Pomalý PC a internet (docela často padne) Vyřešeno

[axplus2]

zdravím... poslední dobou mám nějak zpomalený PC. Přidal se k tomu přidal i internet, který jede pomalu a někdy úplně spadne. Padá mi od včerejška, což může být způsobené tím, že jsem včera nastavoval domácí síť s přístupem na internet přes AP, to je však jiné téma. Ale pomalý je přes 2 měsíce.

proto prosím o kontrolu logu, děkuji:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:55:15, on 5.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\TOM\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://t3-1.search.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" /tray
O4 - HKCU\..\Run: [Google Update] "C:\Users\TOM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9879 bytes

[Reklama]

[Damned]

Vypni si Avast! WebRep.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://t3-1.search.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\TOM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
********************************************************************************************************************************************************************************
Stáhni si AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“

Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
********************************************************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti: Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko Konec.
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje a poté kliknutím na OK spusť program
- nech vybranou možnost Rychlá kontrola a klikni na tlačítko Prohledat

Bude-li nalezen problém:
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost Uložit protokol a ulož si log na Plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
- výsledný log mi sem zkopíruj
(zatím nic nemaž!).

Nebude-li nalezen problém:
- Klikni na tlačítko "OK" a sděl mi to

[axplus2]

ADW

# AdwCleaner v3.016 - Report created 05/01/2014 at 20:09:39
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TOM - TOM-PC
# Running from : C:\Users\TOM\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\GoforFilesUpdate
Folder Found : C:\Users\TOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Found C:\Program Files (x86)\Common Files\Spigot
Folder Found C:\Program Files (x86)\SimilarSites
Folder Found C:\Users\TOM\AppData\Local\PackageAware
Folder Found C:\Users\TOM\AppData\Roaming\goforfiles
Folder Found C:\Users\TOM\AppData\Roaming\SimilarSites

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\GoforFiles
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFEAF3D0-307E-4F52-B64A-AF56BABE82B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFEAF3D0-307E-4F52-B64A-AF56BABE82B5}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\GoforFiles
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\Software\GoforFiles
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_grand-theft-auto_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_grand-theft-auto_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : [x64] HKLM\SOFTWARE\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\TOM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3567 octets] - [05/01/2014 19:08:03]
AdwCleaner[R1].txt - [3627 octets] - [05/01/2014 19:19:49]
AdwCleaner[R2].txt - [3515 octets] - [05/01/2014 20:09:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3575 octets] ##########





MBAM

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
TOM :: TOM-PC [administrátor]

Ochrana: Zakázána

5.1.2014 20:10:40
MBAM-log-2014-01-05 (20-16-43).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 231722
Uplynulý čas: 3 minut, 18 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFEAF3D0-307E-4F52-B64A-AF56BABE82B5} (PUP.Optional.SearchCom) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFEAF3D0-307E-4F52-B64A-AF56BABE82B5} (PUP.Optional.SearchCom) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zr1K1L1F1L2Y2XyC0X -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Damned]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“).
Klikni na „ Delete“.
Program provede opravu, po automatickém restartu se ukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
********************************************************************************************************************************************************************************
Spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec

[axplus2]

ADW

# AdwCleaner v3.016 - Report created 05/01/2014 at 21:30:53
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : TOM - TOM-PC
# Running from : C:\Users\TOM\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\SimilarSites
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\TOM\AppData\Local\PackageAware
Folder Deleted : C:\Users\TOM\AppData\Roaming\goforfiles
Folder Deleted : C:\Users\TOM\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\TOM\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
File Deleted : C:\Windows\System32\Tasks\GoforFilesUpdate

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_grand-theft-auto_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_grand-theft-auto_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFEAF3D0-307E-4F52-B64A-AF56BABE82B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFEAF3D0-307E-4F52-B64A-AF56BABE82B5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\PIP
Key Deleted : [x64] HKLM\SOFTWARE\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\TOM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3567 octets] - [05/01/2014 21:28:02]
AdwCleaner[S0].txt - [3353 octets] - [05/01/2014 21:30:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3413 octets] ##########




