Viry v ntb? Případná kontrola.

[Scanner]

Ten Zoeg mi trval hodinu ale žádná chyba nenastala. Posílám ti log, udělám ten HJT a pustím se na ten WhoCrashed.


Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by sony on Łt 20.09.2016 at 18:36:21,72.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sony\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20.9.2016 18:37:55 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\BlueStacksSetup deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\sony\AppData\Roaming\WinRAR deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\w3t4t5vz.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz");

Added to C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\w3t4t5vz.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
C:\Users\sony\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\sony\AppData\Local\Unity deleted
C:\Users\sony\AppData\LocalLow\Unity deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\w3t4t5vz.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [23.08.2016 20:19]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [23.08.2016 20:19]

==== Firefox Extensions ======================

ProfilePath: C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\w3t4t5vz.default
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\sony\AppData\Roaming\Mozilla\Firefox\Profiles\w3t4t5vz.default
1857C271CF579A99216E837E26CFD0C8 - c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll - Silverlight Plug-In
EA1B79C408E27EA6DA783DEE76F03652 - c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

Bob Marley - sony\AppData\Local\Google\Chrome\User Data\Default\Extensions\alpnhingmddeadgmgjbfefmaanaeifak
Chrome Media Router - sony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Startpages ======================

C:\Users\sony\AppData\Roaming\Opera Software\Opera Stable\Preferences
"startup_urls": [ "http://google.com/" ],


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\sony\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\sony\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sony\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\sony\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\sony\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=56 folders=56 50210999 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\sony\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\sony\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 20.09.2016 at 19:32:52,92 ======================

[Reklama]

[Scanner]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:44:14, on 20.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\sony\Desktop\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6314 bytes

[Scanner]

Nemohl jsem nikde ten report najít, tak jsem zkopíroval úvod toho programu. Mělo by to být ono.

System Information (local)
--------------------------------------------------------------------------------

Computer name: SONY-PC
Windows version: Windows 7 Service Pack 1, 6.1, build: 7601
Windows dir: C:\Windows
Hardware: VGN-CS21S_P, Sony Corporation, VAIO
CPU: GenuineIntel Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 4291796992 bytes total




--------------------------------------------------------------------------------
Crash Dump Analysis
--------------------------------------------------------------------------------

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Tue 20.9.2016 16:20:53 GMT your computer crashed
crash dump file: C:\Windows\Minidump\092016-24897-01.dmp
This was probably caused by the following module: rimssn64.sys (0xFFFFF88001ADC4B0)
Bugcheck code: 0x50 (0xFFFFFA800F257E60, 0x1, 0xFFFFF88001ADC4B0, 0x2)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\drivers\rimssn64.sys
product: Ricoh Memorystick Controller
company: REDC
description: RICOH MS Driver
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: rimssn64.sys (RICOH MS Driver, REDC).
Google query: REDC PAGE_FAULT_IN_NONPAGED_AREA



On Tue 20.9.2016 16:20:53 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: rimssn64.sys (rimssn64+0x124B0)
Bugcheck code: 0x50 (0xFFFFFA800F257E60, 0x1, 0xFFFFF88001ADC4B0, 0x2)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\drivers\rimssn64.sys
product: Ricoh Memorystick Controller
company: REDC
description: RICOH MS Driver
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: rimssn64.sys (RICOH MS Driver, REDC).
Google query: REDC PAGE_FAULT_IN_NONPAGED_AREA



On Tue 20.9.2016 15:57:41 GMT your computer crashed
crash dump file: C:\Windows\Minidump\092016-23290-01.dmp
This was probably caused by the following module: rimssn64.sys (0xFFFFF88004A704B0)
Bugcheck code: 0x50 (0xFFFFFA8015D245D0, 0x1, 0xFFFFF88004A704B0, 0x2)
Error: PAGE_FAULT_IN_NONPAGED_AREA
file path: C:\Windows\system32\drivers\rimssn64.sys
product: Ricoh Memorystick Controller
company: REDC
description: RICOH MS Driver
Bug check description: This indicates that invalid system memory has been referenced.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: rimssn64.sys (RICOH MS Driver, REDC).
Google query: REDC PAGE_FAULT_IN_NONPAGED_AREA





--------------------------------------------------------------------------------
Conclusion
--------------------------------------------------------------------------------

3 crash dumps have been found and analyzed. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

rimssn64.sys (RICOH MS Driver, REDC)

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')


file path: C:\Windows\system32\drivers\rimssn64.sys
product: Ricoh Memorystick Controller
company: REDC
description: RICOH MS Driver

zkus tohle:
http://support.lenovo.com/cz/cs/product ... s/DS014960


+
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Scanner]

Fixnul jsem to nainstaloval jsem ten Media Card Reader Driver který mi vytvořil zřejmě instalačku na C:\SWTOOLS a nainstaloval se do systému. Po restartu jsem udělal ten CF a přikládám log. Můžu odstranit tu instalaci toho MCRD? Díky

