Prosím o kontrolu logu pomalé P.C. Vyřešeno

[mlha]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-01-02 21:00:18
-----------------------------
21:00:18.468 OS Version: Windows 5.1.2600 Service Pack 3
21:00:18.468 Number of processors: 2 586 0xF0D
21:00:18.468 ComputerName: SELINGER UserName: Pocitac
21:00:18.828 Initialize success
21:00:18.906 VM: initialized successfully
21:00:18.921 VM: Intel CPU virtualization not supported
21:00:27.687 AVAST engine defs: 17010200
21:00:48.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:00:48.031 Disk 0 Vendor: WDC_WD400JB-00JJC0 05.01C05 Size: 38166MB BusType: 3
21:00:48.031 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
21:00:48.031 Disk 1 Vendor: WDC_WD3000JB-00KFA0 08.05J08 Size: 286168MB BusType: 3
21:00:48.187 Disk 0 MBR read successfully
21:00:48.187 Disk 0 MBR scan
21:00:48.203 Disk 0 Windows XP default MBR code
21:00:48.203 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 29996 MB offset 63
21:00:48.203 Disk 0 Boot: NTFS code=1
21:00:48.203 Disk 0 Partition - 00 0F Extended LBA 8158 MB offset 61432560
21:00:48.234 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8157 MB offset 61432623
21:00:48.750 Disk 0 scanning sectors +78140160
21:00:48.859 Disk 0 scanning C:\WINDOWS\system32\drivers
21:01:05.046 Service scanning
21:01:16.328 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
21:01:19.281 Modules scanning
21:01:19.281 \Driver\a347scsi MajorFunction[ IRP_MJ_CREATE ] @ 0x86f531f8 suspicious
21:01:19.281 \Driver\a347scsi MajorFunction[ IRP_MJ_CLOSE ] @ 0x86f531f8 suspicious
21:01:19.281 \Driver\a347scsi MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x86f531f8 suspicious
21:01:19.281 \Driver\a347scsi MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x86f531f8 suspicious
21:01:19.281 \Driver\a347scsi MajorFunction[ IRP_MJ_POWER ] @ 0x86f531f8 suspicious
21:01:19.281 \Driver\a347scsi MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x86f531f8 suspicious
21:01:19.281 \Driver\atapi DriverInit @ 0x86fc2298 suspicious
21:01:19.296 \Driver\usbuhci MajorFunction[ IRP_MJ_CREATE ] @ 0x86dc11f8 suspicious
21:01:19.296 \Driver\usbuhci MajorFunction[ IRP_MJ_CLOSE ] @ 0x86dc11f8 suspicious
21:01:19.296 \Driver\usbuhci MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x86dc11f8 suspicious
21:01:19.296 \Driver\usbuhci MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x86dc11f8 suspicious
21:01:19.296 \Driver\usbuhci MajorFunction[ IRP_MJ_POWER ] @ 0x86dc11f8 suspicious
21:01:19.296 \Driver\usbuhci MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x86dc11f8 suspicious
21:01:19.296 \Driver\Ftdisk MajorFunction[ IRP_MJ_CREATE ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_READ ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_WRITE ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_FLUSH_BUFFERS ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_SHUTDOWN ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_CLEANUP ] @ 0x86f541f8 suspicious
21:01:19.312 \Driver\Ftdisk MajorFunction[ IRP_MJ_POWER ] @ 0x86f541f8 suspicious
21:01:19.328 \Driver\Ftdisk MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x86f541f8 suspicious
