Pomalý start

Příspěvekod **jaro3** » 04 led 2016 16:31

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Reklama

masterbill · Příspěvekod **masterbill** » 04 led 2016 16:31

# AdwCleaner v5.025 - Logfile created 20/12/2015 at 09:28:56
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Local]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Pepa - PEPA-PC
# Running from : C:\Users\Pepa\Desktop\adwcleaner_5.025.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\PANDORA.TV
[-] Folder Deleted : C:\Users\Pepa\AppData\Local\slimware utilities inc

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2235 bytes] ##########

masterbill · Příspěvekod **masterbill** » 04 led 2016 16:47

ComboFix 16-01-01.01 - Pepa 04.01.2016 16:35:50.3.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2717 [GMT 1:00]
Spuštěný z: c:\users\Pepa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-04 do 2016-01-04 )))))))))))))))))))))))))))))))
.
.
2016-01-04 15:42 . 2016-01-04 15:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-04 15:31 . 2016-01-04 15:31 -------- d-----w- c:\users\Pepa\AppData\Local\ASUS
2016-01-04 11:50 . 2016-01-04 11:50 -------- d-----w- c:\users\Pepa\AppData\Local\Apple
2016-01-04 10:24 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-01-04 10:24 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2015-12-24 09:32 . 2015-12-24 09:32 -------- d-----w- c:\program files (x86)\Intel
2015-12-24 09:32 . 2000-01-01 00:00 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2015-12-24 09:31 . 2015-12-24 09:31 -------- d-----w- c:\programdata\SlimWare Utilities, Inc
2015-12-24 09:27 . 2015-12-24 09:27 -------- d-----w- c:\users\Pepa\AppData\Local\SlimWare Utilities Inc
2015-12-24 09:18 . 2015-10-13 19:00 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2015-12-24 06:38 . 2016-01-04 15:42 -------- d-----w- c:\users\Pepa\AppData\Local\Temp
2015-12-24 06:38 . 2015-12-24 06:16 24064 ----a-w- c:\windows\zoek-delete.exe
2015-12-24 06:16 . 2015-12-24 06:34 -------- d-----w- C:\zoek_backup
2015-12-19 15:09 . 2015-12-19 15:10 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-12-19 13:26 . 2015-12-19 13:26 -------- d-----w- c:\program files (x86)\SlimDrivers
2015-12-19 09:42 . 2015-12-19 09:42 386096 ----a-w- c:\windows\system32\aswBoot.exe
2015-12-19 09:42 . 2015-12-19 09:42 43112 ----a-w- c:\windows\avastSS.scr
2015-12-19 09:18 . 2015-12-24 09:00 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-19 09:18 . 2015-12-19 09:35 -------- d-----w- c:\programdata\RogueKiller
2015-12-19 09:15 . 2015-12-20 08:28 -------- d-----w- C:\AdwCleaner
2015-12-19 08:27 . 2015-12-19 08:40 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-19 08:26 . 2015-12-19 08:26 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-19 08:26 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-19 08:26 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-13 19:26 . 2015-12-13 19:26 -------- d-----w- c:\program files\Common Files\AV
2015-12-13 19:26 . 2015-12-13 19:26 -------- d-----w- c:\program files (x86)\Common Files\AV
2015-12-10 17:02 . 2015-10-08 23:22 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-12-10 17:00 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-10 17:00 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-04 11:58 . 2013-01-21 20:23 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-04 11:58 . 2013-01-21 20:23 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-19 09:43 . 2013-04-26 15:57 451040 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-12-19 09:43 . 2013-04-26 15:57 97648 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-12-19 09:42 . 2014-05-31 13:38 155304 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-12-19 09:42 . 2013-04-26 15:57 273784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-12-19 09:42 . 2013-04-26 15:57 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-12-19 09:42 . 2014-05-31 13:38 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-12-19 09:42 . 2013-04-26 15:57 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-12-19 09:42 . 2013-04-26 15:57 1055560 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-12-11 17:04 . 2012-01-04 13:29 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-12 08:13 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-12 08:13 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-12 08:13 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-12 08:13 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-12 08:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-12 08:13 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-12 08:13 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-12 08:13 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-12 08:13 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-12 08:13 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-12 08:13 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-12 08:13 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-12 08:13 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-12 08:13 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-12 08:13 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-12 08:13 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:12 . 2015-11-12 08:14 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-12 08:14 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 01:12 . 2015-11-12 08:14 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:09 . 2015-11-12 08:14 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 01:06 . 2015-11-12 08:14 243712 ----a-w- c:\windows\system32\wow64.dll