ComboFix 16-09-14.01 - sony 21.09.2016 18:07:00.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4093.2815 [GMT 2:00]
Spuštěný z: c:\users\sony\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-08-21 do 2016-09-21 )))))))))))))))))))))))))))))))
.
.
2016-09-21 16:16 . 2016-09-21 16:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-21 15:56 . 2016-09-21 15:56 -------- d-----w- c:\program files (x86)\Ricoh
2016-09-21 15:55 . 2016-09-21 15:55 -------- d-----w- C:\SWTOOLS
2016-09-21 10:44 . 2016-08-05 15:30 2048 ----a-w- c:\windows\system32\tzres.dll
2016-09-21 10:44 . 2016-08-05 15:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-09-20 17:51 . 2016-09-20 17:51 -------- d-----w- c:\users\sony\AppData\Local\CrashDumps
2016-09-20 17:50 . 2016-09-21 16:00 -------- d-----w- c:\program files\WhoCrashed
2016-09-20 17:33 . 2016-09-20 17:33 -------- d-----w- c:\users\sony\AppData\Roaming\ProductData
2016-09-20 17:30 . 2016-09-20 16:36 24064 ----a-w- c:\windows\zoek-delete.exe
2016-09-20 17:30 . 2016-09-21 16:16 -------- d-----w- c:\users\sony\AppData\Local\Temp
2016-09-20 17:30 . 2016-09-20 17:30 -------- d-----w- c:\programdata\ProductData
2016-09-20 16:36 . 2016-09-20 17:24 -------- d-----w- C:\zoek_backup
2016-09-18 10:37 . 2016-09-20 16:00 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-09-18 10:36 . 2016-09-18 10:36 -------- d-----w- c:\programdata\RogueKiller
2016-09-17 18:35 . 2016-09-17 18:35 -------- d-----w- c:\users\sony\AppData\Local\CEF
2016-09-17 18:26 . 2016-09-18 10:26 -------- d-----w- C:\AdwCleaner
2016-09-17 01:19 . 2016-09-17 01:19 -------- d-----w- c:\users\sony\AppData\Roaming\Steam
2016-09-17 00:46 . 2016-09-17 01:10 -------- d-----w- c:\program files (x86)\Life is Strange
2016-09-16 23:05 . 2016-09-16 23:05 -------- d-----w- c:\windows\system32\config\systemprofile\.oracle_jre_usage
2016-09-16 20:44 . 2016-09-16 20:44 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-09-16 20:43 . 2016-09-16 20:43 -------- d-----w- c:\users\sony\.oracle_jre_usage
2016-09-16 20:43 . 2016-09-16 20:42 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-09-16 20:42 . 2016-09-16 20:42 -------- d-----w- c:\programdata\Oracle
2016-09-16 20:41 . 2016-09-16 20:41 -------- d-----w- c:\program files\Java
2016-09-16 20:32 . 2016-09-02 11:13 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-09-16 20:32 . 2016-09-02 11:13 1841088 ----a-w- c:\windows\system32\nvspcap64.dll
2016-09-16 20:32 . 2016-09-02 11:13 1448384 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-09-16 20:32 . 2016-09-02 11:13 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-09-16 20:32 . 2016-09-02 11:13 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-09-16 20:31 . 2016-09-02 11:03 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2016-09-16 20:31 . 2016-09-02 11:13 94144 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-09-16 20:31 . 2016-09-02 11:13 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-09-16 20:31 . 2016-09-02 11:13 104384 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-09-16 19:55 . 2016-09-16 19:55 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-09-16 19:40 . 2016-09-16 19:40 -------- d-----w- c:\windows\system32\DAX2
2016-09-16 19:34 . 2016-09-16 19:34 999864 ----a-w- c:\windows\system32\MaxxVoiceAPO2064.dll
2016-09-16 19:32 . 2016-09-16 19:32 600280 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2016-09-16 19:32 . 2016-09-16 19:32 172760 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2016-09-16 19:23 . 2016-09-16 19:35 15202040 ----a-w- c:\windows\system32\YamahaAE3.dll
2016-09-16 19:23 . 2016-09-16 19:35 3299824 ----a-w- c:\windows\system32\YamahaAE2.dll
2016-09-16 19:20 . 2016-09-16 19:20 86528 ----a-w- c:\windows\system32\drivers\rimssn64.sys
2016-09-16 19:20 . 2016-09-16 19:20 626688 ----a-w- c:\windows\snymsico.dll
2016-09-16 19:12 . 2016-09-16 19:12 -------- d-----w- c:\users\sony\AppData\Local\ElevatedDiagnostics
2016-09-16 18:18 . 2016-09-16 18:18 -------- d-----w- c:\windows\IObit
2016-09-16 18:18 . 2016-09-16 18:18 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-09-16 17:55 . 2016-09-16 17:55 -------- d-----w- c:\users\sony\AppData\Roaming\Apple Computer
2016-09-16 17:50 . 2016-09-16 20:19 -------- d-----w- c:\program files (x86)\Common Files\IObit
2016-09-16 17:49 . 2016-09-18 10:32 -------- d-----w- c:\users\sony\AppData\Roaming\IObit
2016-09-16 17:49 . 2016-09-19 15:41 -------- d-----w- c:\program files (x86)\IObit
2016-09-16 17:49 . 2016-09-18 10:16 -------- d-----w- c:\programdata\IObit
2016-09-16 17:40 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-09-16 17:33 . 2016-09-16 17:33 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2016-09-16 16:33 . 2016-09-16 16:33 -------- d-----w- c:\users\sony\AppData\Local\Opera Software
