB3CA0} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2986F55C-A7D6-4DA7-BC6D-E5787BA1AC} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CC551A2-C7A5-48CE-8623-976666DB1556} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D31EA8-BDE5-4F18-988C-2682267A355A} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48076F34-1655-45DC-83B7-3C98E46D196} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5796B099-796B-457E-85AE-BEC261E9A60} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6173E81F-9490-45DB-8978-87879FFD3FB7} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63DC2F10-95A8-4BCC-A15D-E815E0B9A1D} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{647B17EF-EED5-447D-AFA7-3DA626F35C4} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B5DB26A-2276-4273-B6B7-8FC89C1F7FB6} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C1740BD-7A79-4686-97D2-92C832AA15C1} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81E39EB3-FB14-473D-B27-AAF8675248ED} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83D7DC3E-3A02-4955-9DE3-2F612E656B6} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{889F1225-ABE9-46D7-AAC8-46E52643523} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1637490-6C36-42D2-9B13-37E3556F824C} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A258648-AB25-4DCB-AD59-E22BECF490A9} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A356724B-E7FC-495E-8F6F-6185AB7AE8AF} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A37FAA57-9A1C-4AEA-B8F0-58EBDD1FDD3} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4608969-453-4B1D-A5EE-D742B8DCEC4} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4F6F521-4B30-45BC-86F0-A26B65304F34} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4F8AE42-EEBB-4D25-A3E9-DC754983FA13} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A93E9668-2A3-4DE0-86FC-6B6A86684215} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACD37AF1-169B-45D3-A66D-A8BDDE58A116} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF9F245E-5C1D-4774-9641-4FABFE661C70} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3002115-7F89-4BBA-AD47-89B4934E684F} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b3f277ee-0481-42f3-a102-532629b9fef9} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6F4BEB4-18F3-4DE5-955A-75161B655D32} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C114EC6F-874-44FD-9337-FBC578B2497B} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEC778B7-ECDC-4010-8E59-43B51ABCCF5} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0DFC734-2CA2-441B-899E-F7D5CC76DB5F} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D139170E-19A5-4090-A850-F00763454BD} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA19B9C4-B019-45C3-A5FB-5A62D58E597F} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB67A7E-3EEF-429E-A3E5-6993465E424} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3FDDAEF-DCDC-4E21-89C6-77526B11652} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E9AC896-F78E-486C-80A7-25F8772575B1} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA025B53-86E3-4EFB-8BD3-9E13D44D3782} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF9D30DC-344F-4A00-97A7-2463EA465123} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7E3D4D6-5B67-4118-8A84-AEFBD4318C} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F963D37-AF69-44A9-9545-335CED7B5F2D} deleted successfully
HKEY_USERS\S-1-5-21-4106156512-3336392037-3228977710-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF884FD0-3FEA-4024-BFF5-25F8191876FA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223\prefs.js:
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\IObit not found
C:\PROGRA~2\Seznam.cz not found
C:\Users\Pepa\AppData\Roaming\SteelBytes deleted
C:\Users\Pepa\AppData\Roaming\Scorch_Install.log deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223\Invalidprefs.js deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [29.05.2015 21:52]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
0302BD49CFF9780E77342871BFB8A54C - C:\Users\Pepa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
2E661988463BCFA1B95D4DAAB9B0B6FA - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll - Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Pepa\AppData\Local\Google\Chrome SxS deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.130

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.03.2015 11:49]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01.05.2015 11:17]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Avast Online Security - Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chromium Startpages ======================