2015-10-20 01:06 . 2015-11-12 08:14 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-10-20 01:06 . 2015-11-12 08:14 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-20 01:06 . 2015-11-12 08:14 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-10-20 01:05 . 2015-11-12 08:14 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-10-20 01:05 . 2015-11-12 08:14 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-20 01:05 . 2015-11-12 08:14 503808 ----a-w- c:\windows\system32\srcore.dll
2015-10-20 01:05 . 2015-11-12 08:14 50176 ----a-w- c:\windows\system32\srclient.dll
2015-10-20 01:05 . 2015-11-12 08:14 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-10-20 01:05 . 2015-11-12 08:14 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-10-20 01:05 . 2015-11-12 08:14 28160 ----a-w- c:\windows\system32\secur32.dll
2015-10-20 01:05 . 2015-11-12 08:14 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 01:05 . 2015-11-12 08:14 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-20 01:05 . 2015-11-12 08:14 312320 ----a-w- c:\windows\system32\ncrypt.dll
2015-10-20 01:05 . 2015-11-12 08:14 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-10-20 01:05 . 2015-11-12 08:14 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-20 01:05 . 2015-11-12 08:14 729600 ----a-w- c:\windows\system32\kerberos.dll
2015-10-20 01:05 . 2015-11-12 08:14 1164800 ----a-w- c:\windows\system32\kernel32.dll
2015-10-20 01:05 . 2015-11-12 08:14 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-10-20 01:05 . 2015-11-12 08:14 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-20 01:05 . 2015-11-12 08:14 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-10-20 01:05 . 2015-11-12 08:14 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-20 01:05 . 2015-11-12 08:14 22016 ----a-w- c:\windows\system32\credssp.dll
2015-10-20 01:05 . 2015-11-12 08:14 112640 ----a-w- c:\windows\system32\smss.exe
2015-10-20 01:05 . 2015-11-12 08:14 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-10-20 01:04 . 2015-11-12 08:14 31232 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 01:04 . 2015-11-12 08:14 338432 ----a-w- c:\windows\system32\conhost.exe
2015-10-20 01:04 . 2015-11-12 08:14 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 01:00 . 2015-11-12 08:14 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:59 . 2015-11-12 08:14 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:53 . 2015-11-12 08:14 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-20 00:52 . 2015-11-12 08:14 3935680 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:52 . 2015-11-12 08:14 3991488 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:48 . 2015-11-12 08:14 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-10-20 00:45 . 2015-11-12 08:14 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-10-20 00:45 . 2015-11-12 08:14 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-10-20 00:45 . 2015-11-12 08:14 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-10-20 00:45 . 2015-11-12 08:14 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:14 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-10-20 00:45 . 2015-11-12 08:14 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"ATKOSD2"="c:\program files (x86)\asus\atkosd2\atkosd2.exe" [2009-08-17 6859392]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-12-19 7021880]
.
c:\users\Pepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Pepa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-19 08:11 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-21 11:58]
.
2015-12-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3093074458-2507233680-1440018403-1000Core.job
- c:\users\Pepa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-25 07:14]
.
2016-01-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3093074458-2507233680-1440018403-1000UA.job
- c:\users\Pepa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-25 07:14]
.
2016-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 16:03]
.
2016-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 16:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-12-19 09:42 873304 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-31 323072]
"RtHDVCpl"="c:\program files\realtek\audio\hda\ravcpl64.exe" [2009-09-16 8114720]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.3.0.1 10.1.0.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2016-01-04 16:46:22
ComboFix-quarantined-files.txt 2016-01-04 15:46
.
Před spuštěním: Volných bajtů: 31 524 077 568
Po spuštění: Volných bajtů: 36 640 862 208
.
- - End Of File - - D8A56899AD283AC19473917A0E0D34AA
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 05 led 2016 09:49