2016-09-16 16:33 . 2016-09-16 16:33 -------- d-----w- c:\users\sony\AppData\Roaming\Opera Software
2016-09-16 16:31 . 2016-09-16 16:33 -------- d-----w- c:\program files (x86)\Opera
2016-09-16 08:04 . 2016-09-16 08:04 -------- d-----w- c:\programdata\Steam
2016-09-16 07:53 . 2016-09-16 08:04 -------- d-----w- c:\program files (x86)\Outlast + DLC Whistleblower
2016-09-15 16:57 . 2016-09-15 16:57 -------- d-----w- c:\program files\Speccy
2016-09-15 16:02 . 2016-09-15 16:02 -------- d-----w- c:\users\sony\AppData\Roaming\Disney Interactive Studios
2016-09-15 13:25 . 2016-09-15 13:25 868848 ----a-w- c:\windows\system32\drivers\sptd.sys
2016-09-15 13:24 . 2016-09-15 13:24 -------- d-----w- c:\users\sony\AppData\Roaming\DAEMON Tools
2016-09-15 07:57 . 2016-08-16 17:36 1009152 ----a-w- c:\windows\system32\user32.dll
2016-09-15 07:57 . 2016-08-16 02:48 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-09-15 07:57 . 2016-08-16 02:35 3218432 ----a-w- c:\windows\system32\win32k.sys
2016-09-15 07:57 . 2016-08-06 15:31 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-09-15 07:57 . 2016-08-06 15:15 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-09-13 17:45 . 2016-09-13 17:45 -------- d-----w- c:\users\sony\AppData\Local\Electronic Arts
2016-09-13 17:30 . 2016-09-13 17:30 -------- d-----w- c:\program files (x86)\Electronic Arts
2016-09-12 19:19 . 2016-09-12 19:19 -------- d-----w- c:\users\sony\AppData\Local\SKIDROW
2016-09-12 18:40 . 2016-09-12 18:40 -------- d-----w- c:\program files (x86)\2K Games
2016-09-12 18:36 . 2016-09-17 00:19 -------- d-----w- C:\QuadcoreM2
2016-09-12 18:36 . 2016-09-12 18:40 -------- d-----w- c:\programdata\regid.1995-09.com.example
2016-09-12 18:33 . 2016-09-12 18:44 -------- d-----w- C:\Kazrog LLC
2016-09-12 18:31 . 2016-09-12 18:45 -------- d-----w- c:\users\sony\AppData\Roaming\Quadcore
2016-09-12 15:56 . 2016-09-17 18:46 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-12 15:55 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-09-12 15:55 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-09-12 15:55 . 2016-09-12 15:55 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-09-12 15:55 . 2016-09-12 15:55 -------- d-----w- c:\programdata\Malwarebytes
2016-09-12 15:55 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-09-07 14:24 . 2016-09-07 20:17 12464 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS
2016-09-06 15:01 . 2016-09-12 06:44 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2016-09-05 13:24 . 2016-09-05 13:24 -------- d-----w- c:\programdata\FLEXnet
2016-09-05 12:57 . 2016-09-05 12:57 -------- d-----w- c:\windows\SysWow64\spool
2016-09-04 17:23 . 2012-07-06 10:12 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2016-09-04 17:20 . 2016-09-17 10:25 -------- d-----w- c:\users\sony\AppData\Local\Nvidia Corporation
2016-09-04 14:02 . 2007-10-12 13:14 2006552 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2016-09-04 14:01 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2016-09-04 13:46 . 2016-09-04 17:26 -------- d-----w- c:\users\sony\AppData\Roaming\vlc
2016-09-04 10:15 . 2016-09-04 13:44 -------- d-----w- c:\program files (x86)\VideoLAN
2016-08-31 12:32 . 2016-08-31 12:32 -------- d-----w- c:\programdata\SplitMediaLabs
2016-08-31 12:32 . 2016-08-31 12:32 -------- d-----w- c:\program files (x86)\SplitmediaLabs
2016-08-31 12:26 . 2016-08-31 12:26 -------- d-----w- c:\users\sony\AppData\Roaming\SplitmediaLabs
2016-08-28 07:34 . 2016-08-28 07:35 -------- d-----w- c:\program files\CCleaner
2016-08-27 21:51 . 2016-08-27 21:51 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2016-08-27 21:05 . 2016-09-16 15:18 -------- d-----w- c:\program files (x86)\The Sims 4
2016-08-27 16:36 . 2016-09-16 16:37 -------- d-----w- c:\program files (x86)\Google
2016-08-27 16:36 . 2016-08-27 21:21 -------- d-----w- c:\users\sony\AppData\Local\Google
2016-08-27 14:59 . 2016-09-16 20:00 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-08-27 14:59 . 2016-09-16 20:00 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-08-27 14:59 . 2016-09-16 20:00 -------- d-----w- c:\windows\system32\Macromed
2016-08-27 00:34 . 2016-08-27 00:35 -------- d-----w- c:\users\sony\AppData\Local\Microsoft Games
2016-08-26 22:14 . 2004-08-18 08:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll
2016-08-26 22:14 . 2016-09-16 20:00 -------- d-----w- c:\windows\SysWow64\Macromed
