Prosím o kontrolu logu :)

Amurex · Příspěvekod **Amurex** » 11 srp 2013 13:28

No právěže problémy jsou ... dejme tomu, že poslední dobou hraju League of Legends často a ... po přeinstalaci PC(dřívější) to jelo jak po másle, prostě žádné zaseknutí nic ... ted před tou přeinstalací se to už začalo zadrhávat kvůli tomu, že je ten procesor nejak moc zatížený... a teď po přeinstalování je to nehratelné ... zadrhává se to hrozně moc .. fps drop z 75 na 40 ... a podobně ... nevím proč... už jsem z toho jelen .. přitom kámošovi s daleko horším PC to jede plynule bez záseků :/

Reklama

Amurex · Příspěvekod **Amurex** » 11 srp 2013 14:14

edit: začaly se mi házet automatické restarty a pak modrá smrt ... už jsem vážně na nervy.. začínám přemýšlet o nové reinstalaci s tím .. že si nenechám zálohu a přeformátuju disk :/

Příspěvekod **jaro3** » 11 srp 2013 18:55

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Amurex · Příspěvekod **Amurex** » 11 srp 2013 20:56

ComboFix 13-08-11.02 - user 11.08.2013 20:43:56.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.4096.2904 [GMT 2:00]
Spuštěný z: c:\users\user\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-11 do 2013-08-11 )))))))))))))))))))))))))))))))
.
.
2013-08-11 11:36 . 2013-08-11 11:36 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-08-11 11:36 . 2013-08-11 11:38 -------- d-----w- c:\programdata\IObit
2013-08-11 11:36 . 2013-08-11 11:36 -------- d-----w- c:\program files (x86)\IObit
2013-08-10 15:44 . 2013-08-10 15:44 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-10 15:44 . 2013-08-10 15:44 -------- d-----r- c:\program files (x86)\Skype
2013-08-10 15:44 . 2013-08-10 15:44 -------- d-----w- c:\programdata\Skype
2013-08-10 15:31 . 2013-08-10 15:31 -------- d-----w- c:\program files (x86)\AMD
2013-08-10 15:30 . 2013-08-10 15:30 -------- d-----w- C:\AMD
2013-08-10 15:08 . 2013-08-10 15:08 -------- d-----w- c:\programdata\AskPartnerNetwork
2013-08-10 15:08 . 2013-08-10 15:08 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2013-08-10 15:08 . 2013-08-10 15:08 -------- d-----w- c:\programdata\APN
2013-08-10 14:57 . 2013-08-10 14:57 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-08-10 14:57 . 2013-08-10 22:36 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-08-10 14:52 . 2013-08-10 14:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-08-10 14:23 . 2013-08-10 14:23 -------- d-----w- c:\windows\ERUNT
2013-08-10 13:28 . 2013-08-10 13:28 -------- d-----w- c:\programdata\Malwarebytes
2013-08-10 13:28 . 2013-08-10 13:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-10 13:28 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-10 11:20 . 2009-11-11 13:17 729600 ----a-w- c:\windows\system32\cohelper.dll
2013-08-10 11:20 . 2009-11-11 07:22 9548 ----a-w- c:\windows\system32\drivers\nvphy.bin
2013-08-10 11:20 . 2009-11-11 09:37 645224 ----a-w- c:\windows\system32\NVUNINST.EXE
2013-08-10 11:20 . 2013-08-10 11:20 -------- d-----w- C:\NVIDIA
2013-08-10 10:31 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-08-10 10:31 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-10 10:31 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-08-10 10:15 . 2008-12-03 15:40 81408 ----a-w- c:\windows\SysWow64\devcon_x64.exe
2013-08-10 10:15 . 2002-11-14 20:32 55808 ----a-w- c:\windows\SysWow64\devcon.exe
2013-08-10 10:05 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-08-10 10:05 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-08-10 10:05 . 2012-02-15 04:47 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-08-10 10:05 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-08-10 10:03 . 2013-08-10 10:03 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-10 10:02 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-08-10 10:02 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-08-10 10:02 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-08-10 10:02 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-08-10 10:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-08-10 10:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-08-10 10:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-08-10 10:01 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-08-10 10:01 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-08-10 09:51 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-08-10 09:51 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-08-10 09:41 . 2013-08-10 09:41 -------- d-----w- c:\programdata\ATI
2013-08-10 09:40 . 2013-08-10 09:40 0 ----a-w- c:\windows\ativpsrm.bin
2013-08-10 09:38 . 2013-08-10 09:38 -------- d-----w- c:\program files (x86)\AMD AVT
2013-08-10 09:38 . 2013-08-10 09:38 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-08-10 09:37 . 2013-08-10 09:38 -------- d-----w- c:\programdata\AMD