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3093074458-2507233680-1440018403-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3093074458-2507233680-1440018403-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\users\Pepa\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

masterbill · Příspěvekod **masterbill** » 05 led 2016 12:53

ComboFix 16-01-01.01 - Pepa 05.01.2016 10:44:56.4.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2452 [GMT 1:00]
Spuštěný z: c:\users\Pepa\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pepa\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3093074458-2507233680-1440018403-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3093074458-2507233680-1440018403-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.29.1\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.29.1\goopdate.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.29.1\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.29.1\psmachine.dll
c:\program files (x86)\Google\Update\1.3.29.1\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.29.1\psuser.dll
c:\program files (x86)\Google\Update\1.3.29.1\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.106\47.0.2526.106_47.0.2526.80_chrome_updater_3stage.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\users\Pepa\AppData\Local\Facebook\Update
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Pepa\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Pepa\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-12-05 do 2016-01-05 )))))))))))))))))))))))))))))))
.
.
2016-01-05 09:53 . 2016-01-05 09:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-01-05 09:53 . 2016-01-05 09:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-04 15:31 . 2016-01-04 15:31 -------- d-----w- c:\users\Pepa\AppData\Local\ASUS
2016-01-04 11:50 . 2016-01-04 11:50 -------- d-----w- c:\users\Pepa\AppData\Local\Apple
2016-01-04 10:24 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-01-04 10:24 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2015-12-24 09:32 . 2015-12-24 09:32 -------- d-----w- c:\program files (x86)\Intel
2015-12-24 09:32 . 2000-01-01 00:00 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2015-12-24 09:31 . 2015-12-24 09:31 -------- d-----w- c:\programdata\SlimWare Utilities, Inc
2015-12-24 09:27 . 2015-12-24 09:27 -------- d-----w- c:\users\Pepa\AppData\Local\SlimWare Utilities Inc
2015-12-24 09:18 . 2015-10-13 19:00 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2015-12-24 06:38 . 2016-01-05 10:02 -------- d-----w- c:\users\Pepa\AppData\Local\Temp
2015-12-24 06:38 . 2015-12-24 06:16 24064 ----a-w- c:\windows\zoek-delete.exe
2015-12-24 06:16 . 2015-12-24 06:34 -------- d-----w- C:\zoek_backup
2015-12-19 15:09 . 2015-12-19 15:10 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2015-12-19 13:26 . 2015-12-19 13:26 -------- d-----w- c:\program files (x86)\SlimDrivers
2015-12-19 09:42 . 2015-12-19 09:42 386096 ----a-w- c:\windows\system32\aswBoot.exe
2015-12-19 09:42 . 2015-12-19 09:42 43112 ----a-w- c:\windows\avastSS.scr
2015-12-19 09:18 . 2015-12-24 09:00 36608 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-12-19 09:18 . 2015-12-19 09:35 -------- d-----w- c:\programdata\RogueKiller
2015-12-19 09:15 . 2015-12-20 08:28 -------- d-----w- C:\AdwCleaner
2015-12-19 08:27 . 2015-12-19 08:40 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-12-19 08:26 . 2015-12-19 08:26 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-12-19 08:26 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-12-19 08:26 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-12-13 19:26 . 2015-12-13 19:26 -------- d-----w- c:\program files\Common Files\AV
2015-12-13 19:26 . 2015-12-13 19:26 -------- d-----w- c:\program files (x86)\Common Files\AV
2015-12-10 17:02 . 2015-10-08 23:22 69120 ----a-w- c:\windows\system32\nlsbres.dll
2015-12-10 17:00 . 2015-11-03 19:04 241664 ----a-w- c:\windows\system32\els.dll
2015-12-10 17:00 . 2015-11-03 18:55 179712 ----a-w- c:\windows\SysWow64\els.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-04 11:58 . 2013-01-21 20:23 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-04 11:58 . 2013-01-21 20:23 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-19 09:43 . 2013-04-26 15:57 451040 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-12-19 09:43 . 2013-04-26 15:57 97648 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2015-12-19 09:42 . 2014-05-31 13:38 155304 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-12-19 09:42 . 2013-04-26 15:57 273784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-12-19 09:42 . 2013-04-26 15:57 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-12-19 09:42 . 2014-05-31 13:38 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-12-19 09:42 . 2013-04-26 15:57 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-12-19 09:42 . 2013-04-26 15:57 1055560 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-12-11 17:04 . 2012-01-04 13:29 140158008 ----a-w- c:\windows\system32\MRT.exe