2016-08-26 21:55 . 2016-07-07 15:36 1896168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-08-26 21:55 . 2016-07-07 15:36 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2016-08-26 21:55 . 2016-07-07 15:36 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-08-26 21:55 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-08-26 21:55 . 2016-07-01 15:31 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-08-26 21:55 . 2016-07-01 15:31 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-08-26 21:55 . 2016-07-01 15:13 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-08-26 21:55 . 2016-07-01 15:13 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-08-26 21:23 . 2016-08-26 21:23 -------- d-----w- c:\users\sony\AppData\Local\Disc_Soft_Ltd
2016-08-26 21:20 . 2016-08-26 21:20 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-08-26 21:19 . 2016-08-26 21:19 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-08-26 21:19 . 2016-09-19 16:34 -------- d-----w- c:\users\sony\AppData\Roaming\DAEMON Tools Lite
2016-08-26 21:19 . 2016-08-26 21:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2016-08-26 21:18 . 2016-08-26 21:19 -------- d-----w- c:\programdata\DAEMON Tools Lite
2016-08-26 18:55 . 2016-08-26 22:42 -------- d-----w- c:\program files (x86)\Mafia I - The City of Lost Heaven
2016-08-26 16:32 . 2016-09-17 00:54 -------- d-----w- c:\users\sony\AppData\Roaming\uTorrent
2016-08-25 10:10 . 2016-08-25 10:10 -------- d-----w- c:\users\sony\AppData\Local\Macromedia
2016-08-23 18:20 . 2016-08-23 18:19 391496 ----a-w- c:\windows\system32\aswBoot.exe
2016-08-23 18:18 . 2016-08-23 18:18 53208 ----a-w- c:\windows\avastSS.scr
2016-08-23 17:41 . 2016-08-27 17:09 -------- d-----w- c:\users\sony\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-16 19:00 . 2015-12-21 20:22 82488 ----a-w- c:\windows\system32\OpenCL.dll
2016-09-16 19:00 . 2015-12-21 20:22 67520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2016-09-16 19:00 . 2009-07-13 21:59 18634264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-09-16 19:00 . 2015-12-21 20:14 17559240 ----a-w- c:\windows\system32\nvd3dumx.dll
2016-09-16 19:00 . 2015-12-21 20:14 3210784 ----a-w- c:\windows\system32\nvapi64.dll
2016-09-15 12:26 . 2015-12-21 16:28 144199024 -c--a-w- c:\windows\system32\MRT.exe
2016-09-13 17:23 . 2015-12-21 16:39 969184 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-02 15:30 . 2016-09-15 07:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 07:58 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-02 15:16 . 2016-09-15 07:58 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 07:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-23 18:19 . 2015-12-21 16:39 163416 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-08-23 18:19 . 2015-12-21 16:39 292704 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-08-23 18:19 . 2015-12-21 16:39 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-08-23 18:19 . 2015-12-21 16:39 513496 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-08-23 18:19 . 2015-12-21 16:39 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-08-23 18:19 . 2015-12-21 16:39 108816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-08-23 18:19 . 2015-12-21 16:39 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-08-23 18:17 . 2016-03-23 06:33 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-08-16 01:18 . 2016-08-16 01:18 159936 ----a-w- c:\windows\system32\drivers\usb2ser.sys
2016-08-12 16:46 . 2016-09-21 14:39 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-05 13:09 . 2016-08-05 13:09 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-08-26 8912088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-09-12 9107616]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wdm_usb;wdm_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S3 XSplit_Dummy;XSplit Stream Audio Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-09-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-27 20:00]
.
2016-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-09-16 16:35]
.
2016-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-09-16 16:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-11-12 08:39 2472224 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-08-23 18:19 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.150.150 188.75.128.188 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{e46eca4f-393b-40df-9f49-076faf788d83} - c:\programdata\Package Cache\{e46eca4f-393b-40df-9f49-076faf788d83}\VC_redist.x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-09-21 18:19:56
ComboFix-quarantined-files.txt 2016-09-21 16:19
.
Před spuštěním: Volných bajtů: 219 819 917 312
Po spuštění: Volných bajtů: 219 076 927 488
.
- - End Of File - - F3A76D56B523D91CE4C6B7D82CB8F3DC
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Můžeš.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.23"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_23_0_0_162.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Scanner]