MBAM

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.04.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
TOM :: TOM-PC [administrátor]

Ochrana: Povolena

5.1.2014 21:33:31
mbam-log-2014-01-05 (21-33-31).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 231910
Uplynulý čas: 4 minut, 35 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Damned]

Vypni rezidentní štít antiviru.
Stáhni si ComboFix (by sUBs) nebo ComboFix (subs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[axplus2]

ComboFix 14-01-04.03 - TOM 06.01.2014 10:50:33.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4094.3040 [GMT 1:00]
Spuštěný z: c:\users\TOM\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Antivirus *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\RazorDOX
c:\windows\RazorDOX\RazorDOX.dll
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-06 do 2014-01-06 )))))))))))))))))))))))))))))))
.
.
2014-01-06 09:56 . 2014-01-06 09:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-05 20:27 . 2014-01-05 20:31 -------- d-----w- C:\AdwCleaner
2014-01-04 19:26 . 2014-01-04 19:26 -------- d-----w- c:\users\TOM\AppData\Roaming\Malwarebytes
2014-01-04 19:26 . 2014-01-04 19:26 -------- d-----w- c:\programdata\Malwarebytes
2013-12-30 16:15 . 2013-12-30 16:15 -------- d-----w- c:\programdata\Creative Labs
2013-12-30 10:38 . 2013-12-30 10:38 -------- d-----w- c:\users\TOM\AppData\Local\DOSBox
2013-12-30 10:38 . 2013-12-30 10:39 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2013-12-27 16:22 . 2013-12-27 16:22 -------- d-----w- C:\PC TRANSLATOR DEMO
2013-12-27 16:21 . 2013-12-27 16:22 -------- d-----w- c:\users\TOM\AppData\Roaming\LangSoft
2013-12-27 16:21 . 2013-12-27 16:21 -------- d-----w- c:\programdata\LangSoft
2013-12-27 11:21 . 2013-12-27 12:33 -------- d-----w- c:\program files (x86)\Scorpions WinCheater
2013-12-24 20:17 . 2013-12-24 20:17 -------- d-----w- C:\FoxPDF
2013-12-24 20:17 . 2013-12-30 10:26 -------- d-----w- c:\windows\SysWow64\FoxPDF
2013-12-24 20:17 . 2013-12-30 10:26 -------- d-----w- c:\program files (x86)\PDF to Doc Converter
2013-12-22 16:44 . 2013-12-22 16:45 24097311 ----a-w- C:\vlc-2.1.2-win32.exe
2013-12-16 15:58 . 2013-12-19 18:41 -------- d-----w- c:\users\TOM\AppData\Local\Wings of Prey
2013-12-16 15:57 . 2013-12-16 15:57 -------- d-----w- c:\users\TOM\AppData\Local\WOP
2013-12-16 15:57 . 2013-12-16 15:57 -------- d-----w- c:\programdata\WOP
2013-12-10 16:41 . 2013-12-30 10:46 -------- d-----w- c:\users\TOM\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-22 00:29 . 2013-03-14 22:19 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-12-22 00:29 . 2013-03-14 22:19 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-12-22 00:29 . 2013-03-14 22:19 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-12-22 00:29 . 2013-03-14 22:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-12-11 18:33 . 2013-01-31 15:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:33 . 2013-01-31 15:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 10:43 . 2013-03-13 10:43 6132720 ----a-w- c:\program files\LCCH_0700_PCDRV_17_1_01_01.exe
2012-08-03 12:51 . 2013-03-13 10:55 102480 ------w- c:\program files\CtDrvStp.exe
2011-11-22 15:41 . 2013-03-13 10:55 1065472 ------w- c:\program files\CTAFX64.dll
2011-11-22 15:39 . 2013-03-13 10:55 889344 ------w- c:\program files\CTAFX32.dll