C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"apps":{"shortcuts_have_been_created":true},"browser":{"last_known_google_url":"https://www.google.cz/","window_placement":{"bottom":974,"left":10,"maximized":false,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"countryid_at_install":17242,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1038472"],"daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1038472"],"daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"last_update_date":"13077928800000000","statistics_prefs_migrated":true},"default_apps_install_state":3,"dns_prefetching":{},"enhanced_bookmarks_enabled":0,"extensions":{"alerts":{"initialized":true},"autoupdate":{"next_check":"13077996220837963"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"install_signature":{"expire_date":"2015-08-28","ids":["gomekmidlodglbbmalcneegieacbdmki","lifbcibllhkdhoafpjfnlhfpfgnpldfl"],"invalid_ids":[],"salt":"keWcAyCFkuP5hH0XWanEVLgSIC9+06U9qmmkhMJzLuk=","signature":"jNZ6em1n9lZhFySI79O6UzKRNLOSxe30EPQYTDrp005Ne4Dq+feFKYFYgKOx5WR3OHp786shmuuuriMG1ubqjg9u9oR4l5TUeXwxxNBo6xA2g++8ZIn9xUPzOW0Y8BdaaB0inABDCOJTdSXIf6QgbQ27rpKaty8fFn5SFDXU4peQFU8HNT4/VjfWPOvjiDu+mfTwwhjj/r/ACilwXsHjTuTDwCHq+b/H6ZNsjhMmCGI5rSAuxxmOGQw4xo6+sgO2KEEf9YTPUisFV23nxriAvnXEyJD1oSM97LP4SXHZKlaO2Fva5fJHiENXaQxHnIuNT2iTSxVz4dDiuhlpbtJBcA==","signature_format_version":2,"timestamp":"13077995673316788"},"last_chrome_version":"43.0.2357.81"},"google":{"services":{"signin":{"LSID":"","SID":""}}},"http_original_content_length":"3714996040","http_received_content_length":"3714996040","intl":{"accept_languages":"cs-CZ,cs"},"invalidator":{"client_id":"12MANHNehO7IcqNfIziZfw=="},"media":{"device_id_salt":"VKVmdsKvfWBlJDaKCILwpw=="},"net":{"http_server_properties":{"servers":{"apis.google.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"cache.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"chrome.google.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"clients2.google.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"clients2.googleusercontent.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":8953},"supports_spdy":true},"p5-c3ozp6mnq2tmc-qe3but5usakw2oum-134542-i1-v6exp3-ds.metric.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"p5-c3ozp6mnq2tmc-qe3but5usakw2oum-134542-i2-v6exp3-v4.metric.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"r5---sn-2apm-f5fee.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"ssl.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"stats.g.doubleclick.net:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"www.google.cz:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":17558},"supports_spdy":true},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}]}},"supports_quic":{"address":"192.168.1.102","used_quic":true},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"created_by_version":"33.0.1750.117","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"První uživatel","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13064355988763479"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["cs"],"translate_denied_count":{"en":1},"translate_last_denied_time":1433522000000,"translate_whitelists":{}}
V3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\40.0.2214.115\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"prefs":{"preference_reset_time":"13077995661093779"},"protection":{"macs":{"browser":{"show_home_button":"3EBC4FF44AA999698E76934923C2F797C029500BC5F581295A54D0C3FEFD104F"},"default_search_provider":{"keyword":"F80A7EF0586800A534D3F0C1DD9697664CC0C55F986749EF9ACAAE1F965C31D3","name":"C8A7D375DDF63327E1507D11C4990CD4CE669F00FB8A48A1F402D14C306B69FE","search_url":"BFFA44654A2DA1AE62BC844E618B6D08CCF0FD359B008AEA2E93CEC06DC04CB0"},"default_search_provider_data":{"template_url_data":"534AA48A1840C5193C1AA602ECEB44522661DF0B22287086621D04D3AD88CA49"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"F106A47D939CE79EA8ABB52BF8A7BFD1A545603E9BF02AC39998BEDDFDB09247","bepbmhgboaologfdajaanbcjmnhjmhfn":"E7E25F337C1AF870DADE261348B1D64BB902ED565686CA3AB07C68249B4EA075","eemcgdkfndhakfknompkggombfjjjeno":"BFB4FE4C581042E5A86858EE63A625F567861CAEEE3310698CFE23BE3B3E3903","ennkphjdgehloodpbhlhldgbnhmacadg":"86FE9706C816532ABD6E0893BC932AB1FC93572831AA06001E7EAA59E4C88529","gfdkimpbcpahaombhbimeihdjnejgicl":"F6184503B594BC3B97430C8BFC0AA77EDE3E202A0C57BDEE9B96E8157E0628E8","gomekmidlodglbbmalcneegieacbdmki":"F549FABA377FF1753B1043D59781DDFB097FD3407BB6E987F8585E7BB4EA9260","kmendfapggjehodndflmmgagdbamhnfd":"F4F2D887B3F02483A0B1A70FCD6EE699D40DBF60D7F00F277E20A2B698FCC54A","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"777B1601EE6DB52A77658455AE1C6027391A3A008EF811EC3CB852A7A27F9C27","mfehgcgbbipciphmccgaenjidiccnmng":"8383D0F9DA43E1737211459D23BD0C860B11A72085CDF47BA06CFB81F520D7CC","mgndgikekgjfcpckkfioiadnlibdjbkf":"B18D665B5A8D6025AE0EA84E8039FA437494CFCA67683452DDE228DEC51C84D2","mhjfbmdgcfjbbpaeojofohoefgiehjai":"C10D4B5FB39D3F1F09FA990E4320878CBB31F1BDD1B58105516F1783BF6A98D9","neajdppkdcdipfabeoofebfddakdcjhd":"BEFAFDA2F56B11B0D38DB4C42400EEAF6C305E13E57BEDF1B559954244082039","nkeimhogjdpnpccoofpliimaahmaaome":"6CB9E23E8DA44D8D32623A5E4E72BDB92798D1F24EC19AA1A5534063C981EC43","nmmhkkegccagdldgiimedpiccmgmieda":"9B7E219790F89A59F33587DF2D5CB118102D833B9E71C124338BE0B787D3600F","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"367EFEAA0450CF420746F19C2AEB29503FAE2632111D4A28337B1BC4B6ED34E1"}},"google":{"services":{"last_username":"02D8DF8E2FF55CD775DDCF60C9FC2750E487E29C04B845D6FF35D8B78DB26E53","username":"C3F0570C27B75C0BCE60CCAD74F2C494EE57A66A3D897C213EB0F4D4529B39B7"}},"homepage":"05702C5C30A9F28891A1E9EBFED9D3D5C32B43E9B9436FFE6130BF64E7B7D7F0","homepage_is_newtabpage":"19AD5AA94F2CA96007EE8863AA61C93E513B9C229741A048CB49A4C92EA87B6C","pinned_tabs":"0E765D1FF3E941B716F6694EB216D754B12DED000C4F657CB690DADD03760AE0","prefs":{"preference_reset_time":"6D4EDE81DA0AD3B572C3B6A5F484841683223D1460C41805379726562F03B7EC"},"profile":{"reset_prompt_memento":"586EE9BACE0DF9B96A2382F84884883ABC9043977600B5051C81C797900F52E3"},"safebrowsing":{"incidents_sent":"EA185FC0BF924B0B3EAB999C9B1A8F4EE09EB1822E2B3EB985ED5739A38C9648"},"search_provider_overrides":"A36394F2B0E4FE81888CCB5C595BD3D0B6133E7D622B9F9F41170CF619BA15FC","session":{"restore_on_startup":"80EB4F06698D070787FD9C72E3DF0E9E2D950309B61AA970678C4B6695784063","startup_urls":"D6B6DA8375BEDE048B71AA50304D45A94564DDD8246571C3A3DA06DAB9D36049"},"software_reporter":{"prompt_reason":"8B636E1AEBC23FA0850592CB7C8D98C27D5D8ED369DFC63D2AF92276CA0D8685","prompt_seed":"F6B89D665F332AC5661C8AF991107F6692FB199B9B824E0D88EC57BABE2E5919","prompt_version":"1DC7E0DFA3E92CD731E6A29695E5C40A40EAC1DFB97591B87BE4A04133F930BE"},"sync":{"remaining_rollback_tries":"F18C502869DFB9BE04019DA89BE890C83E3AA34AC7119A39349EAC246EB44053"}},"super_mac":"8BBD0AF9D566B50F666BFF209968D88F3ACEA62632AD0579579E939433458209"},"session":{"startup_urls":[]}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Old Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Old Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz="

==== Reset Google Chrome ======================

C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Preferences.old was reset successfully
C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pepa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Pepa\AppData\Local\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223\cache2 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\75jnhxyn.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Pepa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=52 folders=35 59278729 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pepa\AppData\Local\Temp will be emptied at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Pepa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on ne 28.06.2015 at 13:12:17,65 ======================

