kontrola logu spomalené pc nežádoucí error Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 02 lis 2013 18:56

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : pidlo [Práva správce]
Mód : Kontrola -- Datum : 11/02/2013 18:54:46
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] TorchCrashHandler.exe -- C:\Users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[APPINIT][SUSP PATH] HKLM\[...]\Windows : AppInit_DLLs (C:\PROGRA~3\Wincert\WIN64C~1.DLL C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll [-][x]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 9d3fe8e361a2ed1bd8de605a7dc83841
[BSP] d437633418b06fce5f9faffdf0544274 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11022013_185446.txt >>
RKreport[0]_S_11012013_123745.txt
Nahoru
Reklama
Top
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 02 lis 2013 19:42

Mám zkusit Mbam mám znovu zkust, jdu ted do sprchy díky moc hoši pokud sem nědo dáte tak budu pokračovat zítra mám toho moc.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43339
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod jaro3 » 03 lis 2013 10:22

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller



Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 03 lis 2013 17:27

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : pidlo [Práva správce]
Mód : Kontrola -- Datum : 11/03/2013 17:27:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] TorchCrashHandler.exe -- C:\Users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (:0 [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-1CH162 ATA Device +++++
--- User ---
[MBR] 9d3fe8e361a2ed1bd8de605a7dc83841
[BSP] d437633418b06fce5f9faffdf0544274 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11032013_172704.txt >>
RKreport[0]_S_11012013_123745.txt;RKreport[0]_S_11022013_185446.txt
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 03 lis 2013 17:40