21:01:19.328 \Driver\NetBT MajorFunction[ IRP_MJ_CREATE ] @ 0x8620b1f8 suspicious
21:01:19.328 \Driver\NetBT MajorFunction[ IRP_MJ_CLOSE ] @ 0x8620b1f8 suspicious
21:01:19.328 \Driver\NetBT MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x8620b1f8 suspicious
21:01:19.328 \Driver\NetBT MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x8620b1f8 suspicious
21:01:19.328 \Driver\NetBT MajorFunction[ IRP_MJ_CLEANUP ] @ 0x8620b1f8 suspicious
21:01:19.328 \Driver\Cdrom MajorFunction[ IRP_MJ_CREATE ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_CLOSE ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_READ ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_WRITE ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_FLUSH_BUFFERS ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_SHUTDOWN ] @ 0x86da01f8 suspicious
21:01:19.343 \Driver\Cdrom MajorFunction[ IRP_MJ_POWER ] @ 0x86da01f8 suspicious
21:01:19.359 \Driver\Cdrom MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x86da01f8 suspicious
21:01:19.359 \Driver\ay339rsq MajorFunction[ IRP_MJ_CREATE ] @ 0x86cd7500 suspicious
21:01:19.359 \Driver\ay339rsq MajorFunction[ IRP_MJ_CLOSE ] @ 0x86cd7500 suspicious
21:01:19.359 \Driver\ay339rsq MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x86cd7500 suspicious
21:01:19.359 \Driver\ay339rsq MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x86cd7500 suspicious
21:01:19.359 \Driver\ay339rsq MajorFunction[ IRP_MJ_POWER ] @ 0x86cd7500 suspicious
21:01:19.359 \Driver\ay339rsq MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x86cd7500 suspicious
21:01:19.375 \Driver\usbehci MajorFunction[ IRP_MJ_CREATE ] @ 0x86ce61f8 suspicious
21:01:19.375 \Driver\usbehci MajorFunction[ IRP_MJ_CLOSE ] @ 0x86ce61f8 suspicious
21:01:19.375 \Driver\usbehci MajorFunction[ IRP_MJ_DEVICE_CONTROL ] @ 0x86ce61f8 suspicious
21:01:19.375 \Driver\usbehci MajorFunction[ IRP_MJ_INTERNAL_DEVICE_CONTROL ] @ 0x86ce61f8 suspicious
21:01:19.375 \Driver\usbehci MajorFunction[ IRP_MJ_POWER ] @ 0x86ce61f8 suspicious
21:01:19.375 \Driver\usbehci MajorFunction[ IRP_MJ_SYSTEM_CONTROL ] @ 0x86ce61f8 suspicious
21:01:19.375 Disk 0 trace - called modules:
21:01:19.390 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spmm.sys >>UNKNOWN [0x86f73938]<<
21:01:19.406 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86e9eab8]
21:01:19.406 3 CLASSPNP.SYS[f75cbfd7] -> nt!IofCallDriver -> \Device\00000077[0x86f2ef18]
21:01:19.406 5 ACPI.sys[f7437620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x86e9fd98]
21:01:19.671 AVAST engine scan C:\WINDOWS
21:01:32.750 AVAST engine scan C:\WINDOWS\system32
21:05:18.984 AVAST engine scan C:\WINDOWS\system32\drivers
21:05:41.343 AVAST engine scan C:\Documents and Settings\Pocitac
21:15:55.078 File: C:\Documents and Settings\Pocitac\Plocha\zoek.exe **INFECTED** Win32:Malware-gen
21:15:59.375 AVAST engine scan C:\Documents and Settings\All Users
21:21:09.890 Disk 0 statistics 2015083/0/0 @ 0,90 MB/s
21:21:09.890 Scan finished successfully
21:22:28.687 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Pocitac\Dokumenty\MBR.dat"
21:22:28.687 The log file has been saved successfully to "C:\Documents and Settings\Pocitac\Dokumenty\aswMBR.txt"