[Skeleton]

ComboFix 15-06-27.01 - Pepa 28.06.2015 13:21:23.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8120.5401 [GMT 2:00]
Spuštěný z: c:\users\Pepa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NEWDRIVER
-------\Service_NEWDRIVER
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-28 do 2015-06-28 )))))))))))))))))))))))))))))))
.
.
2015-06-28 11:30 . 2015-06-28 11:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-28 11:10 . 2015-06-28 10:52 24064 ----a-w- c:\windows\zoek-delete.exe
2015-06-28 11:10 . 2015-06-28 11:42 -------- d-----w- c:\users\Pepa\AppData\Local\Temp
2015-06-28 10:52 . 2015-06-28 11:11 -------- d-----w- C:\zoek_backup
2015-06-28 10:43 . 2015-06-28 10:44 -------- d-----w- c:\program files\RogueKiller
2015-06-27 10:24 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F89767A-C1C5-434D-85BE-A47F090CAF7B}\mpengine.dll
2015-06-19 07:44 . 2015-06-19 07:44 -------- d-----w- c:\users\Pepa\AppData\Local\CrashDumps
2015-06-19 07:26 . 2015-06-28 10:44 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-06-19 07:26 . 2015-06-19 07:44 -------- d-----w- c:\programdata\RogueKiller
2015-06-19 07:17 . 2015-06-19 07:17 -------- d-----w- C:\RegBackup
2015-06-18 16:58 . 2015-06-19 06:58 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-18 16:58 . 2015-06-18 16:58 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-06-18 16:58 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 16:58 . 2015-04-14 07:37 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 16:58 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-10 06:55 . 2015-06-10 06:55 -------- d-----w- c:\users\Pepa\AppData\Roaming\The Creative Assembly
2015-06-09 16:12 . 2015-06-02 16:41 121432 ----a-w- c:\windows\system32\drivers\RapportHades64.sys
2015-06-09 16:02 . 2015-06-09 16:02 -------- d-----w- c:\program files (x86)\Common Files\Canon
2015-06-06 18:04 . 2015-06-06 18:04 -------- d-s---w- c:\windows\SysWow64\GWX
2015-06-06 18:04 . 2015-06-06 18:04 -------- d-s---w- c:\windows\system32\GWX
2015-06-06 16:24 . 2015-05-09 03:27 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-06-05 16:59 . 2014-10-13 05:57 206080 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2015-06-05 16:59 . 2014-10-13 05:57 110336 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-06-05 16:32 . 2015-06-05 16:42 -------- d-----w- c:\program files (x86)\Opera
2015-05-29 19:53 . 2015-05-10 14:18 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-29 19:34 . 2015-05-29 19:34 -------- d-----w- c:\users\Default\AppData\Local\Trusteer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-27 10:23 . 2015-02-02 17:34 442264 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-06-10 14:02 . 2014-05-04 15:57 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-02 16:41 . 2015-05-19 17:28 376184 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-25 18:19 . 2015-06-06 16:26 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-06 16:26 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-06 16:26 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-06 16:26 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-06 16:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-20 07:48 . 2015-05-20 07:48 30352 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-05-20 07:43 . 2014-05-03 18:05 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-20 07:43 . 2014-05-03 18:05 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-16 14:37 . 2014-12-13 19:08 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-05-16 14:26 . 2015-04-03 09:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-05-10 14:18 . 2015-02-02 17:34 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-10 14:18 . 2015-02-02 17:34 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-10 14:18 . 2015-02-02 17:34 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-05-10 14:18 . 2015-02-02 17:34 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-10 14:18 . 2015-02-02 17:34 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-10 14:18 . 2015-02-02 17:34 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-05-10 14:18 . 2015-05-10 14:18 43112 ----a-w- c:\windows\avastSS.scr
2015-05-10 14:18 . 2015-02-02 17:34 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-05-01 13:17 . 2015-05-13 08:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 08:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 07:59 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 07:59 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 07:59 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 08:00 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 08:00 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-16 18:07 . 2015-04-16 18:07 377 ----a-w- c:\windows\SysWow64\Delete.bat
2015-04-16 18:02 . 2015-04-16 18:02 40960 ----a-w- c:\windows\SysWow64\nwsftUninstall.exe
2015-04-14 01:33 . 2015-04-14 01:33 1614504 ----a-w- c:\windows\system32\FM20.DLL
2015-04-13 03:28 . 2015-05-13 07:59 328704 ----a-w- c:\windows\system32\services.exe
2015-04-11 03:19 . 2015-05-21 09:26 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-04-08 03:29 . 2015-05-13 07:59 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 07:59 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 07:59 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2015-02-27 5583120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-06-27 292848]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-12 5515496]
"Live Update"="c:\program files (x86)\MSI\Live Update\Live Update.exe" [2015-06-01 3454632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 intelsba;Intel(R) Small Business Advantage;c:\program files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7816v380\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7816v380\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
R4 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
R4 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
R4 Origin Client Service;Origin Client Service;f:\origin\OriginClientService.exe;f:\origin\OriginClientService.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 RapportHades64;RapportHades64;c:\windows\System32\Drivers\RapportHades64.sys;c:\windows\SYSNATIVE\Drivers\RapportHades64.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 RapportCerberus_1412112;RapportCerberus_1412112;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KbFilter_Kb_FlexDef3x;HID Keyboard(FlexDef3x) Driver Service;c:\windows\system32\DRIVERS\KbFilter_FlexDef3x.sys;c:\windows\SYSNATIVE\DRIVERS\KbFilter_FlexDef3x.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-23 04:06 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-06-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-03 07:43]