2015-10-29 17:50 . 2015-11-12 08:13 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-10-29 17:50 . 2015-11-12 08:13 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-10-29 17:50 . 2015-11-12 08:13 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-12 08:13 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-12 08:13 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-12 08:13 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-10-29 17:50 . 2015-11-12 08:13 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:50 . 2015-11-12 08:13 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-10-29 17:50 . 2015-11-12 08:13 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-10-29 17:49 . 2015-11-12 08:13 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-10-29 17:49 . 2015-11-12 08:13 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-12 08:13 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-12 08:13 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-12 08:13 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:49 . 2015-11-12 08:13 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-10-29 17:39 . 2015-11-12 08:13 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2015-10-20 01:12 . 2015-11-12 08:14 5570496 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-10-20 01:12 . 2015-11-12 08:14 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2015-10-20 01:12 . 2015-11-12 08:14 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-10-20 01:09 . 2015-11-12 08:14 1730496 ----a-w- c:\windows\system32\ntdll.dll
2015-10-20 01:06 . 2015-11-12 08:14 243712 ----a-w- c:\windows\system32\wow64.dll
2015-10-20 01:06 . 2015-11-12 08:14 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-10-20 01:06 . 2015-11-12 08:14 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-10-20 01:06 . 2015-11-12 08:14 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-10-20 01:05 . 2015-11-12 08:14 210944 ----a-w- c:\windows\system32\wdigest.dll
2015-10-20 01:05 . 2015-11-12 08:14 86528 ----a-w- c:\windows\system32\TSpkg.dll
2015-10-20 01:05 . 2015-11-12 08:14 503808 ----a-w- c:\windows\system32\srcore.dll
2015-10-20 01:05 . 2015-11-12 08:14 50176 ----a-w- c:\windows\system32\srclient.dll
2015-10-20 01:05 . 2015-11-12 08:14 29184 ----a-w- c:\windows\system32\sspisrv.dll
2015-10-20 01:05 . 2015-11-12 08:14 136192 ----a-w- c:\windows\system32\sspicli.dll
2015-10-20 01:05 . 2015-11-12 08:14 28160 ----a-w- c:\windows\system32\secur32.dll
2015-10-20 01:05 . 2015-11-12 08:14 344064 ----a-w- c:\windows\system32\schannel.dll
2015-10-20 01:05 . 2015-11-12 08:14 1216512 ----a-w- c:\windows\system32\rpcrt4.dll
2015-10-20 01:05 . 2015-11-12 08:14 312320 ----a-w- c:\windows\system32\ncrypt.dll
2015-10-20 01:05 . 2015-11-12 08:14 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-10-20 01:05 . 2015-11-12 08:14 315392 ----a-w- c:\windows\system32\msv1_0.dll
2015-10-20 01:05 . 2015-11-12 08:14 729600 ----a-w- c:\windows\system32\kerberos.dll
2015-10-20 01:05 . 2015-11-12 08:14 1164800 ----a-w- c:\windows\system32\kernel32.dll
2015-10-20 01:05 . 2015-11-12 08:14 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-10-20 01:05 . 2015-11-12 08:14 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-10-20 01:05 . 2015-11-12 08:14 44032 ----a-w- c:\windows\system32\cryptbase.dll
2015-10-20 01:05 . 2015-11-12 08:14 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-10-20 01:05 . 2015-11-12 08:14 22016 ----a-w- c:\windows\system32\credssp.dll
2015-10-20 01:05 . 2015-11-12 08:14 112640 ----a-w- c:\windows\system32\smss.exe
2015-10-20 01:05 . 2015-11-12 08:14 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-10-20 01:04 . 2015-11-12 08:14 31232 ----a-w- c:\windows\system32\lsass.exe
2015-10-20 01:04 . 2015-11-12 08:14 338432 ----a-w- c:\windows\system32\conhost.exe
2015-10-20 01:04 . 2015-11-12 08:14 64000 ----a-w- c:\windows\system32\auditpol.exe
2015-10-20 01:00 . 2015-11-12 08:14 60416 ----a-w- c:\windows\system32\msobjs.dll
2015-10-20 00:59 . 2015-11-12 08:14 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-10-20 00:53 . 2015-11-12 08:14 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-10-20 00:53 . 2015-11-12 08:14 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-20 00:53 . 2015-11-12 08:14 686080 ----a-w- c:\windows\system32\adtschema.dll
2015-10-20 00:52 . 2015-11-12 08:14 3935680 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-10-20 00:52 . 2015-11-12 08:14 3991488 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-10-20 00:48 . 2015-11-12 08:14 1311768 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-10-20 00:45 . 2015-11-12 08:14 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-10-20 00:45 . 2015-11-12 08:14 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-10-20 00:45 . 2015-11-12 08:14 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-10-20 00:45 . 2015-11-12 08:14 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2015-10-20 00:45 . 2015-11-12 08:14 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-10-20 00:45 . 2015-11-12 08:14 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Pepa\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-19 170624]
"ATKOSD2"="c:\program files (x86)\asus\atkosd2\atkosd2.exe" [2009-08-17 6859392]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-12-19 7021880]
.
c:\users\Pepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\Pepa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe [2013-3-7 248240]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys;c:\windows\SYSNATIVE\Drivers\ATSwpWDF.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-19 08:11 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-21 11:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-12-19 09:42 873304 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-07-31 323072]
"RtHDVCpl"="c:\program files\realtek\audio\hda\ravcpl64.exe" [2009-09-16 8114720]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.3.0.1 10.1.0.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Live Update\ALU.exe
c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\NB Probe\SPM\spmgr.exe
.
**************************************************************************
.
Celkový čas: 2016-01-05 11:08:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-01-05 10:08
ComboFix2.txt 2016-01-04 15:46
.
Před spuštěním: Volných bajtů: 36 072 878 080
Po spuštění: Volných bajtů: 35 795 415 040
.
- - End Of File - - CC508C8B90D36A773D5110E4910C4FAD
A36C5E4F47E84449FF07ED3517B43A31