ComboFix 13-11-03.02 - pidlo 03.11.2013 17:30:15.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8142.6452 [GMT 1:00]
Spuštěný z: c:\users\pidlo\Desktop\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-03 do 2013-11-03 )))))))))))))))))))))))))))))))
.
.
2013-11-03 16:37 . 2013-11-03 16:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-03 16:37 . 2013-11-03 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-03 05:28 . 2013-11-03 05:28 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2013-11-01 15:16 . 2013-11-02 17:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-11-01 15:16 . 2013-11-01 15:16 -------- d-----w- c:\program files (x86)\GRETECH
2013-11-01 06:28 . 2013-11-02 17:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-01 06:25 . 2013-11-01 09:54 -------- d-----w- C:\AdwCleaner
2013-11-01 06:25 . 2013-11-03 05:28 -------- d-----w- c:\users\pidlo\AppData\Local\CrashDumps
2013-10-31 15:26 . 2013-10-31 15:26 -------- d-----w- c:\users\pidlo\AppData\Local\Opera Software
2013-10-31 15:26 . 2013-10-31 15:26 -------- d-----w- c:\users\pidlo\AppData\Roaming\Opera Software
2013-10-31 14:23 . 2013-11-02 17:31 -------- d-----w- c:\program files\McAfee Security Scan
2013-10-31 13:52 . 2013-10-31 13:52 -------- d-----w- c:\programdata\McAfee
2013-10-31 09:34 . 2013-10-31 09:34 388096 ----a-r- c:\users\pidlo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-31 09:30 . 2013-10-31 09:30 -------- d-----w- c:\program files (x86)\Trend Micro
2013-10-31 08:45 . 2013-04-11 13:10 2498216 ----a-w- c:\windows\SysWow64\BootMan.exe
2013-10-31 08:45 . 2013-03-28 18:02 3376640 ----a-w- c:\windows\system32\BootMan.exe
2013-10-31 08:45 . 2013-03-07 08:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2013-10-31 08:45 . 2013-03-07 08:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2013-10-31 08:45 . 2013-03-07 08:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
2013-10-31 08:45 . 2013-03-07 08:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys
2013-10-31 08:45 . 2013-03-07 08:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
2013-10-31 08:45 . 2013-03-07 08:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
2013-10-31 08:45 . 2013-03-07 08:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2013-10-31 08:44 . 2013-03-07 08:49 13896 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2013-10-31 08:44 . 2013-10-31 08:44 -------- d-----w- c:\program files (x86)\EaseUS
2013-10-28 09:03 . 2013-10-28 09:03 -------- d-----w- c:\program files (x86)\Overwolf
2013-10-28 09:03 . 2013-10-28 09:03 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2013-10-28 09:01 . 2013-11-03 05:28 -------- d-----w- c:\users\pidlo\AppData\Local\Overwolf
2013-10-28 09:01 . 2013-10-30 04:41 -------- d-----w- c:\users\pidlo\AppData\Roaming\TS3Client
2013-10-28 09:01 . 2013-10-28 09:01 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-10-20 16:38 . 2013-10-20 16:38 -------- d-----w- c:\users\pidlo\AppData\Local\Dreambelievers
2013-10-20 16:38 . 2013-10-20 16:38 -------- d-----w- c:\program files (x86)\Pokemon Online
2013-10-20 13:00 . 2013-10-20 13:00 -------- d-----w- c:\users\pidlo\AppData\Local\Gameforge4d
2013-10-20 13:00 . 2013-10-20 13:00 -------- d-----w- c:\program files (x86)\GameforgeLive
2013-10-20 07:28 . 2013-10-20 07:28 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-19 18:03 . 2013-10-19 18:03 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-19 18:03 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-12 04:19 . 2013-10-12 19:07 -------- d-----w- c:\users\pidlo\AppData\Roaming\GetRightToGo
2013-10-11 17:33 . 2013-10-11 17:33 -------- d-----w- c:\program files (x86)\Common Files\COMODO
2013-10-10 05:00 . 2013-09-22 22:54 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-10-10 05:00 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-10-10 03:50 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-10 03:50 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 03:50 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 03:50 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 08:58 . 2013-10-09 08:58 4879744 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 08:58 . 2013-10-09 08:58 4879744 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-03 05:28 . 2013-06-25 16:31 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2013-10-10 04:56 . 2013-07-04 03:34 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-10 04:20 . 