2011-09-07 00:00 . 2013-03-13 10:55 393920 ------w- c:\program files\V0700Vid64.sys
2011-09-07 00:00 . 2013-03-13 10:55 322528 ------w- c:\program files\V0700Vid.sys
2011-08-22 14:48 . 2013-03-13 10:55 45056 ------w- c:\program files\V0700Pin.dll
2011-08-22 14:48 . 2013-03-13 10:55 28672 ------w- c:\program files\V0700Mon.exe
2011-08-22 14:47 . 2013-03-13 10:55 102400 ------w- c:\program files\V0700Ext.crl
2011-08-22 14:47 . 2013-03-13 10:55 114688 ------w- c:\program files\V0700Ext.ax
2011-08-22 14:39 . 2013-03-13 10:55 46592 ------w- c:\program files\V0700Pin64.dll
2011-08-22 14:38 . 2013-03-13 10:55 93184 ------w- c:\program files\V0700Ext64.crl
2011-08-22 14:38 . 2013-03-13 10:55 134656 ------w- c:\program files\V0700Ext64.ax
2011-07-27 18:21 . 2013-03-13 10:55 109056 ------w- c:\program files\CtDrvIns64.exe
2011-07-27 18:14 . 2013-03-13 10:55 204800 ------w- c:\program files\CtStpCD.crl
2011-07-27 18:12 . 2013-03-13 10:55 94208 ------w- c:\program files\CtDrvIns.exe
2011-05-25 11:17 . 2013-03-13 10:55 45056 ------w- c:\program files\CTTwain.ds
2011-05-25 11:10 . 2013-03-13 10:55 163840 ------w- c:\program files\CTTwain.dll
2011-05-25 11:09 . 2013-03-13 10:55 221184 ------w- c:\program files\CtTwain.crl
2011-05-25 11:09 . 2013-03-13 10:55 45056 ------w- c:\program files\CtStpCD.dll
2011-05-25 11:07 . 2013-03-13 10:55 61440 ------w- c:\program files\CtDrvStp.crl
2011-05-25 11:05 . 2013-03-13 10:55 24576 ------w- c:\program files\CtCamPin.crl
2011-05-25 11:04 . 2013-03-13 10:55 16896 ------w- c:\program files\CtCamPin64.crl
2010-10-20 13:14 . 2013-03-13 10:55 355840 ------w- c:\program files\V0700Afx64.sys
2010-10-20 13:14 . 2013-03-13 10:55 302720 ------w- c:\program files\V0700Afx.sys
2009-07-13 04:04 . 2013-03-08 20:06 5173760 ----a-w- c:\program files\prime95.exe
2006-12-05 12:52 . 2013-03-13 10:55 48400 ------w- c:\program files\AddCat.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2013-03-07 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-03-07 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-31 969104]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 77824]
"SoundMax"="c:\program files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" [2007-03-29 3276800]
.
c:\users\TOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe [2013-1-31 4142448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R0 NVStrap;NVStrap; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz130;cpuz130;c:\users\TOM\AppData\Local\Temp\cpuz130\cpuz_x64.sys;c:\users\TOM\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 HKbFtCbOfficeKB;Dritek USB Keyboard HID Filter for Chipbond Office Keyboard;SysWOW64\Drivers\HKbFtCbOfficeKB.sys;SysWOW64\Drivers\HKbFtCbOfficeKB.sys [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-31 18:33]
.
2014-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2768623898-842622188-1800957298-1001Core.job
- c:\users\TOM\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-31 15:18]
.
2014-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2768623898-842622188-1800957298-1001UA.job
- c:\users\TOM\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-31 15:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-11-17 3994960]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
FF - ProfilePath - c:\users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\