.
2015-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21 13:15]
.
2015-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1d09333134a3.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21 13:15]
.
2015-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21 13:15]
.
2015-06-28 c:\windows\Tasks\RtlNetworkGenieVistaStart.job
- c:\program files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2015-02-10 14:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-13 16:35 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-13 16:35 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-13 16:35 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-10 14:18 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-03-12 8463064]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-25 391128]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-25 771544]
"ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-08-25 5860656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-25 770520]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2014-08-29 4465448]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.106.33.2 10.106.47.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-553E35CD-0415-41bc-B39A-410375E88534 - c:\program files (x86)\Intel\ACPI Driver Installer\Uninstall\setup.exe
AddRemove-{15134cb0-b767-4960-a911-f2d16ae54797} - c:\programdata\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
AddRemove-{236e0932-2039-4fba-9df8-2d67de8f730f} - c:\programdata\Package Cache\{236e0932-2039-4fba-9df8-2d67de8f730f}\xtu-setup-exe.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{3FD0C489-0F02-481a-A3E1-9754CD396761} - c:\program files (x86)\Intel\Intel® Watchdog Timer Driver (Intel® WDT)\Uninstall\setup.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{d370215a-d003-43ae-a3b6-1028af64d5a1} - c:\programdata\Package Cache\{d370215a-d003-43ae-a3b6-1028af64d5a1}\SetupChipset.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,79,1c,46,7b,ea,d3,cf,46,88,e9,7f,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,79,1c,46,7b,ea,d3,cf,46,88,e9,7f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,79,1c,46,7b,ea,d3,cf,46,88,e9,7f,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="2C7F14A5ED2C3C2DAA7750110C3D849968324FE5782232881B66E9A0968527225444DC25F335AEEC56FC300459556487F49BAD9DF7DBB6240830650A28E57568ED4346D7ABD5EF891F24C2991041A342507B09BE95B8F81B22B849C1A95093F9EAC88BA8F286318BFE9D94C968EE95731C86E06D813A8DD157DB263CE8FBF71BA0F46D7451D6E636D4EDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC7933A9C6AECB7A5D1407A6171C11EC38DE3D66E5BA74C684478684B4CBBFD4372307FA35B1B410362C9888E1C54DDBD8D18311DD43F519148518B0AB91ACC1964F7465BC1A729BC26F22C44F350874748E78BE9727047010835AF93EA6ADE86C263D372CF9B25A84ACFC4827A0A665FA240C16BD0BCE59736F66B7856B4757B15CDC18A78A72FA0EC22C2E38B5391E413965436CB69C26EE5926460BDE13DE128C26B5C4253EEFABF48516484AE3D24C5CFEF6331847E865B7DA084BA9C1156EB63CC30F49B9EDD86CB1228E545EF8D77DA7E3983F3A79ED62975FB99414D1DB3B98F486191EF0C8B3317936F1F5CBD0EF82C095E079F4D51944383C0D6133226287051C5C3435DFB952C4E0620B4BDB6E07CA97D7183B9A7A1D7BABA4131B3ED42B31B9FC5EBEB7513D35A18811BA4D12FEC17D1F4070708EB09B579226ACE0A276BB370B0D529D336BFB016D8FA0B15D08E79F582F7DBFBD640E01B03051ED3D346766B8C8FA14F929CE7ABB2549C5349706C348B60D23D46EC9DEFB55B7FD7B7F0208DCAB06CF269AEA7EC400C1FC6072E6A9573B11E9055B4D19174FD0DD17C85654736706BA99338DEFFAE45F7E8BB55B8094B5BB98658A185147ED508E2FD637F6993D52721C3EF829772D38A3C84DB56DAD3486E46EB0AE167792B0C3C5C0F90E14840348DAD874747544A7FA0A7C4E0B7AD72EBDFCD419EF34342E6741F4F62C48A9F74163754B9255AACC482ADB8064F0D531BE5452E6D630DB4B14EB320FD942AB5298A8D8CA369BF38A01E255AC7B31F753BD975A25B9C1A84C9B748E21902F1C78B9831EC5096E4A88CFD7A6B646F99A1FC150EFEA7B614E3A81ECF19340642515472FB193271B6731140BE3842C30305F066DE94F71AE90617F4D9A50CB570094174A560F9E901D345F6573838ADD3C24FA407670E4E9C954816D97450A237C2BB0D8A09575E3CE84F7341022B22FD94243FB926E157AEAE8A70ECE63C586FD4E5542FB0BA34C76D9D826C7D4E9753451363D936C33E87336474FF89F3EE4FA38F251A45593259EAF31517F93E8A58FAD607EA1956564FB9AE8B9A27627C48066B0B5AEDFA66F6843622D6BD8DDD73E768023B69546BEACB7C7B5AC62A6D02C1CE703FC98304E081A84161824E749AB118A"
"OODEFRAG18.00.00.01PROFESSIONAL"="05E9743E2BA0F7C61623CD3C2F429B952703532E04BCEBFC990797343987F7F4A0D306741FF511BF5BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14075D575E7D6A3B98088EDD5E5BE2F6E6678EDD5E5BE2F6E6678B084C020B0AAB5E63981F07DC7C99E22F78DAE52E4F9B95FDB31FDFE07E525B4773503B4A007E8FB0209D26A073F0A3AA19641E3F625356D27BD766300BBAEE35F7FD9B15C28C19CAB9814650E0313E59DD45070DC01DFD98785854864DA12FAC2CADC232A10FF16D4EAEDC28B331D1FD210E93681B8B763597FEB2E955F36EDB2D2970FC2CF2F52BCAFA85769EF8E02D40C2D4B464650C64479BAD73775760BF9BAC8CE1B7D7E0E62232FD1D164654D2205A856CD223EE34FBF416CF4C249FAD9CEBA0E55F9358DA4A132B96D50B76AA25C2001961F53307ACC261BF2EE228CCD98DD89C7EAD5F92BB5192EBDAECF6483BDAC35CCFBED094D533289A3ED55D98FCA889B136626370F49360BDE745691050F5F5EA22142667776627C761EE0462B8CD2763EB2431A776F4E13E8222C43B58DCDD0C9EC1715E14713F453FD6C34C427E4C82C8947A4347040AB4F543E45949CB671D50C4572CB3DCF524C3682CCE50B036F7BB0F571D7144F07C4F210A4C1DF2228C865161D6E1A674099F332EB5A14D473C721EC1E680ABD106E262D5C7D376C26054CBFBB9AEBF062FC5FA9E21F5B4055DE48318A60727895343E5D1D66E6DA030915075042D8C9CE1EF37378391369AFE4BB29BB41B941CFBCC3D6657F4643829D8AD853875E6CD8319131526BC9AD3D623D5743DD64631AB1EADE57BF0DAA88A0864412D241BD00902EDB9244699A32E2CC6ABC0D60512A1183081477246B528452DA70DD66A84FA2F5C0B6DFBE120E46D9930153D0BAFAF617352168A8DC8EA747197D6B18AE8786725D2C53596046C2F10556130861CBFE4595396D18C6BCFC350565F5EA3A131B8C3BC45C7CCAACAFEA34F25D89C8DCACF75E347601450E6A01C0C4985D279EA71685BD6130E191B2D803AAE63E05E619392C601D66748D33D5A431359A9DCFEA675A4BA76D9730ACE8715A304E20FA6E72EA36CD73F4E4E13C7EF8A8CAB5CDA3083EF84D521825CBECDBFFC6F9D42D0C6F9860709477CA45CCFE451D5D4ACFE2BDD7D1D1BC937E5199A83875E06BEACEC5BDD23169F1335979859DEF10F2702F604EB3F33AE21923EEA096410036E985EEA7D662D5C757587F5EA7E213DC80C3729C2F90D9CF6DF54705E8644EF6208DFF61DCA8084ACECB57399CEA5B3B1DA5435EA321F5792DFC30E7738C21A4B827C81D71E4616E3B76A4FC942473BA8BEFBC3319FE013713A3BDCA99654C68022823F2E80BA7FEA86B7FBC41F5312141F9BA3474ECF7BB5A7A929"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Trusteer\Rapport\bin\RapportService.exe
c:\program files (x86)\MSI\Fast Boot\FastBoot.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-06-28 13:49:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-06-28 11:49
.
Před spuštěním: Volných bajtů: 108 891 058 176
Po spuštění: Volných bajtů: 108 526 825 472
.
- - End Of File - - 0284D8BFDE22CC1418BE965EDEDA9B50
A36C5E4F47E84449FF07ED3517B43A31