2013-06-25 20:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-10 04:20 . 2013-06-25 20:56 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-25 15:55 . 2013-09-25 15:55 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-09-25 15:55 . 2013-09-25 15:55 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-09-24 10:54 . 2013-06-18 14:16 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-06-18 14:16 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-06-18 14:16 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 10:54 . 2013-06-18 14:16 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-06-18 14:15 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 10:53 . 2013-06-18 14:15 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 10:53 . 2013-06-18 14:15 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 10:53 . 2013-06-18 14:15 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 10:53 . 2013-06-18 14:15 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 10:53 . 2013-06-18 14:15 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53 . 2013-06-18 14:15 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-23 06:05 . 2013-06-26 22:02 234544 ----a-w- c:\windows\RegBootClean64.exe
2013-09-21 12:32 . 2013-06-26 22:02 22064 ----a-w- c:\windows\DCEBoot64.exe
2013-09-05 09:35 . 2013-09-05 09:35 55504 ----a-w- c:\windows\SysWow64\offreg.dll
2013-09-05 05:32 . 2013-09-24 07:18 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{56EFB824-70CE-4517-897B-14422F2334BF}\mpengine.dll
2013-08-29 01:48 . 2013-10-10 03:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-11 08:58 . 2013-08-11 08:58 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-11 08:58 . 2013-07-16 16:11 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-11 08:58 . 2013-07-16 16:11 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-11 08:58 . 2013-08-11 08:58 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-30 1820584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2013-06-27 438272]
"Facebook Update"="c:\users\pidlo\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-09-20 138096]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2013-10-23 35256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-10-23 502328]
"BMISR"="c:\program files (x86)\KYE\WebMate\BM.exe" [2008-08-19 208896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-12 1673680]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-10-11 2327248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" [2013-03-29 2081792]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe [2012-8-16 316416]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-10-11 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DatamngrCoordinator;Datamngr Coordinator;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TorchCrashHandler;Torch Crash Handler;c:\users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe;c:\users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NTIOLIB_1_0_3
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-25 04:21]
.
2013-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000Core.job
- c:\users\pidlo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-20 13:40]
.
2013-11-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000UA.job
- c:\users\pidlo\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-20 13:40]
.
2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25 16:28]
.
2013-11-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-25 16:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-12-28 6962400]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-10-20 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{75AEBB83-E41F-4DAD-A28B-B3CF769DDFF0}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.yahoo.com?fr=fp-comodo
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)
Toolbar-10 - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2691084384-2035743029-1837049220-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-03 17:39:17
ComboFix-quarantined-files.txt 2013-11-03 16:39
ComboFix2.txt 2013-11-02 18:33
.
Před spuštěním: Volných bajtů: 396 326 125 568
Po spuštění: Volných bajtů: 396 305 440 768
.
- - End Of File - - AB269F7E3FE7C0193182C90B4E265138
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43339
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod jaro3 » 04 lis 2013 09:54