FF - prefs.js: browser.search.selectedEngine - Search.com
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://t3-3.search.com/search?q=
FF - ExtSQL: 2013-11-11 09:11; WebSiteRecommendation@weliketheweb.com; c:\users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\extensions\WebSiteRecommendation@weliketheweb.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
AddRemove-PC Translator 2007 DEMO - c:\users\TOM\AppData\Local\Temp\UN32.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2768623898-842622188-1800957298-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0b,a0,fb,a5,c6,b5,89,5c,87,7a,40,33,c9,2f,47,56,6f,50,ff,77,0b,6f,ba,
36,b3,db,ac,a3,e5,a4,55,c7,e1,f1,d9,16,c5,ff,ca,12,04,42,16,f4,1d,ae,77,4b,\
"??"=hex:5c,b3,28,49,9c,f2,ad,34,ae,86,da,36,46,1d,32,1c
.
[HKEY_USERS\S-1-5-21-2768623898-842622188-1800957298-1001\Software\SecuROM\License information*]
"datasecu"=hex:ff,f8,fd,9d,c5,b8,f3,16,ac,78,aa,af,af,31,bc,b9,4e,8a,4e,df,a1,
75,2c,d4,ad,35,5f,34,11,47,da,90,1e,b9,61,53,94,86,1a,59,65,b0,0e,da,7e,8b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="B7EB480178C726371D7FAB3704319D3084E2E98B78944E21F00AC1FEA5A9AC4F21FB3CFC9E274311376EF987C71D21F92B5DC3EBB6DC9E989148F8075BF8E8C72EEAC720FCC6660CD796B2CB8982E47FAF146AE3ADF31A532212F40DC32BF45EC02B2C4D924A3F3BDE777CB753DF0CF48E2E079795D078465ED883C266D33DEAF0197AE850FD8E79E2F14F7D25D84D557B36192C1B0E062DB37246DF3BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667DE08BC88355FF25E44F5E928C816116FC80260CDB16B88A4D45DC0FA41E2E77CF0EDDF28B93C61216FCD4144C0994A57A49C2E8F66F53A38349ECA383073A9BFE8AE4CD7C1EFAE29A3FD32AE0D6B3F1C4FA696BF93C60A2572080E31BB46DC8842F81501B1ED99DA544C8D8CD7273DEC569B4D61CEBCF7095468BFE3822053821A9190C2CE01640E9A8FEA3A33BB98EEE8064B2E120D0976C422D8080718E1CBB5CFD76DC647568EB1B5264612EBA93CDD094B10B93DC6F1512C16832F1DE277F81D4A0627B1391CF8BDDE714E4ECAE0ABD94FA7082B3C762D8E7974C5EE358DF17A88C7E486DCEBF4BB76B3A24DDCDDF1409A472285FA732CE948AAF8A23908CC7BF91F56DF13A4CD589537B1A8C329EE1C357692D096C748708AAA5B21D3D55E45482DB6AA34634E51A6DAFD71E52B0ADB6BF044E4A9CB22E68D2E64A770DA1D94E1C7A6A997B76873D8B07110AFC04B864D270AEBCE4AF72764206C45FBEDA3B87979A8F19E262D279FFED6BD903ADE352F3B1AE628FDB222612134DF67D8319504FE24ECAB25D662B1415F8BFBDE969528060CA95A1CDAD720075B3028DB28213C4AE4D9242341B08B249F5AEAE566E616925F5C0DC99EE07B596AC3B92A0FE69F001AC8F37EE934EA0C1061577DE700192073F86D9F4E6417D4CA7998E91206F1F957A00A8B7720538F8CABC045D7CB93228F522C2DE222566ACB0847B7FEB237C5949A5791B0BD8B7855182C531744AFC0DB09FC74F36D623E1FF64A21C9343BA52B44D24E81679F4590D9A0AF2AFBD756E5179A6B40ABA9285BA32B2908E48B8EDB01F7F0F910DDA7C4F5A9D8BB193D741F4740F9A9D65C367A3F78C6F6347A294B05461ECDB95A885EC8D7BE16D3535C5DB92E82B5FCEF28DBCCC3E572A69E557E5A3EECD47DEB802F803EC6ABFAD2875961AAD210C19DF1C0A722657ED15122E2DE68690C082DDDE9A0724A91EDB79F3108FC33835AE13C507AAD97C3E131D54645CD9391987C2529FE14958022428665C672DC8390FE6494C683448B159F6B5D117E602A05FE0B67C6BFE9542277CC5C8F5BFDA74379FA7CE1462644C0C38E3F1F0DB63E349B7A05779AFC8F8A9D"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-06 10:58:14
ComboFix-quarantined-files.txt 2014-01-06 09:58
.
Před spuštěním: 8 165 216 256
Po spuštění: 8 024 719 360
.
- - End Of File - - 69E340F1D8DE8B8E96626F1ADAE9EED9
5C616939100B85E558DA92B899A0FC36