Odstraněno. V nainstalovaných programech mám RICOH Media Driver, ten tam logicky nechám. Provedl jsem CF i HJT a bez problémů, jak mile jsem pustil sken aswMBR, systém se zhroutil zase do BS, tentokrát http://answers.microsoft.com/en-us/wind ... 508?auth=1 Je to vážně bída.

ComboFix 16-09-14.01 - sony 21.09.2016 22:06:08.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4093.2830 [GMT 2:00]
Spuštěný z: c:\users\sony\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\sony\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.31.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.31.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.31.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.31.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.31.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.31.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\53.0.2785.116\53.0.2785.116_chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-08-21 do 2016-09-21 )))))))))))))))))))))))))))))))
.
.
2016-09-21 20:14 . 2016-09-21 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-21 15:56 . 2016-09-21 15:56 -------- d-----w- c:\program files (x86)\Ricoh
2016-09-21 10:44 . 2016-08-05 15:30 2048 ----a-w- c:\windows\system32\tzres.dll
2016-09-21 10:44 . 2016-08-05 15:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-09-20 17:51 . 2016-09-21 20:02 -------- d-----w- c:\users\sony\AppData\Local\CrashDumps
2016-09-20 17:50 . 2016-09-21 16:00 -------- d-----w- c:\program files\WhoCrashed
2016-09-20 17:33 . 2016-09-20 17:33 -------- d-----w- c:\users\sony\AppData\Roaming\ProductData
2016-09-20 17:30 . 2016-09-20 16:36 24064 ----a-w- c:\windows\zoek-delete.exe
2016-09-20 17:30 . 2016-09-21 20:18 -------- d-----w- c:\users\sony\AppData\Local\Temp
2016-09-20 17:30 . 2016-09-20 17:30 -------- d-----w- c:\programdata\ProductData
2016-09-20 16:36 . 2016-09-20 17:24 -------- d-----w- C:\zoek_backup
2016-09-18 10:37 . 2016-09-20 16:00 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-09-18 10:36 . 2016-09-18 10:36 -------- d-----w- c:\programdata\RogueKiller
2016-09-17 18:35 . 2016-09-17 18:35 -------- d-----w- c:\users\sony\AppData\Local\CEF
2016-09-17 18:26 . 2016-09-18 10:26 -------- d-----w- C:\AdwCleaner
2016-09-17 01:19 . 2016-09-17 01:19 -------- d-----w- c:\users\sony\AppData\Roaming\Steam
2016-09-17 00:46 . 2016-09-17 01:10 -------- d-----w- c:\program files (x86)\Life is Strange
2016-09-16 23:05 . 2016-09-16 23:05 -------- d-----w- c:\windows\system32\config\systemprofile\.oracle_jre_usage
2016-09-16 20:44 . 2016-09-16 20:44 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-09-16 20:43 . 2016-09-16 20:43 -------- d-----w- c:\users\sony\.oracle_jre_usage
2016-09-16 20:43 . 2016-09-16 20:42 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-09-16 20:42 . 2016-09-16 20:42 -------- d-----w- c:\programdata\Oracle
2016-09-16 20:41 . 2016-09-16 20:41 -------- d-----w- c:\program files\Java
2016-09-16 20:32 . 2016-09-02 11:13 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-09-16 20:32 . 2016-09-02 11:13 1841088 ----a-w- c:\windows\system32\nvspcap64.dll
2016-09-16 20:32 . 2016-09-02 11:13 1448384 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-09-16 20:32 . 2016-09-02 11:13 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-09-16 20:32 . 2016-09-02 11:13 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-09-16 20:31 . 2016-09-02 11:03 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2016-09-16 20:31 . 2016-09-02 11:13 94144 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-09-16 20:31 . 2016-09-02 11:13 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-09-16 20:31 . 2016-09-02 11:13 104384 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-09-16 19:55 . 2016-09-16 19:55 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-09-16 19:40 . 2016-09-16 19:40 -------- d-----w- c:\windows\system32\DAX2
2016-09-16 19:34 . 2016-09-16 19:34 999864 ----a-w- c:\windows\system32\MaxxVoiceAPO2064.dll
2016-09-16 19:32 . 2016-09-16 19:32 600280 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2016-09-16 19:32 . 2016-09-16 19:32 172760 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2016-09-16 19:23 . 2016-09-16 19:35 15202040 ----a-w- c:\windows\system32\YamahaAE3.dll
2016-09-16 19:23 . 2016-09-16 19:35 3299824 ----a-w- c:\windows\system32\YamahaAE2.dll
2016-09-16 19:20 . 2016-09-16 19:20 86528 ----a-w- c:\windows\system32\drivers\rimssn64.sys
2016-09-16 19:20 . 2016-09-16 19:20 626688 ----a-w- c:\windows\snymsico.dll
2016-09-16 19:12 . 2016-09-16 19:12 -------- d-----w- c:\users\sony\AppData\Local\ElevatedDiagnostics
2016-09-16 18:18 . 2016-09-16 18:18 -------- d-----w- c:\windows\IObit
2016-09-16 18:18 . 2016-09-16 18:18 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-09-16 17:55 . 2016-09-16 17:55 -------- d-----w- c:\users\sony\AppData\Roaming\Apple Computer
2016-09-16 17:50 . 2016-09-16 20:19 -------- d-----w- c:\program files (x86)\Common Files\IObit