Odinstaluj:
McAfee Security Scan

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\McAfee Security Scan
c:\programdata\McAfee
c:\program files (x86)\Skype\Updater
c:\users\pidlo\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

RegLock::
[HKEY_USERS\S-1-5-21-2691084384-2035743029-1837049220-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 04 lis 2013 17:57

ComboFix 13-11-03.02 - pidlo 04.11.2013 17:41:49.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8142.6324 [GMT 1:00]
Spuštěný z: c:\users\pidlo\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pidlo\Desktop\CFScript.txt
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.99\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.99\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.99\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.99\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.99\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.99\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_am.dlla
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.99\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.99\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.99\psuser.dll
c:\program files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\18.0.1025.142\chrome_installer.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\program files\McAfee Security Scan
c:\program files\McAfee Security Scan\3.8.130\avvclean.dat
c:\program files\McAfee Security Scan\3.8.130\avvnames.dat
c:\program files\McAfee Security Scan\3.8.130\avvscan.dat
c:\program files\McAfee Security Scan\3.8.130\config.dat
c:\program files\McAfee Security Scan\3.8.130\sacoredata\uds_filetypes.txt
c:\program files\McAfee Security Scan\3.8.130\sacoredata\uds_hosting.txt
c:\program files\McAfee Security Scan\3.8.130\sacoredata\uds_tlds.txt
c:\program files\McAfee Security Scan\3.8.130\signlic.txt
c:\users\pidlo\AppData\Local\Facebook\Update
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\pidlo\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\pidlo\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2691084384-2035743029-1837049220-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-04 do 2013-11-04 )))))))))))))))))))))))))))))))
.
.
2013-11-04 16:51 . 2013-11-04 16:51 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2013-11-04 16:49 . 2013-11-04 16:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-04 16:49 . 2013-11-04 16:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-04 16:30 . 2013-11-04 16:30 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-11-01 15:16 . 2013-11-02 17:31 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-11-01 15:16 . 2013-11-01 15:16 -------- d-----w- c:\program files (x86)\GRETECH
2013-11-01 06:28 . 2013-11-02 17:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-01 06:25 . 2013-11-01 09:54 -------- d-----w- C:\AdwCleaner
2013-11-01 06:25 . 2013-11-04 16:34 -------- d-----w- c:\users\pidlo\AppData\Local\CrashDumps
2013-10-31 15:26 . 2013-10-31 15:26 -------- d-----w- c:\users\pidlo\AppData\Local\Opera Software
2013-10-31 15:26 . 2013-10-31 15:26 -------- d-----w- c:\users\pidlo\AppData\Roaming\Opera Software
2013-10-31 09:34 . 2013-10-31 09:34 388096 ----a-r- c:\users\pidlo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-31 09:30 . 2013-10-31 09:30 -------- d-----w- c:\program files (x86)\Trend Micro
2013-10-31 08:45 . 2013-04-11 13:10 2498216 ----a-w- c:\windows\SysWow64\BootMan.exe
2013-10-31 08:45 . 2013-03-28 18:02 3376640 ----a-w- c:\windows\system32\BootMan.exe
2013-10-31 08:45 . 2013-03-07 08:49 9160 ----a-w- c:\windows\SysWow64\EuGdiDrv.sys
2013-10-31 08:45 . 2013-03-07 08:49 87112 ----a-w- c:\windows\SysWow64\setupempdrv03.exe
2013-10-31 08:45 . 2013-03-07 08:49 9800 ----a-w- c:\windows\system32\EuGdiDrv.sys
2013-10-31 08:45 . 2013-03-07 08:49 17480 ----a-w- c:\windows\system32\epmntdrv.sys
2013-10-31 08:45 . 2013-03-07 08:49 100936 ----a-w- c:\windows\system32\setupempdrvx64.exe
2013-10-31 08:45 . 2013-03-07 08:49 16256 ----a-w- c:\windows\system32\EuEpmGdi.dll
2013-10-31 08:45 . 2013-03-07 08:49 19840 ----a-w- c:\windows\SysWow64\EuEpmGdi.dll
2013-10-31 08:44 . 2013-03-07 08:49 13896 ----a-w- c:\windows\SysWow64\epmntdrv.sys
2013-10-31 08:44 . 2013-10-31 08:44 -------- d-----w- c:\program files (x86)\EaseUS
2013-10-28 09:03 . 2013-10-28 09:03 -------- d-----w- c:\program files (x86)\Overwolf
2013-10-28 09:03 . 2013-10-28 09:03 -------- d-----w- c:\program files (x86)\Common Files\Overwolf
2013-10-28 09:01 . 2013-11-04 16:34 -------- d-----w- c:\users\pidlo\AppData\Local\Overwolf
2013-10-28 09:01 . 2013-10-30 04:41 -------- d-----w- c:\users\pidlo\AppData\Roaming\TS3Client
2013-10-28 09:01 . 2013-10-28 09:01 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-10-20 16:38 . 2013-10-20 16:38 -------- d-----w- c:\users\pidlo\AppData\Local\Dreambelievers
2013-10-20 16:38 . 2013-10-20 16:38 -------- d-----w- c:\program files (x86)\Pokemon Online
2013-10-20 13:00 . 2013-10-20 13:00 -------- d-----w- c:\users\pidlo\AppData\Local\Gameforge4d
2013-10-20 13:00 . 2013-10-20 13:00 -------- d-----w- c:\program files (x86)\GameforgeLive