[Skeleton]

Vše proběhlo v pořádku. Jen se omlouvám byl jsem tedkon hodně časově vytížený :) . Jen se mi zdá že se Pc zpomalilo ještě více při startu když se zobrazuje Spouštení systému Windows a problikává logo, dříve byl Pc zapnutý hned :(

[jaro3]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\SysWow64\Delete.bat
c:\windows\SysWow64\nwsftUninstall.exe
c:\windows\system32\services.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Skeleton]

----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2015/06/28 20:13:36

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- ST1000DM003-1CH162 ATA Device
+ ATA Channel 1 (1) [ATA]
- TSSTcorp CDDVDW SH-224DB ATA Device
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1CH162 : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DM003-1CH162
----------------------------------------------------------------------------
Model : ST1000DM003-1CH162
Firmware : CC47
Serial Number : Z1DB33GK
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 1037 hod.
Power On Count : 899 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 000008A60FE8 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000384 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _77 _60 _30 00000311BEB1 Počet chybných hledání
09 _99 _99 __0 00000000040D Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000383 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD _97 _97 __0 000000000003 Vysoká rychlost zápisu
BE _71 _60 _45 00001D17001D Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000003B Počet vypnutí disku
C1 100 100 __0 0000000005D2 Počet cyklů načítání/vymazání
C2 _29 _40 __0 00110000001D Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 CE9A00000438 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0006C0706658 Total Host Writes
F2 100 253 __0 000C45A94480 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A31 4442 3333 474B
020: 0000 0000 0004 4343 3437 2020 2020 5354 3130 3030
030: 444D 3030 332D 3143 4831 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0006 004C 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 207F 0036
090: 0036 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 66AA 08F9 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 DAA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 63 E8 0F A6 08 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 64 64 84
020: 03 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4D 3C B1 BE 11 03 00 00 00 09 32
040: 00 63 63 0D 04 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 83 03 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 61 61 03 00 00 00 00 00 00 BE 22
0A0: 00 47 3C 1D 00 17 1D 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 3B 00 00 00 00
0C0: 00 00 C1 32 00 64 64 D2 05 00 00 00 00 00 C2 22
0D0: 00 1D 28 1D 00 00 00 11 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 38 04 00 00 9A CE 16 F1 00 00 64 FD 58
110: 66 70 C0 06 00 00 F2 00 00 64 FD 80 44 A9 45 0C
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 48 02 00 73
170: 03 00 01 00 01 6F 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 18 13 00 00 04 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 E4 78 BD 64 65 03 00 00
1B0: 00 00 00 00 01 00 11 03 58 66 70 C0 06 00 00 00
1C0: 80 44 A9 45 0C 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 A6 16 00 00 01 00 00 00
1E0: 00 00 00 00 C0 08 01 00 00 00 00 00 00 00 00 02
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BF

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

[Skeleton]

https://www.virustotal.com/cs/file/5752 ... 435515395/ services.exe a delete.bat ve win nejsou...

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore1d09333134a3.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\SysWow64\Delete.bat

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,79,1c,46,7b,ea,d3,cf,46,88,e9,7f,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,79,1c,46,7b,ea,d3,cf,46,88,e9,7f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,79,1c,46,7b,ea,d3,cf,46,88,e9,7f,\
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Skeleton]