2013-08-10 09:37 . 2013-08-10 09:37 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-08-10 09:36 . 2013-08-10 09:36 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-08-10 09:36 . 2013-08-10 09:38 -------- d-----w- c:\program files\ATI Technologies
2013-08-10 09:36 . 2013-08-10 09:36 -------- d-----w- c:\program files\ATI
2013-08-10 09:29 . 2013-08-10 09:29 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-08-10 09:29 . 2013-08-10 09:29 -------- d-----w- c:\program files\Realtek
2013-08-10 09:26 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30AC704E-2D26-4631-BB74-54E7E109B933}\mpengine.dll
2013-08-10 09:26 . 2013-05-02 00:06 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-10 09:22 . 2013-08-10 09:22 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-10 09:22 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-10 09:22 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-10 09:22 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-10 09:22 . 2013-08-10 09:22 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-10 09:22 . 2013-08-10 09:22 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-10 09:22 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-10 09:22 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-10 09:22 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-10 09:22 . 2013-08-10 14:11 -------- d-----w- c:\program files (x86)\Tepfel
2013-08-10 09:21 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-08-10 09:21 . 2013-08-10 09:21 -------- d-----w- c:\program files\AVAST Software
2013-08-10 09:20 . 2013-08-10 09:21 -------- d-----w- c:\programdata\AVAST Software
2013-08-10 09:12 . 2013-08-10 09:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-10 09:12 . 2013-08-10 09:12 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-10 09:12 . 2013-08-10 09:12 -------- d-----w- c:\windows\system32\Macromed
2013-08-10 05:09 . 2013-08-10 05:10 -------- d-----w- c:\users\user
2013-08-10 05:03 . 2013-08-10 05:03 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-08-10 05:03 . 2009-11-25 10:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2013-08-10 05:03 . 2009-11-25 10:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2013-08-10 05:03 . 2009-11-25 10:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2013-08-10 05:03 . 2009-11-25 10:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2013-08-10 05:03 . 2009-11-25 10:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2013-08-10 05:03 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2013-08-10 05:03 . 2009-11-25 10:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-08-10 05:03 . 2009-11-25 10:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2013-08-10 05:03 . 2009-11-25 10:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2013-08-10 05:03 . 2009-11-25 10:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2013-08-10 05:02 . 2013-08-10 05:02 468480 ----a-w- c:\windows\system32\deployJava1.dll
2013-08-10 05:02 . 2013-08-10 05:02 183296 ----a-w- c:\windows\system32\javaws.exe
2013-08-10 05:02 . 2013-08-10 05:02 165888 ----a-w- c:\windows\system32\javaw.exe
2013-08-10 05:02 . 2013-08-10 05:02 165888 ----a-w- c:\windows\system32\java.exe
2013-08-10 05:02 . 2013-08-10 05:02 -------- d-----w- c:\program files\Java
2013-08-10 05:02 . 2013-08-10 05:02 423656 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-08-10 05:02 . 2013-08-10 05:02 -------- d-----w- c:\program files (x86)\Java
2013-08-10 04:55 . 2013-08-10 15:50 -------- d-sh--w- c:\windows\Installer
2013-08-10 04:55 . 2010-12-08 19:53 39298504 ----a-w- c:\windows\system32\MRT.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7}]
2013-07-26 07:31 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4B4D5056-3700-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll" [2013-07-26 12240]
.
[HKEY_CLASSES_ROOT\clsid\{4b4d5056-3700-a76a-76a7-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"DriverChecker.exe"="d:\programy\Driver Checker\DriverChecker.exe" [2010-01-07 13560832]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-07-26 1558480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\
FF - ExtSQL: 2013-07-26 09:32; toolbar_KMPV7@apn.ask.com; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\extensions\toolbar_KMPV7@apn.ask.com.xpi
FF - ExtSQL: 2013-08-10 11:21; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-10 12:44; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-11 13:36; ascsurfingprotection@iobit.com; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\extensions\ascsurfingprotection@iobit.com
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
.
**************************************************************************
.
Celkový čas: 2013-08-11 20:55:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-11 18:55
.
Před spuštěním: 70 512 377 856 bytes free
Po spuštění: 76 970 344 448 bytes free
.
- - End Of File - - FD9CF2E2F5417942C7D3876D56FC271C
A36C5E4F47E84449FF07ED3517B43A31