2013-10-20 07:28 . 2013-10-20 07:28 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-19 18:03 . 2013-10-19 18:03 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-10-19 18:03 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-12 04:19 . 2013-10-12 19:07 -------- d-----w- c:\users\pidlo\AppData\Roaming\GetRightToGo
2013-10-11 17:33 . 2013-10-11 17:33 -------- d-----w- c:\program files (x86)\Common Files\COMODO
2013-10-10 05:00 . 2013-09-22 22:54 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-10-10 05:00 . 2013-09-22 22:54 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-10-10 03:50 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-10 03:50 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 03:50 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 03:50 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 08:58 . 2013-10-09 08:58 4879744 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 08:58 . 2013-10-09 08:58 4879744 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-04 16:51 . 2013-06-25 16:31 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2013-10-10 04:56 . 2013-07-04 03:34 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-10 04:20 . 2013-06-25 20:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-10 04:20 . 2013-06-25 20:56 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-25 15:55 . 2013-09-25 15:55 56072 ----a-w- c:\windows\system32\certsentry.dll
2013-09-25 15:55 . 2013-09-25 15:55 47368 ----a-w- c:\windows\SysWow64\certsentry.dll
2013-09-24 10:54 . 2013-06-18 14:16 96800 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:54 . 2013-06-18 14:16 48872 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:54 . 2013-06-18 14:16 709144 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-09-24 10:54 . 2013-06-18 14:16 23168 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2013-06-18 14:15 43216 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 10:53 . 2013-06-18 14:15 354240 ----a-w- c:\windows\SysWow64\guard32.dll
2013-09-24 10:53 . 2013-06-18 14:15 444392 ----a-w- c:\windows\system32\guard64.dll
2013-09-24 10:53 . 2013-06-18 14:15 347864 ----a-w- c:\windows\system32\cmdvrt64.dll
2013-09-24 10:53 . 2013-06-18 14:15 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2013-09-24 10:53 . 2013-06-18 14:15 280792 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2013-09-24 10:53 . 2013-06-18 14:15 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2013-09-23 06:05 . 2013-06-26 22:02 234544 ----a-w- c:\windows\RegBootClean64.exe
2013-09-21 12:32 . 2013-06-26 22:02 22064 ----a-w- c:\windows\DCEBoot64.exe
2013-09-05 09:35 . 2013-09-05 09:35 55504 ----a-w- c:\windows\SysWow64\offreg.dll
2013-09-05 05:32 . 2013-09-24 07:18 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{56EFB824-70CE-4517-897B-14422F2334BF}\mpengine.dll
2013-08-29 01:48 . 2013-10-10 03:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-11 08:58 . 2013-08-11 08:58 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-11 08:58 . 2013-07-16 16:11 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-11 08:58 . 2013-07-16 16:11 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-11 08:58 . 2013-08-11 08:58 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-07 02:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-10-30 1820584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2013-06-27 438272]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2013-10-23 35256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-10-23 502328]
"BMISR"="c:\program files (x86)\KYE\WebMate\BM.exe" [2008-08-19 208896]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-12 1673680]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-10-11 2327248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" [2013-03-29 2081792]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe [2012-8-16 316416]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe "unit_manager.exe" [2013-10-11 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DatamngrCoordinator;Datamngr Coordinator;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TorchCrashHandler;Torch Crash Handler;c:\users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe;c:\users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-25 04:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-12-28 6962400]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-10-20 1612504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{75AEBB83-E41F-4DAD-A28B-B3CF769DDFF0}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\
FF - prefs.js: browser.startup.homepage - hxxp://us.yahoo.com?fr=fp-comodo
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-Facebook Update - c:\users\pidlo\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2691084384-2035743029-1837049220-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2013-11-04 17:54:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-04 16:54
ComboFix2.txt 2013-11-03 16:39
ComboFix3.txt 2013-11-02 18:33
.
Před spuštěním: Volných bajtů: 396 011 409 408
Po spuštění: Volných bajtů: 395 745 562 624
.
- - End Of File - - BF9D0D101FA77B55C4FC45AF66823760
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 04 lis 2013 17:59