2016-09-16 17:49 . 2016-09-18 10:32 -------- d-----w- c:\users\sony\AppData\Roaming\IObit
2016-09-16 17:49 . 2016-09-19 15:41 -------- d-----w- c:\program files (x86)\IObit
2016-09-16 17:49 . 2016-09-18 10:16 -------- d-----w- c:\programdata\IObit
2016-09-16 17:40 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-09-16 17:33 . 2016-09-16 17:33 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2016-09-16 16:33 . 2016-09-16 16:33 -------- d-----w- c:\users\sony\AppData\Local\Opera Software
2016-09-16 16:33 . 2016-09-16 16:33 -------- d-----w- c:\users\sony\AppData\Roaming\Opera Software
2016-09-16 16:31 . 2016-09-16 16:33 -------- d-----w- c:\program files (x86)\Opera
2016-09-16 08:04 . 2016-09-16 08:04 -------- d-----w- c:\programdata\Steam
2016-09-16 07:53 . 2016-09-16 08:04 -------- d-----w- c:\program files (x86)\Outlast + DLC Whistleblower
2016-09-15 16:57 . 2016-09-15 16:57 -------- d-----w- c:\program files\Speccy
2016-09-15 16:02 . 2016-09-15 16:02 -------- d-----w- c:\users\sony\AppData\Roaming\Disney Interactive Studios
2016-09-15 13:25 . 2016-09-15 13:25 868848 ----a-w- c:\windows\system32\drivers\sptd.sys
2016-09-15 13:24 . 2016-09-15 13:24 -------- d-----w- c:\users\sony\AppData\Roaming\DAEMON Tools
2016-09-15 07:57 . 2016-08-16 17:36 1009152 ----a-w- c:\windows\system32\user32.dll
2016-09-15 07:57 . 2016-08-16 02:48 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-09-15 07:57 . 2016-08-16 02:35 3218432 ----a-w- c:\windows\system32\win32k.sys
2016-09-15 07:57 . 2016-08-06 15:31 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-09-15 07:57 . 2016-08-06 15:15 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-09-13 17:45 . 2016-09-13 17:45 -------- d-----w- c:\users\sony\AppData\Local\Electronic Arts
2016-09-13 17:30 . 2016-09-13 17:30 -------- d-----w- c:\program files (x86)\Electronic Arts
2016-09-12 19:19 . 2016-09-12 19:19 -------- d-----w- c:\users\sony\AppData\Local\SKIDROW
2016-09-12 18:40 . 2016-09-12 18:40 -------- d-----w- c:\program files (x86)\2K Games
2016-09-12 18:36 . 2016-09-17 00:19 -------- d-----w- C:\QuadcoreM2
2016-09-12 18:36 . 2016-09-12 18:40 -------- d-----w- c:\programdata\regid.1995-09.com.example
2016-09-12 18:33 . 2016-09-12 18:44 -------- d-----w- C:\Kazrog LLC
2016-09-12 18:31 . 2016-09-12 18:45 -------- d-----w- c:\users\sony\AppData\Roaming\Quadcore
2016-09-12 15:56 . 2016-09-17 18:46 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-12 15:55 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-09-12 15:55 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-09-12 15:55 . 2016-09-12 15:55 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-09-12 15:55 . 2016-09-12 15:55 -------- d-----w- c:\programdata\Malwarebytes
2016-09-12 15:55 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-09-07 14:24 . 2016-09-07 20:17 12464 ----a-w- c:\windows\SysWow64\drivers\SECDRV.SYS
2016-09-06 15:01 . 2016-09-12 06:44 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2016-09-05 13:24 . 2016-09-05 13:24 -------- d-----w- c:\programdata\FLEXnet
2016-09-05 12:57 . 2016-09-05 12:57 -------- d-----w- c:\windows\SysWow64\spool
2016-09-04 17:23 . 2012-07-06 10:12 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2016-09-04 17:20 . 2016-09-17 10:25 -------- d-----w- c:\users\sony\AppData\Local\Nvidia Corporation
2016-09-04 14:02 . 2007-10-12 13:14 2006552 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2016-09-04 14:01 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2016-09-04 13:46 . 2016-09-04 17:26 -------- d-----w- c:\users\sony\AppData\Roaming\vlc
2016-09-04 10:15 . 2016-09-04 13:44 -------- d-----w- c:\program files (x86)\VideoLAN
2016-08-31 12:32 . 2016-08-31 12:32 -------- d-----w- c:\programdata\SplitMediaLabs
2016-08-31 12:32 . 2016-08-31 12:32 -------- d-----w- c:\program files (x86)\SplitmediaLabs
2016-08-31 12:26 . 2016-08-31 12:26 -------- d-----w- c:\users\sony\AppData\Roaming\SplitmediaLabs
2016-08-28 07:34 . 2016-08-28 07:35 -------- d-----w- c:\program files\CCleaner
2016-08-27 21:51 . 2016-08-27 21:51 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2016-08-27 21:05 . 2016-09-16 15:18 -------- d-----w- c:\program files (x86)\The Sims 4
2016-08-27 16:36 . 2016-09-21 20:18 -------- d-----w- c:\program files (x86)\Google
2016-08-27 16:36 . 2016-08-27 21:21 -------- d-----w- c:\users\sony\AppData\Local\Google
2016-08-27 14:59 . 2016-09-16 20:00 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-08-27 14:59 . 2016-09-16 20:00 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-08-27 14:59 . 2016-09-16 20:00 -------- d-----w- c:\windows\system32\Macromed
2016-08-27 00:34 . 2016-09-21 19:55 -------- d-----w- c:\users\sony\AppData\Local\Microsoft Games
2016-08-26 22:14 . 2004-08-18 08:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll
2016-08-26 22:14 . 2016-09-16 20:00 -------- d-----w- c:\windows\SysWow64\Macromed