Příspěvekod **jaro3** » 12 srp 2013 10:48

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\ativpsrm.bin

Folder::
c:\program files (x86)\AskPartnerNetwork\Toolbar

Driver::
SkypeUpdate

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4B4D5056-3700-A76A-76A7-7A786E7484D7}"=-
[-HKEY_CLASSES_ROOT\clsid\{4b4d5056-3700-a76a-76a7-7a786e7484d7}]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Amurex · Příspěvekod **Amurex** » 12 srp 2013 14:22

ComboFix 13-08-11.02 - user 12.08.2013 14:09:38.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.4096.2877 [GMT 2:00]
Spuštěný z: c:\users\user\Desktop\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\users\user\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\ativpsrm.bin"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\AskPartnerNetwork\Toolbar
c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1031.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1033.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1034.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1036.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1040.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1041.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1043.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1045.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\1049.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\2070.mst
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_KMPV7@apn.ask.com.xpi
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\AskToolbarInstaller-12.2.2_KMPV7.msi
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\SO.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml
c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\SO.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll
c:\program files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe
c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\ask-search.xml
c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\KMPV7\config.xml
c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
c:\windows\ativpsrm.bin
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_APNMCP
-------\Service_APNMCP
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-12 do 2013-08-12 )))))))))))))))))))))))))))))))
.
.
2013-08-12 12:15 . 2013-08-12 12:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-11 21:49 . 2013-08-11 21:49 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-08-11 21:35 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-08-11 21:35 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-08-11 21:34 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-08-11 21:34 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-08-11 21:26 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-08-11 21:26 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll
2013-08-11 21:26 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-08-11 21:26 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll
2013-08-11 21:26 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-08-11 11:36 . 2013-08-11 11:36 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-08-11 11:36 . 2013-08-11 11:38 -------- d-----w- c:\programdata\IObit
2013-08-11 11:36 . 2013-08-11 11:36 -------- d-----w- c:\program files (x86)\IObit
2013-08-11 11:23 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2013-08-11 11:23 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2013-08-11 11:23 . 2013-02-12 15:37 3138048 ----a-w- c:\windows\system32\mstscax.dll
2013-08-11 11:23 . 2013-02-12 15:13 2691072 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-08-11 11:23 . 2013-02-12 15:07 131072 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-08-11 11:23 . 2013-02-12 15:42 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-08-11 11:23 . 2013-02-12 15:31 158208 ----a-w- c:\windows\system32\aaclient.dll
2013-08-11 11:23 . 2013-02-12 13:59 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-08-11 11:23 . 2012-11-09 05:34 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-11 11:23 . 2012-11-09 04:49 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-11 11:22 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2013-08-11 11:22 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2013-08-11 11:22 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2013-08-11 11:22 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2013-08-11 11:22 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2013-08-11 11:22 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2013-08-11 11:22 . 2013-03-01 03:32 3150848 ----a-w- c:\windows\system32\win32k.sys
2013-08-11 11:22 . 2011-10-26 04:28 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2013-08-11 11:22 . 2011-10-26 05:22 1572864 ----a-w- c:\windows\system32\quartz.dll
2013-08-11 11:22 . 2011-10-26 05:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-08-11 11:22 . 2011-10-26 04:28 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-08-11 11:21 . 2011-07-09 02:44 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2013-08-11 11:21 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2013-08-11 11:21 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-08-11 11:21 . 2011-11-17 07:12 395776 ----a-w- c:\windows\system32\webio.dll
2013-08-11 11:21 . 2011-11-17 05:39 314368 ----a-w- c:\windows\SysWow64\webio.dll
2013-08-11 11:21 . 2013-04-12 14:36 1653096 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-08-11 11:21 . 2011-03-11 06:19 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2013-08-11 11:19 . 2012-11-02 05:27 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-08-11 11:19 . 2012-11-02 04:48 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-08-11 11:19 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-08-11 11:19 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-08-11 11:19 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2013-08-11 11:19 . 2012-08-24 17:10 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-11 11:17 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-08-11 11:17 . 2012-03-17 07:55 75632 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-08-11 11:17 . 2012-08-11 00:53 714752 ----a-w- c:\windows\system32\kerberos.dll
2013-08-11 11:17 . 2012-08-10 23:54 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2013-08-11 11:17 . 2012-09-25 22:39 95744 ----a-w- c:\windows\system32\synceng.dll
2013-08-11 11:17 . 2012-09-25 21:55 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-08-11 11:17 . 2011-02-05 12:41 640896 ----a-w- c:\windows\system32\winload.efi
2013-08-11 11:17 . 2011-02-05 12:39 603976 ----a-w- c:\windows\system32\winload.exe