ComboFix 15-06-27.01 - Pepa 29.06.2015 16:14:18.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8120.6013 [GMT 2:00]
Spuštěný z: f:\dokumenty\Sta×enÚ soubory\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pepa\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\Delete.bat"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1d09333134a3.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.27.5\googleearthinstall.log
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.27.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.27.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.27.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.27.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.27.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.27.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_43.0.2357.124_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.5.1557\GoogleEarth-Win-Bundle-7.1.5.1557.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{00648F0D-521F-484C-94AF-A27B3BAB582D}\43.0.2357.124_43.0.2357.81_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{32C3727C-85D2-444F-AB55-BDCBCB4851EB}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{373DED86-27E4-454D-8F8A-44508B02EADE}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{45995312-C01C-4FA8-ABFF-577798285FE8}\43.0.2357.130_43.0.2357.124_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{4A5ABAF8-9004-4AC7-8F4B-AB06FE303E54}\43.0.2357.124_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{594E3536-5E73-480F-B35C-0BFA2F3CC3EE}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{694B4E26-8E26-4C75-B212-563891A33C85}\42.0.2311.90_41.0.2272.118_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{6C83A422-E1D8-46C9-A7B1-F2E971C6A7C8}\GoogleEarth-Win-Bundle-7.1.2.2041.1.exe
c:\program files (x86)\Google\Update\Install\{902B9269-EAB3-4AE5-80F1-ECDC91B9FA25}\GoogleEarth-Win-Bundle-7.1.5.1557.exe
c:\program files (x86)\Google\Update\Install\{95A10212-895F-4AC0-A325-BD4353DADD6A}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{A9EA1087-C9C1-4A30-8F8C-D6A99914F69C}\40.0.2214.115_chrome_installer.exe
c:\program files (x86)\Google\Update\Install\{C02168BA-5CFE-4399-B4A3-1FF0B8528B38}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{C1686209-432D-4174-98A2-BB7AE0A2831C}\gsync.msi
c:\program files (x86)\Google\Update\Install\{C47BD6FD-9969-4A5D-BAA2-CC2318793338}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{C9BACFE6-AB8A-4E82-ABB2-AAD363663A55}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{D2126CFE-B3A7-47ED-9776-8BD008FCD9A9}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{D92E87FA-27FF-4DB5-A144-6B86D52DE6BD}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{E7E0A516-8CCA-4579-9785-267E07B66C3B}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-05-28 do 2015-06-29 )))))))))))))))))))))))))))))))
.
.
2015-06-29 14:22 . 2015-06-29 14:22 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-06-29 14:22 . 2015-06-29 14:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-29 14:22 . 2015-06-29 14:22 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-06-29 07:38 . 2015-06-29 07:38 -------- d-----w- c:\programdata\IHProtectUpDate
2015-06-29 07:38 . 2015-06-29 07:38 -------- d-----w- c:\program files (x86)\MiuiTab
2015-06-29 07:37 . 2015-06-29 07:37 -------- d-----w- c:\users\Pepa\AppData\Roaming\GoodGameEmpire
2015-06-29 07:37 . 2015-06-29 07:37 -------- d-----w- c:\users\Pepa\AppData\Local\GGEmpire
2015-06-28 19:26 . 2015-06-28 19:26 -------- d-----w- c:\program files (x86)\Assassins Creed 2 Crack only SKIDROW
2015-06-28 19:13 . 2015-06-28 19:13 -------- d-----w- c:\users\Pepa\AppData\Roaming\Ubisoft
2015-06-28 13:58 . 2015-06-28 13:58 -------- d-----w- c:\program files\DIFX
2015-06-28 13:58 . 2015-06-28 13:59 -------- d-----w- c:\program files (x86)\Garmin
2015-06-28 13:25 . 2015-06-28 13:58 -------- d-----w- c:\users\Pepa\AppData\Roaming\Garmin
2015-06-28 12:41 . 2015-06-08 12:13 428880 ----a-w- c:\windows\system32\LavasoftTcpService64.dll
2015-06-28 12:41 . 2015-06-08 12:13 348488 ----a-w- c:\windows\SysWow64\LavasoftTcpService.dll
2015-06-28 12:09 . 2015-01-15 12:42 977624 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2015-06-28 12:09 . 2015-01-15 12:42 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2015-06-28 12:08 . 2015-03-23 22:34 800016 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2015-06-28 12:08 . 2015-03-23 22:34 390416 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2015-06-28 12:08 . 2015-03-23 22:34 22800 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2015-06-28 12:07 . 2015-05-05 17:24 4467928 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2015-06-28 12:07 . 2015-04-30 14:39 1316056 ----a-w- c:\windows\system32\RTCOM64.dll
2015-06-28 12:07 . 2015-04-15 16:43 2846424 ----a-w- c:\windows\system32\RltkAPO64.dll
2015-06-28 12:07 . 2015-04-13 17:14 168816 ----a-w- c:\windows\system32\RtkCfg64.dll
2015-06-28 12:07 . 2015-03-19 11:20 2907864 ----a-w- c:\windows\system32\RtPgEx64.dll
2015-06-28 12:07 . 2015-05-05 16:02 1739992 ----a-w- c:\windows\system32\RCoInstII64.dll
2015-06-28 12:07 . 2015-05-05 12:01 1948928 ----a-w- c:\windows\system32\MBAPO264.dll
2015-06-28 12:07 . 2015-05-05 12:01 1716480 ----a-w- c:\windows\SysWow64\MBAPO232.dll
2015-06-28 12:07 . 2015-06-28 12:07 -------- d-----w- c:\programdata\Package Cache
2015-06-28 11:10 . 2015-06-28 10:52 24064 ----a-w- c:\windows\zoek-delete.exe
2015-06-28 11:10 . 2015-06-29 14:26 -------- d-----w- c:\users\Pepa\AppData\Local\Temp
2015-06-27 10:24 . 2015-06-12 07:50 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F89767A-C1C5-434D-85BE-A47F090CAF7B}\mpengine.dll
2015-06-19 07:44 . 2015-06-29 07:37 -------- d-----w- c:\users\Pepa\AppData\Local\CrashDumps
2015-06-19 07:26 . 2015-06-28 10:44 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-06-19 07:26 . 2015-06-19 07:44 -------- d-----w- c:\programdata\RogueKiller
2015-06-10 06:55 . 2015-06-10 06:55 -------- d-----w- c:\users\Pepa\AppData\Roaming\The Creative Assembly