2016-08-26 21:55 . 2016-07-07 15:36 1896168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-08-26 21:55 . 2016-07-07 15:36 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2016-08-26 21:55 . 2016-07-07 15:36 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-08-26 21:55 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-08-26 21:55 . 2016-07-01 15:31 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-08-26 21:55 . 2016-07-01 15:31 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-08-26 21:55 . 2016-07-01 15:13 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-08-26 21:55 . 2016-07-01 15:13 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-08-26 21:23 . 2016-08-26 21:23 -------- d-----w- c:\users\sony\AppData\Local\Disc_Soft_Ltd
2016-08-26 21:20 . 2016-08-26 21:20 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-08-26 21:19 . 2016-08-26 21:19 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-08-26 21:19 . 2016-09-19 16:34 -------- d-----w- c:\users\sony\AppData\Roaming\DAEMON Tools Lite
2016-08-26 21:19 . 2016-08-26 21:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2016-08-26 21:18 . 2016-08-26 21:19 -------- d-----w- c:\programdata\DAEMON Tools Lite
2016-08-26 18:55 . 2016-08-26 22:42 -------- d-----w- c:\program files (x86)\Mafia I - The City of Lost Heaven
2016-08-26 16:32 . 2016-09-17 00:54 -------- d-----w- c:\users\sony\AppData\Roaming\uTorrent
2016-08-25 10:10 . 2016-08-25 10:10 -------- d-----w- c:\users\sony\AppData\Local\Macromedia
2016-08-23 18:20 . 2016-08-23 18:19 391496 ----a-w- c:\windows\system32\aswBoot.exe
2016-08-23 18:18 . 2016-08-23 18:18 53208 ----a-w- c:\windows\avastSS.scr
2016-08-23 17:41 . 2016-08-27 17:09 -------- d-----w- c:\users\sony\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-16 19:00 . 2015-12-21 20:22 82488 ----a-w- c:\windows\system32\OpenCL.dll
2016-09-16 19:00 . 2015-12-21 20:22 67520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2016-09-16 19:00 . 2009-07-13 21:59 18634264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-09-16 19:00 . 2015-12-21 20:14 17559240 ----a-w- c:\windows\system32\nvd3dumx.dll
2016-09-16 19:00 . 2015-12-21 20:14 3210784 ----a-w- c:\windows\system32\nvapi64.dll
2016-09-15 12:26 . 2015-12-21 16:28 144199024 -c--a-w- c:\windows\system32\MRT.exe
2016-09-13 17:23 . 2015-12-21 16:39 969184 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-09-02 15:30 . 2016-09-15 07:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 07:58 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-02 15:16 . 2016-09-15 07:58 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 07:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-23 18:19 . 2015-12-21 16:39 163416 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-08-23 18:19 . 2015-12-21 16:39 292704 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-08-23 18:19 . 2015-12-21 16:39 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-08-23 18:19 . 2015-12-21 16:39 513496 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-08-23 18:19 . 2015-12-21 16:39 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-08-23 18:19 . 2015-12-21 16:39 108816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-08-23 18:19 . 2015-12-21 16:39 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-08-23 18:17 . 2016-03-23 06:33 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-08-16 01:18 . 2016-08-16 01:18 159936 ----a-w- c:\windows\system32\drivers\usb2ser.sys
2016-08-12 16:46 . 2016-09-21 14:39 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-05 13:09 . 2016-08-05 13:09 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-08-26 8912088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-09-12 9107616]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wdm_usb;wdm_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S3 XSplit_Dummy;XSplit Stream Audio Renderer;c:\windows\system32\drivers\xspltspk.sys;c:\windows\SYSNATIVE\drivers\xspltspk.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2016-09-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-27 20:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2015-11-12 08:39 2472224 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-08-23 18:19 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.150.150 188.75.128.188 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{e46eca4f-393b-40df-9f49-076faf788d83} - c:\programdata\Package Cache\{e46eca4f-393b-40df-9f49-076faf788d83}\VC_redist.x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_23_0_0_162_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
.
**************************************************************************
.
Celkový čas: 2016-09-21 22:24:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-09-21 20:24
ComboFix2.txt 2016-09-21 16:19
.
Před spuštěním: Volných bajtů: 213 659 947 008
Po spuštění: Volných bajtů: 213 452 902 400
.
- - End Of File - - 0FBFDF00A650E3C2B157531DFC82851A
A36C5E4F47E84449FF07ED3517B43A31