[Reklama]

[mlha]

VirusTotal
SHA256: b7b52a3714108460c09f1f50ccbf87ab087b698880a93cb01ecc66c51ba8f209
Název souboru: CrashReport.dll
Poměr detekce: 4 / 56
Analýzy datum: 2017-01-02 21:01:46 UTC ( 0 minutami )
0 0
Analýza
Detail souboru
Další informace
Komentáře
Hlasy
Antivirus Výsledek Aktualizace
Avira (ne cloud) ADWARE/ELEX.rllui 20170102
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9755 20161207
Bkav W32.eHeur.Malware08 20161229
K7GW Hacktool ( 655367771 ) 20170102
ALYac 20170102
AVG 20170102
AVware 20170102
Ad-Aware 20170102
AegisLab 20161231
AhnLab-V3 20170102
Alibaba 20161223
Antiy-AVL 20170102
Arcabit 20170102
Avast 20170102
BitDefender 20170102
CAT-QuickHeal 20170102
CMC 20170102
ClamAV 20170102
Comodo 20170102
CrowdStrike Falcon (ML) 20161024
Cyren 20170102
DrWeb 20170102
ESET-NOD32 20170102
Emsisoft 20170102
F-Prot 20170102
F-Secure 20170102
Fortinet 20170102
GData 20170102
Ikarus 20170102
Invincea 20161216
Jiangmin 20170102
K7AntiVirus 20170102
Kaspersky 20170102
Kingsoft 20170102
Malwarebytes 20170102
McAfee 20170102
McAfee-GW-Edition 20170102
eScan 20170102
Microsoft 20170102
NANO-Antivirus 20170102
Panda 20170102
Qihoo-360 20170102
Rostoucí 20170102
SUPERAntiSpyware 20170102
Sophos 20170102
Symantec 20170102
Tencent 20170102
TheHacker 20170102
TrendMicro 20170102
TrendMicro-HouseCall 20170102
Trustlook 20170102
VBA32 20161229
VIPRE 20170102
ViRobot 20170102
WhiteArmor 20161221
Yandex 20161230
Zillya 20170102
Zoner 20170102
nProtect 20170102
Blog| Twitter| contact@virustotal.com | Google groups| ToS| Zásady ochrany

[mlha]

VirusTotal
SHA256: 20976721a82e9e55f8a25bc368639d076665059b9d03feba8daa18d6618fe98e
Název souboru: Release17114.dll
Poměr detekce: 22 / 56
Analýzy datum: 2017-01-02 21:05:42 UTC ( 0 minutami )
0 0
Analýza
Detail souboru
Další informace
Komentáře
Hlasy
Antivirus Výsledek Aktualizace
ALYac Gen:Variant.Graftor.315393 20170102
AVG GenericA.656 20170102
AVware Trojan.Win32.Generic!BT 20170102
Ad-Aware Gen:Variant.Graftor.315393 20170102
AegisLab Gen. Variant.Graftor!c 20161231
Arcabit Trojan.Graftor.D4D001 20170102
Avira (ne cloud) ADWARE/ELEX.djedk 20170102
BitDefender Gen:Variant.Graftor.315393 20170102
Bkav W32.eHeur.Malware08 20161229
CrowdStrike Falcon (ML) malicious_confidence_89% (D) 20161024
Emsisoft Gen:Variant.Graftor.315393 (B) 20170102
F-Secure Gen:Variant.Graftor.315393 20170102
Fortinet Adware/Sasq 20170102
GData Gen:Variant.Graftor.315393 20170102
McAfee Adware-Sasq 20170102
McAfee-GW-Edition Adware-Sasq 20170102
eScan Gen:Variant.Graftor.315393 20170102
Panda Trj/GdSda.A 20170102
Rostoucí Malware.Generic!qd1ZZnkMIIR@6 (thunder) 20170102
Symantec Heur.AdvML.B 20170102
TrendMicro-HouseCall TROJ_GEN.R047H06LU16 20170102
VIPRE Trojan.Win32.Generic!BT 20170102

[jaro3]

Dej otestovat soubory a až skončí poslední sken posledního antiviru , tak zkopíruj pouze stránku a vlož sem jen odkaz.

jdu spát..

[mlha]

Nerozumím

[jerabina]

Zdravím! Kolega potřebuje URL odkazy na skeny z VirusTotalu. Tzn. že jakmile se soubor oskenuje, jednoduše nahoře v prohlížeči zkopíruj URL adresu a tu sem vlož do další odpovědi.