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Driver::
SkypeUpdate
cpuz130

Folder::
c:\program files (x86)\Skype\Updater
c:\users\TOM\AppData\Local\Google\Update

File::
c:\users\TOM\AppData\Local\Temp\cpuz130\cpuz_x64.sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2768623898-842622188-1800957298-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2768623898-842622188-1800957298-1001UA.job

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab

Firefox::
FF - ProfilePath - c:\users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\
FF - prefs.js: browser.search.selectedEngine - Search.com
FF - prefs.js: keyword.URL - hxxp://t3-3.search.com/search?q=
FF - ExtSQL: 2013-11-11 09:11; WebSiteRecommendation@weliketheweb.com; c:\users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\extensions\WebSiteRecommendation@weliketheweb.com

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[axplus2]

AVAST BYL VYPNUTY


ComboFix 14-01-08.01 - TOM 08.01.2014 12:59:18.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.4094.2829 [GMT 1:00]
Spuštěný z: c:\users\TOM\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\TOM\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\users\TOM\AppData\Local\Temp\cpuz130\cpuz_x64.sys"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2768623898-842622188-1800957298-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2768623898-842622188-1800957298-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\TOM\AppData\Local\Google\Update
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdate.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_am.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_da.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_de.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_el.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_en.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_es.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_et.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_id.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_is.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_it.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_no.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_te.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_th.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\psmachine.dll
c:\users\TOM\AppData\Local\Google\Update\1.3.22.3\psuser.dll
c:\users\TOM\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\users\TOM\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\31.0.1650.63\31.0.1650.63_31.0.1650.57_chrome_updater.exe
c:\users\TOM\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ130
-------\Service_cpuz130
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-08 do 2014-01-08 )))))))))))))))))))))))))))))))
.
.
2014-01-08 12:05 . 2014-01-08 12:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-08 12:05 . 2014-01-08 12:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-06 13:51 . 2014-01-07 22:24 -------- d-----w- c:\users\TOM\AppData\Roaming\Tropico 4
2014-01-06 10:46 . 2014-01-06 10:46 -------- d-----w- c:\users\TOM\AppData\Roaming\AVAST Software
2014-01-06 10:06 . 2014-01-06 10:53 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-05 20:27 . 2014-01-05 20:31 -------- d-----w- C:\AdwCleaner
2014-01-04 19:26 . 2014-01-04 19:26 -------- d-----w- c:\users\TOM\AppData\Roaming\Malwarebytes
2014-01-04 19:26 . 2014-01-04 19:26 -------- d-----w- c:\programdata\Malwarebytes
2013-12-30 16:15 . 2013-12-30 16:15 -------- d-----w- c:\programdata\Creative Labs
2013-12-30 10:38 . 2013-12-30 10:38 -------- d-----w- c:\users\TOM\AppData\Local\DOSBox