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:59:05, on 4.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [BMISR] C:\Program Files (x86)\KYE\WebMate\BM.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
O4 - HKUS\S-1-5-21-2691084384-2035743029-1837049220-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2691084384-2035743029-1837049220-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{75AEBB83-E41F-4DAD-A28B-B3CF769DDFF0}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{75AEBB83-E41F-4DAD-A28B-B3CF769DDFF0}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{75AEBB83-E41F-4DAD-A28B-B3CF769DDFF0}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf Ltd - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\pidlo\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10514 bytes
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 04 lis 2013 18:05

aswmbr vyhazuje toto
3ŔŽĐĽ |ŽŔŽŘľ |ż ą üó¤PhËűą ˝ľ€~ |…ƒĹâń͈V UĆFĆF ´A»ŞUÍ]rűUŞu ÷Á tţFf`€~ t&fh f˙vh h |h h ´BŠV ‹ôÍźƒÄžë¸» |ŠV ŠvŠNŠnÍfasţNu €~ €„Š ˛€ë„U2äŠV Í]랁>ţ}UŞun˙v čŤ uú°Ńćdčƒ °ßć`č| °˙ćdču ű¸ »Íf#Ŕu;fűTCPAu2ůr,fh» fh  fh fSfSfUfh fh | fah ÍZ2öę | Í ·ë ¶ë µ2ä ‹đ¬< t » ´Íëňôëý+Éädë $ŕř$ĂInvalid partition table Error loading operating system Missing operating system c{šJ¤µV € ! ß   ß ţ˙˙ ( 8mt UŞ
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43339
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod jaro3 » 05 lis 2013 09:55

Odinstaluj:
AskPartnerNetwork

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: (no name) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-21-2691084384-2035743029-1837049220-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')


aswmbr zkus v nouz. režimu.

znovu adwcleaner a JRT.+MbAM.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 06 lis 2013 21:18

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-06 21:17:41
-----------------------------
21:17:41.468 OS Version: Windows x64 6.1.7601 Service Pack 1
21:17:41.468 Number of processors: 4 586 0x3A09
21:17:41.468 ComputerName: PIDLINEK UserName: pidlo
21:17:43.183 Initialize success
21:17:48.598 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:17:48.598 Disk 0 Vendor: ST1000DM003-1CH162 CC47 Size: 953869MB BusType: 11
21:17:48.728 Disk 0 MBR read successfully
21:17:48.738 Disk 0 MBR scan
21:17:48.738 Disk 0 Windows 7 default MBR code
21:17:48.738 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:17:48.758 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
21:17:48.788 Disk 0 scanning C:\Windows\system32\drivers
21:17:56.688 Service scanning
21:18:02.823 Service MSICDSetup D:\CDriver64.sys **LOCKED** 21
21:18:03.908 Service NTIOLib_1_0_C D:\NTIOLib_X64.sys **LOCKED** 21
21:18:08.201 Modules scanning
21:18:08.201 Disk 0 trace - called modules:
21:18:08.221 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:18:08.231 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077ca060]
21:18:08.231 3 CLASSPNP.SYS[fffff8800191943f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007142060]
21:18:08.241 Scan finished successfully
21:18:13.331 Disk 0 MBR has been saved successfully to "C:\Users\pidlo\Desktop\MBR.dat"
21:18:13.331 The log file has been saved successfully to "C:\Users\pidlo\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-06 21:20:05
-----------------------------
21:20:05.102 OS Version: Windows x64 6.1.7601 Service Pack 1
21:20:05.102 Number of processors: 4 586 0x3A09
21:20:05.102 ComputerName: PIDLINEK UserName: pidlo
21:20:13.916 Initialize success
21:20:15.944 AVAST engine download error: 0
21:20:33.916 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:20:33.916 Disk 0 Vendor: ST1000DM003-1CH162 CC47 Size: 953869MB BusType: 11
21:20:34.040 Disk 0 MBR read successfully
21:20:34.040 Disk 0 MBR scan
21:20:34.040 Disk 0 Windows 7 default MBR code
21:20:34.040 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:20:34.056 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
21:20:34.072 Disk 0 scanning C:\Windows\system32\drivers
21:20:38.814 Service scanning
21:20:43.400 Service MSICDSetup D:\CDriver64.sys **LOCKED** 21
21:20:43.822 Service NTIOLib_1_0_C D:\NTIOLib_X64.sys **LOCKED** 21
21:20:47.207 Modules scanning
21:20:47.207 Disk 0 trace - called modules:
21:20:47.222 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
21:20:47.222 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800777b790]
21:20:47.222 3 CLASSPNP.SYS[fffff8800191d43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007150060]
21:20:47.222 Scan finished successfully
21:20:51.918 Disk 0 MBR has been saved successfully to "C:\Users\pidlo\Desktop\MBR.dat"
21:20:51.918 The log file has been saved successfully to "C:\Users\pidlo\Desktop\aswMBR.txt"
Nahoru
Uživatelský avatar
pidlo
Level 4
Level 4
Příspěvky: 1267
Registrován: únor 12
Bydliště: Boskovice
Pohlaví: Muž
Stav:
Offline