2015-06-09 16:12 . 2015-06-02 16:41 121432 ----a-w- c:\windows\system32\drivers\RapportHades64.sys
2015-06-09 16:02 . 2015-06-09 16:02 -------- d-----w- c:\program files (x86)\Common Files\Canon
2015-06-06 18:04 . 2015-06-06 18:04 -------- d-s---w- c:\windows\SysWow64\GWX
2015-06-06 18:04 . 2015-06-06 18:04 -------- d-s---w- c:\windows\system32\GWX
2015-06-06 16:24 . 2015-05-09 03:27 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-06-05 16:59 . 2014-10-13 05:57 206080 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2015-06-05 16:59 . 2014-10-13 05:57 110336 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-06-05 16:32 . 2015-06-05 16:42 -------- d-----w- c:\program files (x86)\Opera
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-27 10:23 . 2015-02-02 17:34 442264 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-06-10 14:02 . 2014-05-04 15:57 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-02 16:41 . 2015-05-19 17:28 376184 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2015-05-25 18:19 . 2015-06-06 16:26 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-06 16:26 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-06 16:26 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-25 18:01 . 2015-06-06 16:26 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-06 16:26 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-21 15:33 . 2015-05-21 15:33 2843384 ----a-w- c:\windows\system32\ooscrsav.scr
2015-05-21 15:33 . 2015-05-21 15:33 240376 ----a-w- c:\windows\system32\oodbs.exe
2015-05-21 15:33 . 2015-05-21 15:33 543480 ----a-w- c:\windows\system32\oodssrs.dll
2015-05-21 15:33 . 2015-05-21 15:33 10488 ----a-w- c:\windows\system32\oodbsrs.dll
2015-05-20 07:48 . 2015-05-20 07:48 30352 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-05-20 07:43 . 2014-05-03 18:05 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-20 07:43 . 2014-05-03 18:05 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-16 14:37 . 2014-12-13 19:08 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-05-16 14:26 . 2015-04-03 09:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-05-10 14:18 . 2015-05-29 19:53 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-05-10 14:18 . 2015-02-02 17:34 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-05-10 14:18 . 2015-02-02 17:34 272248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-05-10 14:18 . 2015-02-02 17:34 137288 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-05-10 14:18 . 2015-02-02 17:34 89944 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-05-10 14:18 . 2015-02-02 17:34 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-05-10 14:18 . 2015-02-02 17:34 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-05-10 14:18 . 2015-05-10 14:18 43112 ----a-w- c:\windows\avastSS.scr
2015-05-10 14:18 . 2015-02-02 17:34 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-05-01 13:17 . 2015-05-13 08:13 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 08:13 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 07:59 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 03:17 . 2015-05-13 07:59 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 02:56 . 2015-05-13 07:59 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 08:00 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 08:00 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-16 18:02 . 2015-04-16 18:02 40960 ----a-w- c:\windows\SysWow64\nwsftUninstall.exe
2015-04-14 01:33 . 2015-04-14 01:33 1614504 ----a-w- c:\windows\system32\FM20.DLL
2015-04-13 03:28 . 2015-05-13 07:59 328704 ----a-w- c:\windows\system32\services.exe
2015-04-11 03:19 . 2015-05-21 09:26 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-04-08 03:29 . 2015-05-13 07:59 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 07:59 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 07:59 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
2015-06-16 09:31 544952 ----a-w- c:\program files (x86)\MiuiTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-13 16:31 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-03-13 7451928]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2015-02-27 5583120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-12 5515496]
"Live Update"="c:\program files (x86)\MSI\Live Update\Live Update.exe" [2015-06-25 3454632]
"Super Charger"="c:\program files (x86)\MSI\Super Charger\Super Charger.exe" [2015-05-18 1027024]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
O&O Defrag Tray.lnk - c:\windows\Installer\{CD105B98-DB7C-4E12-BB33-A12CBE721AAB}\app_icon.ico [2015-6-28 292878]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:5e2dda45 /wow /dir:C:\Program
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 intelsba;Intel(R) Small Business Advantage;c:\program files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_6;NTIOLib_1_0_6;c:\program files (x86)\Setup Files\Ms7816v380\NTIOLib_X64.sys;c:\program files (x86)\Setup Files\Ms7816v380\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIFrequency_CC;NTIOLib_MSIFrequency_CC;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
R4 Origin Client Service;Origin Client Service;f:\origin\OriginClientService.exe;f:\origin\OriginClientService.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 RapportHades64;RapportHades64;c:\windows\System32\Drivers\RapportHades64.sys;c:\windows\SYSNATIVE\Drivers\RapportHades64.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys;c:\windows\SYSNATIVE\DRIVERS\ndisrd.sys [x]
S1 RapportCerberus_1412112;RapportCerberus_1412112;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 IHProtect Service;IHProtect Service;c:\program files (x86)\MiuiTab\ProtectService.exe;c:\program files (x86)\MiuiTab\ProtectService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KbFilter_Kb_FlexDef3x;HID Keyboard(FlexDef3x) Driver Service;c:\windows\system32\DRIVERS\KbFilter_FlexDef3x.sys;c:\windows\SYSNATIVE\DRIVERS\KbFilter_FlexDef3x.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RapportIaso;RapportIaso;c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys;c:\programdata\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NTIOLIB_FASTBOOT