2013-12-30 10:38 . 2013-12-30 10:39 -------- d-----w- c:\program files (x86)\DOSBox-0.74
2013-12-27 16:22 . 2013-12-27 16:22 -------- d-----w- C:\PC TRANSLATOR DEMO
2013-12-27 16:21 . 2013-12-27 16:22 -------- d-----w- c:\users\TOM\AppData\Roaming\LangSoft
2013-12-27 16:21 . 2013-12-27 16:21 -------- d-----w- c:\programdata\LangSoft
2013-12-27 11:21 . 2013-12-27 12:33 -------- d-----w- c:\program files (x86)\Scorpions WinCheater
2013-12-24 20:17 . 2013-12-24 20:17 -------- d-----w- C:\FoxPDF
2013-12-24 20:17 . 2013-12-30 10:26 -------- d-----w- c:\windows\SysWow64\FoxPDF
2013-12-24 20:17 . 2013-12-30 10:26 -------- d-----w- c:\program files (x86)\PDF to Doc Converter
2013-12-22 16:44 . 2013-12-22 16:45 24097311 ----a-w- C:\vlc-2.1.2-win32.exe
2013-12-16 15:58 . 2013-12-19 18:41 -------- d-----w- c:\users\TOM\AppData\Local\Wings of Prey
2013-12-16 15:57 . 2013-12-16 15:57 -------- d-----w- c:\users\TOM\AppData\Local\WOP
2013-12-16 15:57 . 2013-12-16 15:57 -------- d-----w- c:\programdata\WOP
2013-12-10 16:41 . 2013-12-30 10:46 -------- d-----w- c:\users\TOM\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-06 10:05 . 2013-02-03 18:35 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-06 10:05 . 2013-02-03 18:35 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-06 10:05 . 2013-02-03 18:35 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-06 10:05 . 2013-02-03 18:35 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-06 10:05 . 2013-02-03 18:35 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-06 10:05 . 2002-01-01 14:50 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-06 10:05 . 2002-01-01 14:50 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-06 10:05 . 2013-02-03 18:34 43152 ----a-w- c:\windows\avastSS.scr
2014-01-06 10:05 . 2013-02-03 18:35 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-01-06 10:05 . 2002-01-01 14:50 439648 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-22 00:29 . 2013-03-14 22:19 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-12-22 00:29 . 2013-03-14 22:19 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-12-22 00:29 . 2013-03-14 22:19 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-12-22 00:29 . 2013-03-14 22:19 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-12-19 13:11 . 2013-02-03 18:35 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-19 13:11 . 2013-02-03 18:35 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-12-19 13:11 . 2013-02-03 18:35 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-12-11 18:33 . 2013-01-31 15:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 18:33 . 2013-01-31 15:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-13 10:43 . 2013-03-13 10:43 6132720 ----a-w- c:\program files\LCCH_0700_PCDRV_17_1_01_01.exe
2012-08-03 12:51 . 2013-03-13 10:55 102480 ------w- c:\program files\CtDrvStp.exe
2011-11-22 15:41 . 2013-03-13 10:55 1065472 ------w- c:\program files\CTAFX64.dll
2011-11-22 15:39 . 2013-03-13 10:55 889344 ------w- c:\program files\CTAFX32.dll
2011-09-07 00:00 . 2013-03-13 10:55 393920 ------w- c:\program files\V0700Vid64.sys
2011-09-07 00:00 . 2013-03-13 10:55 322528 ------w- c:\program files\V0700Vid.sys
2011-08-22 14:48 . 2013-03-13 10:55 45056 ------w- c:\program files\V0700Pin.dll
2011-08-22 14:48 . 2013-03-13 10:55 28672 ------w- c:\program files\V0700Mon.exe
2011-08-22 14:47 . 2013-03-13 10:55 102400 ------w- c:\program files\V0700Ext.crl
2011-08-22 14:47 . 2013-03-13 10:55 114688 ------w- c:\program files\V0700Ext.ax
2011-08-22 14:39 . 2013-03-13 10:55 46592 ------w- c:\program files\V0700Pin64.dll
2011-08-22 14:38 . 2013-03-13 10:55 93184 ------w- c:\program files\V0700Ext64.crl