2013-08-11 11:17 . 2011-02-05 12:39 518160 ----a-w- c:\windows\system32\winresume.exe
2013-08-11 11:16 . 2011-02-05 12:41 556928 ----a-w- c:\windows\system32\winresume.efi
2013-08-11 11:16 . 2011-02-05 12:41 20352 ----a-w- c:\windows\system32\kdusb.dll
2013-08-11 11:16 . 2011-02-05 12:41 19328 ----a-w- c:\windows\system32\kd1394.dll
2013-08-11 11:16 . 2011-02-05 12:41 17792 ----a-w- c:\windows\system32\kdcom.dll
2013-08-11 11:14 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2013-08-11 11:13 . 2012-06-02 05:25 1462784 ----a-w- c:\windows\system32\crypt32.dll
2013-08-11 11:13 . 2012-06-02 04:45 1157632 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-11 11:13 . 2012-06-02 05:25 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-11 11:13 . 2012-06-02 05:25 140288 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-11 11:13 . 2012-06-02 04:45 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-08-11 11:13 . 2012-06-02 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-11 11:12 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2013-08-11 11:12 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2013-08-10 15:44 . 2013-08-10 15:44 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-08-10 15:44 . 2013-08-10 15:44 -------- d-----r- c:\program files (x86)\Skype
2013-08-10 15:44 . 2013-08-10 15:44 -------- d-----w- c:\programdata\Skype
2013-08-10 15:31 . 2013-08-10 15:31 -------- d-----w- c:\program files (x86)\AMD
2013-08-10 15:30 . 2013-08-10 15:30 -------- d-----w- C:\AMD
2013-08-10 15:08 . 2013-08-12 12:14 -------- d-----w- c:\program files (x86)\AskPartnerNetwork
2013-08-10 15:08 . 2013-08-10 15:08 -------- d-----w- c:\programdata\AskPartnerNetwork
2013-08-10 15:08 . 2013-08-10 15:08 -------- d-----w- c:\programdata\APN
2013-08-10 14:57 . 2013-08-10 14:57 -------- d-----w- c:\program files (x86)\PANDORA.TV
2013-08-10 14:57 . 2013-08-10 22:36 -------- d-----w- c:\program files (x86)\The KMPlayer
2013-08-10 14:52 . 2013-08-10 14:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-08-10 14:23 . 2013-08-10 14:23 -------- d-----w- c:\windows\ERUNT
2013-08-10 13:28 . 2013-08-10 13:28 -------- d-----w- c:\programdata\Malwarebytes
2013-08-10 13:28 . 2013-08-10 13:28 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-10 13:28 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-10 11:20 . 2009-11-11 13:17 729600 ----a-w- c:\windows\system32\cohelper.dll
2013-08-10 11:20 . 2009-11-11 07:22 9548 ----a-w- c:\windows\system32\drivers\nvphy.bin
2013-08-10 11:20 . 2009-11-11 09:37 645224 ----a-w- c:\windows\system32\NVUNINST.EXE
2013-08-10 11:20 . 2013-08-10 11:20 -------- d-----w- C:\NVIDIA
2013-08-10 10:31 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-08-10 10:31 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-08-10 10:31 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-08-10 10:15 . 2008-12-03 15:40 81408 ----a-w- c:\windows\SysWow64\devcon_x64.exe
2013-08-10 10:15 . 2002-11-14 20:32 55808 ----a-w- c:\windows\SysWow64\devcon.exe
2013-08-10 10:05 . 2012-02-15 06:27 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-08-10 10:05 . 2012-02-15 05:44 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-08-10 10:05 . 2012-02-15 04:46 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-08-10 10:03 . 2013-08-10 10:03 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-08-10 10:02 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-08-10 10:02 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-08-10 10:02 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-08-10 10:02 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-08-10 10:02 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-08-10 10:02 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-08-10 10:02 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-08-10 10:01 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-08-10 10:01 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-08-10 09:51 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2013-08-10 09:51 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-08-10 09:41 . 2013-08-10 09:41 -------- d-----w- c:\programdata\ATI
2013-08-10 09:38 . 2013-08-10 09:38 -------- d-----w- c:\program files (x86)\AMD AVT
2013-08-10 09:38 . 2013-08-10 09:38 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-08-10 09:37 . 2013-08-10 09:38 -------- d-----w- c:\programdata\AMD
2013-08-10 09:37 . 2013-08-10 09:37 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-08-10 09:36 . 2013-08-10 09:36 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-08-10 09:36 . 2013-08-10 09:38 -------- d-----w- c:\program files\ATI Technologies
2013-08-10 09:36 . 2013-08-10 09:36 -------- d-----w- c:\program files\ATI
2013-08-10 09:29 . 2013-08-10 09:29 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-08-10 09:29 . 2013-08-10 09:29 -------- d-----w- c:\program files\Realtek
2013-08-10 09:26 . 2013-07-15 01:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30AC704E-2D26-4631-BB74-54E7E109B933}\mpengine.dll
2013-08-10 09:26 . 2013-05-02 00:06 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-10 09:22 . 2013-08-10 09:22 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-10 09:22 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-10 09:22 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-10 09:22 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"DriverChecker.exe"="d:\programy\Driver Checker\DriverChecker.exe" [2010-01-07 13560832]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 atillk64;atillk64;c:\program files (x86)\AMD\System Monitor\atillk64.sys;c:\program files (x86)\AMD\System Monitor\atillk64.sys [x]
R3 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\
FF - ExtSQL: 2013-07-26 09:32; toolbar_KMPV7@apn.ask.com; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\extensions\toolbar_KMPV7@apn.ask.com.xpi
FF - ExtSQL: 2013-08-10 11:21; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-10 12:44; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-08-11 13:36; ascsurfingprotection@iobit.com; c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\47kh5saj.default\extensions\ascsurfingprotection@iobit.com
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{4B4D5056-3700-A76A-76A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll
Wow6432Node-HKLM-Run-ApnTBMon - c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-08-12 14:21:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-12 12:21
ComboFix2.txt 2013-08-11 18:55
.
Před spuštěním: 72 901 738 496 bytes free
Po spuštění: 72 515 702 784 bytes free
.
- - End Of File - - 810FC39E343EF41AEF2CD4E88256053F
A36C5E4F47E84449FF07ED3517B43A31