[mlha]

https://www.virustotal.com/en/file/b7b5 ... 483561522/

[mlha]

https://www.virustotal.com/en/file/2097 ... 483561680/

[mlha]

Ostatní skeny jsou čistý

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\Soting Mapper.job

Folder::
c:\program files\Gselybergerent
c:\program files\Vaersyatirisp Renew
c:\program files\Google\Update
c:\program files\Gselybergerent
c:\program files\Skype\Updater

RegLock::
[HKEY_USERS\S-1-5-21-583907252-2052111302-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[mlha]

ComboFix 17-01-04.01 - Pocitac 05.01.2017 22:29:24.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.346 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pocitac\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Pocitac\Plocha\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {7591db91-41f0-48a3-b128-1a293fd8233d}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Soting Mapper.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdate.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdateCore.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.32.7\GoogleUpdateWebPlugin.exe
c:\program files\Google\Update\1.3.32.7\goopdate.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_am.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ar.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_bg.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_bn.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ca.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_cs.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_da.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_de.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_el.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_en.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_es.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_et.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_fa.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_fi.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_fil.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_fr.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_gu.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_hi.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_hr.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_hu.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_id.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_is.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_it.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_iw.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ja.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_kn.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ko.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_lt.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_lv.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ml.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_mr.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ms.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_nl.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_no.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_pl.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ro.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ru.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_sk.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_sl.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_sr.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_sv.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_sw.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ta.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_te.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_th.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_tr.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_uk.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_ur.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_vi.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.32.7\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.32.7\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.32.7\psmachine.dll
c:\program files\Google\Update\1.3.32.7\psmachine_64.dll
c:\program files\Google\Update\1.3.32.7\psuser.dll
c:\program files\Google\Update\1.3.32.7\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.32.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\49.0.2623.112\49.0.2623.112_chrome_installer.exe
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\49.0.2623.113\disable_outdated_build_detector.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Gselybergerent
c:\program files\Gselybergerent\CrashReport.dll
c:\program files\Gselybergerent\jujery.exe
c:\program files\Gselybergerent\Release17114.dll
c:\program files\Vaersyatirisp Renew
c:\program files\Vaersyatirisp Renew\local32spl.dll.ini
c:\windows\system32\DEBUG.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-12-05 do 2017-01-05 )))))))))))))))))))))))))))))))
.
.
2017-01-04 20:03 . 2017-01-05 20:39 -------- d-----w- c:\program files\Microsoft Works
2017-01-04 19:58 . 2017-01-04 19:58 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2017-01-04 19:57 . 2017-01-04 20:02 -------- d-----w- c:\windows\SHELLNEW
2017-01-04 19:56 . 2017-01-04 19:56 -------- d-----r- C:\MSOCache
2016-12-30 20:56 . 2016-12-30 20:56 -------- d-----w- c:\documents and settings\Pocitac\Data aplikací\Yandex
2016-12-30 19:53 . 2016-12-30 19:53 -------- d-----w- c:\program files\VS Revo Group
2016-12-30 15:56 . 2016-12-30 14:58 24064 ----a-w- c:\windows\zoek-delete.exe
2016-12-30 09:21 . 2016-12-30 09:51 -------- d-----w- c:\documents and settings\Pocitac\Local Settings\Data aplikací\Guwidom
2016-12-30 09:21 . 2016-12-30 09:21 -------- d-----w- c:\documents and settings\Pocitac\Data aplikací\Profiles
2016-12-29 22:51 . 2016-12-29 22:51 273 ----a-w- c:\windows\system32\drivers\vwifikerneldrv.sys
2016-12-29 22:50 . 2016-12-30 07:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Adguard
2016-12-10 15:05 . 2008-04-14 03:21 159232 ----a-w- c:\windows\system32\ptpusd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-30 14:25 . 2014-10-17 17:08 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-11-23 18:26 . 2005-08-09 22:13 359936 ----a-w- c:\windows\system32\ssleay32.dll
2016-11-23 18:26 . 2005-08-09 22:13 1363456 ----a-w- c:\windows\system32\libeay32.dll
2016-11-23 18:26 . 2016-07-14 18:29 4696960 ----a-w- c:\windows\system32\ssins.exe
2016-11-22 21:00 . 2012-03-29 19:23 796352 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2016-11-22 21:00 . 2011-06-12 18:53 142528 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-11-22 19:32 . 2016-11-22 19:32 35096 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-11-22 19:23 . 2016-11-22 19:19 224752 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-11-22 19:23 . 2016-11-22 19:19 433768 ----a-w- c:\windows\system32\drivers\aswsp.sys
2016-11-22 19:22 . 2016-11-22 19:19 735488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-11-22 19:18 . 2016-11-22 19:19 66688 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2016-11-22 19:18 . 2016-11-22 19:19 184592 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2016-11-22 19:18 . 2016-11-22 19:19 60424 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-11-22 19:18 . 2016-11-22 19:19 92256 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-11-22 19:18 . 2016-11-22 19:19 34008 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-11-22 19:18 . 2016-11-22 19:19 64272 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2016-11-22 19:18 . 2016-11-22 19:18 921280 ----a-w- c:\windows\ucrtbase.dll
2016-11-22 19:18 . 2016-11-22 19:18 319760 ----a-w- c:\windows\system32\aswBoot.exe
2016-11-22 19:18 . 2016-11-22 19:18 53208 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.