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:25:25, on 21.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Users\sony\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5207 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT + informuj o problémech.

Memtest 86
http://www.memtest86.com/
klikni vlevo na Free Download , vyber:
ISO image for creating bootable CD (Windows - zip) , stáhni , rozbal , otevři , vypal třeba v programu:
http://www.slunecnice.cz/sw/active-iso-burner/
Vlož do mechaniky a nabootuj z něj.
Test udělej alespoň 8h ( přes noc).

http://www.memtest86.com/download.htm
http://www.eopcservis.cz/jak-otestovat-ram.html
http://www.memtest86.com/download.htm
http://www.memtest86.com/downloads/memt ... sb.img.zip

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Scanner]

Vše co jsem od začátku tohoto tématu stáhl do ntb, jsem odinstaloval, vyčistil CCleanerem, i jsem vyčistil s OTC. Zůstalo mi tam plno zbytků a obnov na C:/ tak jsem všechno odstranil. Ten memtest budu muset udělat později, můžu ho nabootovat i z USB? Přikládám ti nový log HJT i CDI.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:39:08, on 22.9.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18450)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\sony\Desktop\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5126 bytes




----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
Date : 2016/09/22 21:43:05

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929 [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS543232L9SA00 ATA Device
+ ATA Channel 1 (1)
- MATSHITA DVD-RAM UJ870BJ ATA Device
+ Ricoh Memory Stick Host Controller [ATA]
- Ricoh Memory Stick Disk Device
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS543232L9SA00 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS543232L9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS543232L9SA00
Firmware : FB4OC43C
Serial Number : 081213FB2400LEJENW1B
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 7114 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : ---- | SATA/150
Power On Hours : 14907 hod.
Power On Count : 5423 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 8080h [ON]
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000400000000 Čas na roztočení ploten
04 _96 _96 __0 000000001B8E Počet spuštění/zastavení
05 _98 _98 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _66 _66 __0 000000003A3B Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 00000000152F Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000068 Počet vypnutí disku
C1 _85 _85 __0 000000024AB6 Počet cyklů načítání/vymazání
C2 166 166 __0 0035000D0021 Teplota
C4 100 100 __0 000000000163 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3038 3132 3133 4642 3234 3030 4C45 4A45 4E57 3142
020: 0003 3795 0004 4642 344F 4334 3343 4869 7461 6368
030: 6920 4854 5335 3433 3233 324C 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1702 0000 005E 0048
080: 01FC 0042 746B 7F69 6163 7469 BE49 6163 207F 003F
090: 0040 4080 FFFE 0000 8080 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 5DE2 662F 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 283B 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 3453 0000 0000 6491 6491 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 FD FD 00
020: 00 00 00 04 00 00 04 12 00 60 60 8E 1B 00 00 00
030: 00 00 05 33 00 62 62 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 42 42 3B 3A 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 61 61 2F 15 00 00 00 00 00 BF 0A 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 68 00 00 00 00
090: 00 00 C1 12 00 55 55 B6 4A 02 00 00 00 00 C2 02
0A0: 00 A6 A6 21 00 0D 00 35 00 00 C4 32 00 64 64 63
0B0: 01 00 00 00 00 00 C5 22 00 64 64 00 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 C8 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 85 02 01 5B
170: 03 00 01 00 02 7F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

[Orcus]

Ano, nabootuj z USB.

03 253 253 _33 000400000000 Čas na roztočení ploten
C4 100 100 __0 000000000163 Počet udalostí s číslem realokování sektorů

Udělej odpoledne nový CDI.

[Scanner]

Stáhl jsem si ho z http://www.memtest.org/download/5.01/me ... taller.zip a už ho mám na flashce.
Spustím ho dnes v noci a zítra sem hodím screen. Bude mi pořád správně testovat ntb, i když budu mít přes noc zaklopeno víko?

----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
Date : 2016/09/24 15:11:01

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M/M-E Family 4 Port SATA AHCI Controller - 2929 [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS543232L9SA00 ATA Device
+ ATA Channel 1 (1)
- MATSHITA DVD-RAM UJ870BJ ATA Device
+ Ricoh Memory Stick Host Controller [ATA]
- Ricoh Memory Stick Disk Device
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS543232L9SA00 : 320,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS543232L9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS543232L9SA00
Firmware : FB4OC43C
Serial Number : 081213FB2400LEJENW1B
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 7114 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : ---- | SATA/150
Power On Hours : 14918 hod.
Power On Count : 5430 krát
Temperature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 8080h [ON]
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000400000000 Čas na roztočení ploten
04 _96 _96 __0 000000001B95 Počet spuštění/zastavení
05 _98 _98 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _66 _66 __0 000000003A46 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 __0 000000001536 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000069 Počet vypnutí disku
C1 _85 _85 __0 000000024AC5 Počet cyklů načítání/vymazání
C2 161 161 __0 0035000D0022 Teplota
C4 100 100 __0 000000000163 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3038 3132 3133 4642 3234 3030 4C45 4A45 4E57 3142
020: 0003 3795 0004 4642 344F 4334 3343 4869 7461 6368
030: 6920 4854 5335 3433 3233 324C 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1702 0000 005E 0048
080: 01FC 0042 746B 7F69 6163 7469 BE49 6163 207F 003F
090: 0040 4080 FFFE 0000 8080 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 5DE2 662F 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 283B 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 3453 0000 0000 6491 6491 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 FD FD 00
020: 00 00 00 04 00 00 04 12 00 60 60 95 1B 00 00 00
030: 00 00 05 33 00 62 62 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 42 42 46 3A 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 61 61 36 15 00 00 00 00 00 BF 0A 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 69 00 00 00 00
090: 00 00 C1 12 00 55 55 C5 4A 02 00 00 00 00 C2 02
0A0: 00 A1 A1 22 00 0D 00 35 00 00 C4 32 00 64 64 63
0B0: 01 00 00 00 00 00 C5 22 00 64 64 00 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 C8 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 85 02 01 5B
170: 03 00 01 00 02 7F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 38

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

[jaro3]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Metest určitě udělej z uSB.

Ten disk se mi nelíbí..
HD Tune
Stáhni si HD Tune
http://www.svethardware.cz/forum/downlo ... ile&id=202

-nainstaluj, spusť program, klikni na záložku Error scan
Spusť Start a počkej , až skončí svojí práci. Pokud budou všechny čtverečky zelené je disk OK , pokud budou některá červená , disk odchází.

Zkus udělat test z odkazu:
http://www.tacktech.com/display.cfm?ttid=287#hitachi