Re: kontrola logu spomalené pc nežádoucí error

Příspěvekod pidlo » 06 lis 2013 21:26

# AdwCleaner v3.010 - Report created 01/11/2013 at 07:26:13
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : pidlo - PIDLINEK
# Running from : C:\Users\pidlo\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP
Service Found : DatamngrCoordinator
Service Found : torchcrashhandler

***** [ Files / Folders ] *****

File Found : C:\Users\pidlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Found : C:\Users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\searchplugins\Ask.xml
File Found : C:\Users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\searchplugins\bingp.xml
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\Program Files (x86)\Movies Toolbar
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\ProgramData\BitGuard
Folder Found C:\ProgramData\Browser Manager
Folder Found C:\ProgramData\BrowserProtect
Folder Found C:\ProgramData\torchcrashhandler
Folder Found C:\ProgramData\Trymedia
Folder Found C:\Users\pidlo\AppData\Local\Ilivid
Folder Found C:\Users\pidlo\AppData\Local\ilividmoviestoolbardla
Folder Found C:\Users\pidlo\AppData\Local\Temp\apn
Folder Found C:\Users\pidlo\AppData\Local\torch
Folder Found C:\Users\pidlo\AppData\LocalLow\ilividmoviestoolbardla
Folder Found C:\Users\pidlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Folder Found C:\Users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\ilividmoviestoolbardla

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN32C~1.DLL
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MOVIES~1\Datamngr\x64\mgrldr.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\ilividmoviestoolbardla
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Found : HKCU\Software\torch
Key Found : [x64] HKCU\Software\APN DTX
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\Headlight
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\ilividmoviestoolbardla
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\torch
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaIE
Key Found : HKLM\Software\torch
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\prefs.js ]

Line Found : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v18.0.1025.142

[ File : C:\Users\pidlo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [6527 octets] - [01/11/2013 07:26:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6587 octets] ##########
# AdwCleaner v3.011 - Report created 06/11/2013 at 21:26:01
# Updated 03/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : pidlo - PIDLINEK
# Running from : C:\Users\pidlo\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : DatamngrCoordinator
Service Found : torchcrashhandler

***** [ Files / Folders ] *****

File Found : C:\Users\pidlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Folder Found C:\Program Files (x86)\Movies Toolbar
Folder Found C:\ProgramData\torchcrashhandler
Folder Found C:\Users\pidlo\AppData\Local\Ilivid
Folder Found C:\Users\pidlo\AppData\Local\torch
Folder Found C:\Users\pidlo\AppData\LocalLow\ilividmoviestoolbardla
Folder Found C:\Users\pidlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN DTX
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\ilividmoviestoolbardla
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Key Found : HKCU\Software\torch
Key Found : [x64] HKCU\Software\APN DTX
Key Found : [x64] HKCU\Software\Headlight
Key Found : [x64] HKCU\Software\ilivid
Key Found : [x64] HKCU\Software\ilividmoviestoolbardla
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKCU\Software\torch
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Found : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaIE
Key Found : HKLM\Software\torch
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\pidlo\AppData\Roaming\Mozilla\Firefox\Profiles\4b6lovyk.default\prefs.js ]

Line Found : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v18.0.1025.142

[ File : C:\Users\pidlo\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10763 octets] - [01/11/2013 07:26:13]
AdwCleaner[R1].txt - [6791 octets] - [01/11/2013 10:38:06]
AdwCleaner[S0].txt - [6485 octets] - [01/11/2013 10:53:41]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10944 octets] ##########
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Google [Bot] a 29 hostů