*NewlyCreated* - RAPPORTIASO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-23 04:06 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-06-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-03 07:43]
.
2015-06-29 c:\windows\Tasks\RtlNetworkGenieVistaStart.job
- c:\program files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2015-02-10 14:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-13 16:35 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-13 16:35 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-13 16:35 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-10 14:18 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2015-04-30 8466136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-25 391128]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-25 771544]
"ISCT Tray"="c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe" [2014-08-25 5860656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-25 770520]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2015-05-21 4465400]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office15\ONBttnIE.dll/105
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 10.106.33.2 10.106.47.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Pepa\AppData\Roaming\Mozilla\Firefox\Profiles\p335shxv.default-1356991751223\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Web Companion - c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG17.00.00.01PROFESSIONAL"="2C7F14A5ED2C3C2DAA7750110C3D849968324FE5782232881B66E9A0968527225444DC25F335AEEC56FC300459556487F49BAD9DF7DBB6240830650A28E57568ED4346D7ABD5EF891F24C2991041A342507B09BE95B8F81B22B849C1A95093F9EAC88BA8F286318BFE9D94C968EE95731C86E06D813A8DD157DB263CE8FBF71BA0F46D7451D6E636D4EDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407A6A0AC4980AC7933A9C6AECB7A5D1407A6171C11EC38DE3D66E5BA74C684478684B4CBBFD4372307FA35B1B410362C9888E1C54DDBD8D18311DD43F519148518B0AB91ACC1964F7465BC1A729BC26F22C44F350874748E78BE9727047010835AF93EA6ADE86C263D372CF9B25A84ACFC4827A0A665FA240C16BD0BCE59736F66B7856B4757B15CDC18A78A72FA0EC22C2E38B5391E413965436CB69C26EE5926460BDE13DE128C26B5C4253EEFABF48516484AE3D24C5CFEF6331847E865B7DA084BA9C1156EB63CC30F49B9EDD86CB1228E545EF8D77DA7E3983F3A79ED62975FB99414D1DB3B98F486191EF0C8B3317936F1F5CBD0EF82C095E079F4D51944383C0D6133226287051C5C3435DFB952C4E0620B4BDB6E07CA97D7183B9A7A1D7BABA4131B3ED42B31B9FC5EBEB7513D35A18811BA4D12FEC17D1F4070708EB09B579226ACE0A276BB370B0D529D336BFB016D8FA0B15D08E79F582F7DBFBD640E01B03051ED3D346766B8C8FA14F929CE7ABB2549C5349706C348B60D23D46EC9DEFB55B7FD7B7F0208DCAB06CF269AEA7EC400C1FC6072E6A9573B11E9055B4D19174FD0DD17C85654736706BA99338DEFFAE45F7E8BB55B8094B5BB98658A185147ED508E2FD637F6993D52721C3EF829772D38A3C84DB56DAD3486E46EB0AE167792B0C3C5C0F90E14840348DAD874747544A7FA0A7C4E0B7AD72EBDFCD419EF34342E6741F4F62C48A9F74163754B9255AACC482ADB8064F0D531BE5452E6D630DB4B14EB320FD942AB5298A8D8CA369BF38A01E255AC7B31F753BD975A25B9C1A84C9B748E21902F1C78B9831EC5096E4A88CFD7A6B646F99A1FC150EFEA7B614E3A81ECF19340642515472FB193271B6731140BE3842C30305F066DE94F71AE90617F4D9A50CB570094174A560F9E901D345F6573838ADD3C24FA407670E4E9C954816D97450A237C2BB0D8A09575E3CE84F7341022B22FD94243FB926E157AEAE8A70ECE63C586FD4E5542FB0BA34C76D9D826C7D4E9753451363D936C33E87336474FF89F3EE4FA38F251A45593259EAF31517F93E8A58FAD607EA1956564FB9AE8B9A27627C48066B0B5AEDFA66F6843622D6BD8DDD73E768023B69546BEACB7C7B5AC62A6D02C1CE703FC98304E081A84161824E749AB118A"
"OODEFRAG18.00.00.01PROFESSIONAL"="05E9743E2BA0F7C61623CD3C2F429B952703532E04BCEBFC990797343987F7F4A0D306741FF511BF5BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14075D575E7D6A3B98088EDD5E5BE2F6E6678EDD5E5BE2F6E6678B084C020B0AAB5E63981F07DC7C99E22F78DAE52E4F9B95FDB31FDFE07E525B4773503B4A007E8FB0209D26A073F0A3AA19641E3F625356D27BD766300BBAEE35F7FD9B15C28C19CAB9814650E0313E59DD45070DC01DFD98785854864DA12FAC2CADC232A10FF16D4EAEDC28B331D1FD210E93681B8B763597FEB2E955F36EDB2D2970FC2CF2F52BCAFA85769EF8E02D40C2D4B464650C64479BAD73775760BF9BAC8CE1B7D7E0E62232FD1D164654D2205A856CD223EE34FBF416CF4C249FAD9CEBA0E55F9358DA4A132B96D50B76AA25C2001961F53307ACC261BF2EE228CCD98DD89C7EAD5F92BB5192EBDAECF6483BDAC35CCFBED094D533289A3ED55D98FCA889B136626370F49360BDE745691050F5F5EA22142667776627C761EE0462B8CD2763EB2431A776F4E13E8222C43B58DCDD0C9EC1715E14713F453FD6C34C427E4C82C8947A4347040AB4F543E45949CB671D50C4572CB3DCF524C3682CCE50B036F7BB0F571D7144F07C4F210A4C1DF2228C865161D6E1A674099F332EB5A14D473C721EC1E680ABD106E262D5C7D376C26054CBFBB9AEBF062FC5FA9E21F5B4055DE48318A60727895343E5D1D66E6DA030915075042D8C9CE1EF37378391369AFE4BB29BB41B941CFBCC3D6657F4643829D8AD853875E6CD8319131526BC9AD3D623D5743DD64631AB1EADE57BF0DAA88A0864412D241BD00902EDB9244699A32E2CC6ABC0D60512A1183081477246B528452DA70DD66A84FA2F5C0B6DFBE120E46D9930153D0BAFAF617352168A8DC8EA747197D6B18AE8786725D2C53596046C2F10556130861CBFE4595396D18C6BCFC350565F5EA3A131B8C3BC45C7CCAACAFEA34F25D89C8DCACF75E347601450E6A01C0C4985D279EA71685BD6130E191B2D803AAE63E05E619392C601D66748D33D5A431359A9DCFEA675A4BA76D9730ACE8715A304E20FA6E72EA36CD73F4E4E13C7EF8A8CAB5CDA3083EF84D521825CBECDBFFC6F9D42D0C6F9860709477CA45CCFE451D5D4ACFE2BDD7D1D1BC937E5199A83875E06BEACEC5BDD23169F1335979859DEF10F2702F604EB3F33AE21923EEA096410036E985EEA7D662D5C757587F5EA7E213DC80C3729C2F90D9CF6DF54705E8644EF6208DFF61DCA8084ACECB57399CEA5B3B1DA5435EA321F5792DFC30E7738C21A4B827C81D71E4616E3B76A4FC942473BA8BEFBC3319FE013713A3BDCA99654C68022823F2E80BA7FEA86B7FBC41F5312141F9BA3474ECF7BB5A7A929"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\MiuiTab\cmdshell.exe
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Trusteer\Rapport\bin\RapportService.exe
c:\program files (x86)\MSI\Fast Boot\FastBoot.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-06-29 16:33:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-06-29 14:33
.
Před spuštěním: Volných bajtů: 122 498 932 736
Po spuštění: Volných bajtů: 125 995 794 432
.
- - End Of File - - 469CD5A370FA1E8826C86F15841238F4
A36C5E4F47E84449FF07ED3517B43A31