Amurex · Příspěvekod **Amurex** » 12 srp 2013 15:56

to druhy dodam k veceru... hrozne pomalu se to stahuje .. po 1kb/s

Příspěvekod **memphisto** » 12 srp 2013 16:59

Najdi a ručně smaž tyhle složky:
c:\program files (x86)\AskPartnerNetwork
c:\programdata\AskPartnerNetwork
c:\programdata\APN

Příspěvekod **memphisto** » 12 srp 2013 17:01

Dodej ten druhý a pak...

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

ručně smaž tyhle složky:
c:\program files (x86)\AskPartnerNetwork
c:\programdata\AskPartnerNetwork
c:\programdata\APN

Amurex · Příspěvekod **Amurex** » 12 srp 2013 18:19

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-08-12 18:13:33
-----------------------------
18:13:33.065 OS Version: Windows x64 6.1.7600
18:13:33.065 Number of processors: 2 586 0x4303
18:13:33.065 ComputerName: USER-PC UserName: user
18:13:34.081 Initialize success
18:13:35.393 AVAST engine defs: 13081200
18:13:46.081 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
18:13:46.081 Disk 0 Vendor: ST325041 3.AA Size: 238474MB BusType: 3
18:13:46.424 Disk 0 MBR read successfully
18:13:46.424 Disk 0 MBR scan
18:13:46.424 Disk 0 Windows 7 default MBR code
18:13:46.440 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:13:46.456 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99900 MB offset 206848
18:13:46.471 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 90000 MB offset 204802048
18:13:46.893 Disk 0 scanning C:\Windows\system32\drivers
18:13:55.331 Service scanning
18:14:09.784 Modules scanning
18:14:09.784 Disk 0 trace - called modules:
18:14:09.799 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
18:14:09.799 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048a0060]
18:14:09.815 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004514b20]
18:14:09.815 5 ACPI.sys[fffff88000ede781] -> nt!IofCallDriver -> \Device\0000005e[0xfffffa800437d720]
18:14:10.096 AVAST engine scan C:\Windows
18:14:16.393 AVAST engine scan C:\Windows\system32
18:16:35.018 AVAST engine scan C:\Windows\system32\drivers
18:17:00.299 AVAST engine scan C:\Users\user
18:17:35.362 AVAST engine scan C:\ProgramData
18:17:45.362 Scan finished successfully
18:18:29.315 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
18:18:29.315 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"

Příspěvekod **memphisto** » 12 srp 2013 18:27

Provedeno? Co PC?

Amurex · Příspěvekod **Amurex** » 12 srp 2013 18:31

Všechno jsem udělal ... budu muset asi ten pc chvili testovat... kazdopadne totalne nechapu ten muj procesor..jak muze byt v takove zatezi ..

Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Re: Prosím o kontrolu logu :)

Kdo je online