[mlha]

Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-11-22 19:18 832488 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-13 166912]
"CHotkey"="mHotkey.exe" [2004-12-08 550912]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iSkysoft Helper Compact.exe"="c:\program files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2014-04-04 2000896]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 20145368]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-11-22 9080768]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SoftwareSASGeneration"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Pocitac^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\documents and settings\Pocitac\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-05-08 13:48 959904 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 03:22 110592 ------w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2008-12-04 12:24 665424 -c----w- c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX110 Series]
2008-09-26 23:00 199680 -c----w- c:\windows\system32\spool\drivers\w32x86\3\E_FATIFBE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2000-01-01 00:00 20145368 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMail]
2008-02-21 19:22 453936 -c--a-w- c:\program files\Seznam\Postak\Postak.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]
2008-04-14 03:22 143872 -c----w- c:\windows\system32\mobsync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Java\\jre7\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\Pocitac\\Local Settings\\Data aplikací\\Yandex\\YandexBrowser\\Application\\browser.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [3.11.2007 19:50 5248]
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [22.11.2016 20:19 60424]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswvmm.sys [22.11.2016 20:19 224752]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [6.4.2010 18:32 20744]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.3.2007 14:11 691696]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [22.11.2016 20:32 35096]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [22.11.2016 20:19 735488]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [22.11.2016 20:19 433768]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [22.11.2016 20:19 92256]
R3 aswStmXP;Avast StreamFilter Driver;c:\windows\system32\drivers\aswStmXP.sys [22.11.2016 20:19 184592]
S0 a347bus;a347bus;c:\windows\system32\DRIVERS\a347bus.sys --> c:\windows\system32\DRIVERS\a347bus.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [24.5.2011 19:54 1691480]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2.8.2010 15:19 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2.8.2010 15:19 20864]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2.8.2010 15:19 19968]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2.8.2010 15:19 24960]
S3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [22.11.2016 20:19 34008]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [6.4.2010 18:33 30088]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [6.4.2010 18:32 26248]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [24.6.2004 03:54 23552]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [19.11.2009 19:00 223128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-12-30 16:42 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2017-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 21:00]
.
2017-01-05 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2016-11-22 19:18]
.
2015-11-12 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-21 23:28]
.
2015-11-12 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-21 23:28]
.
2017-01-05 c:\windows\Tasks\SafeZone scheduled Autoupdate 1479843202.job
- c:\program files\AVAST Software\SZBrowser\launcher.exe [2016-11-22 08:42]
.
2017-01-05 c:\windows\Tasks\User_Feed_Synchronization-{6A24AD4E-E9AD-4B78-8C61-388FF0F8114C}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Doplňkový sken -------
.