masterbill · Příspěvekod **masterbill** » 05 led 2016 12:54

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:36:53, on 5.1.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

Boot mode: Normal

Running processes:
C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Users\Pepa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Pepa\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] c:\program files (x86)\asus\atkosd2\atkosd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Startup: Facebook Messenger.lnk = Pepa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7265 bytes

masterbill · Příspěvekod **masterbill** » 05 led 2016 12:54

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-01-05 12:37:45
-----------------------------
12:37:45.783 OS Version: Windows x64 6.1.7601 Service Pack 1
12:37:45.783 Number of processors: 2 586 0x1706
12:37:45.783 ComputerName: PEPA-PC UserName: Pepa
12:37:47.109 Initialize success
12:37:47.109 VM: initialized successfully
12:37:47.109 VM: Intel CPU supported virtualized
12:37:49.120 VM: not used
12:37:50.790 AVAST engine defs: 16010500
12:37:58.044 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:37:58.044 Disk 0 Vendor: Hitachi_ FB4O Size: 305245MB BusType: 3
12:37:58.184 Disk 0 MBR read successfully
12:37:58.184 Disk 0 MBR scan
12:37:58.184 Disk 0 Windows 7 default MBR code
12:37:58.200 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 10001 MB offset 63
12:37:58.215 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 20482875
12:37:58.215 Disk 0 Boot: NTFS code=2
12:37:58.215 Disk 0 Partition - 00 0F Extended LBA 142623 MB offset 333043515
12:37:58.247 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 142623 MB offset 333043578
12:37:58.340 Disk 0 scanning C:\Windows\system32\drivers
12:38:08.215 Service scanning
12:38:36.108 Modules scanning
12:38:36.108 Disk 0 trace - called modules:
12:38:36.139 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
12:38:36.155 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c9b060]
12:38:36.155 3 CLASSPNP.SYS[fffff88001ae143f] -> nt!IofCallDriver -> [0xfffffa800467c570]
12:38:36.170 5 ACPI.sys[fffff88000f727a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004727050]
12:38:36.560 AVAST engine scan C:\Windows
12:38:38.760 AVAST engine scan C:\Windows\system32
12:42:11.125 AVAST engine scan C:\Windows\system32\drivers
12:42:36.959 AVAST engine scan C:\Users\Pepa
12:45:15.190 AVAST engine scan C:\ProgramData
12:46:48.275 Disk 0 statistics 3739822/0/0 @ 4,58 MB/s
12:46:48.275 Scan finished successfully
12:52:10.665 Disk 0 MBR has been saved successfully to "C:\Users\Pepa\Desktop\MBR.dat"
12:52:10.681 The log file has been saved successfully to "C:\Users\Pepa\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 05 led 2016 16:48

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

Co problémy?

masterbill · Příspěvekod **masterbill** » 05 led 2016 17:54

načítání webu OK

OT je normální že když startuje windows 7 tak je tam loading obrazovka Windows poté skočí černá obrazovka, kde se točí myš a až poté se objeví přihlašování?

Příspěvekod **Orcus** » 05 led 2016 22:45

Může to tak chvíli být, než se načte vše potřebné.

Pokud nejsou problémy, označ téma zelenou fajfkou jako vyřešené.

Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Re: Pomalý start

Kdo je online