2011-08-22 14:38 . 2013-03-13 10:55 134656 ------w- c:\program files\V0700Ext64.ax
2011-07-27 18:21 . 2013-03-13 10:55 109056 ------w- c:\program files\CtDrvIns64.exe
2011-07-27 18:14 . 2013-03-13 10:55 204800 ------w- c:\program files\CtStpCD.crl
2011-07-27 18:12 . 2013-03-13 10:55 94208 ------w- c:\program files\CtDrvIns.exe
2011-05-25 11:17 . 2013-03-13 10:55 45056 ------w- c:\program files\CTTwain.ds
2011-05-25 11:10 . 2013-03-13 10:55 163840 ------w- c:\program files\CTTwain.dll
2011-05-25 11:09 . 2013-03-13 10:55 221184 ------w- c:\program files\CtTwain.crl
2011-05-25 11:09 . 2013-03-13 10:55 45056 ------w- c:\program files\CtStpCD.dll
2011-05-25 11:07 . 2013-03-13 10:55 61440 ------w- c:\program files\CtDrvStp.crl
2011-05-25 11:05 . 2013-03-13 10:55 24576 ------w- c:\program files\CtCamPin.crl
2011-05-25 11:04 . 2013-03-13 10:55 16896 ------w- c:\program files\CtCamPin64.crl
2010-10-20 13:14 . 2013-03-13 10:55 355840 ------w- c:\program files\V0700Afx64.sys
2010-10-20 13:14 . 2013-03-13 10:55 302720 ------w- c:\program files\V0700Afx.sys
2009-07-13 04:04 . 2013-03-08 20:06 5173760 ----a-w- c:\program files\prime95.exe
2006-12-05 12:52 . 2013-03-13 10:55 48400 ------w- c:\program files\AddCat.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2013-03-07 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-03-07 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-31 969104]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2007-07-23 77824]
"SoundMax"="c:\program files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" [2007-03-29 3276800]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-06 3764024]
.
c:\users\TOM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe [2013-1-31 4142448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
R0 NVStrap;NVStrap; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 HKbFtCbOfficeKB;Dritek USB Keyboard HID Filter for Chipbond Office Keyboard;SysWOW64\Drivers\HKbFtCbOfficeKB.sys;SysWOW64\Drivers\HKbFtCbOfficeKB.sys [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - SIFILTER
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-31 18:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-06 10:05 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-11-17 3994960]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwar ... TSUEng.cab
FF - ProfilePath - c:\users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - ExtSQL: 2013-11-11 09:11; WebSiteRecommendation@weliketheweb.com; c:\users\TOM\AppData\Roaming\Mozilla\Firefox\Profiles\5otn33g2.default\extensions\WebSiteRecommendation@weliketheweb.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2768623898-842622188-1800957298-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0b,a0,fb,a5,c6,b5,89,5c,87,7a,40,33,c9,2f,47,56,6f,50,ff,77,0b,6f,ba,
36,b3,db,ac,a3,e5,a4,55,c7,e1,f1,d9,16,c5,ff,ca,12,04,42,16,f4,1d,ae,77,4b,\
"??"=hex:5c,b3,28,49,9c,f2,ad,34,ae,86,da,36,46,1d,32,1c
.
[HKEY_USERS\S-1-5-21-2768623898-842622188-1800957298-1001\Software\SecuROM\License information*]
"datasecu"=hex:ff,f8,fd,9d,c5,b8,f3,16,ac,78,aa,af,af,31,bc,b9,4e,8a,4e,df,a1,
75,2c,d4,ad,35,5f,34,11,47,da,90,1e,b9,61,53,94,86,1a,59,65,b0,0e,da,7e,8b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="B7EB480178C726371D7FAB3704319D3084E2E98B78944E21F00AC1FEA5A9AC4F21FB3CFC9E274311376EF987C71D21F92B5DC3EBB6DC9E989148F8075BF8E8C72EEAC720FCC6660CD796B2CB8982E47FAF146AE3ADF31A532212F40DC32BF45EC02B2C4D924A3F3BDE777CB753DF0CF48E2E079795D078465ED883C266D33DEAF0197AE850FD8E79E2F14F7D25D84D557B36192C1B0E062DB37246DF3BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667DE08BC88355FF25E44F5E928C816116FC80260CDB16B88A4D45DC0FA41E2E77CF0EDDF28B93C61216FCD4144C0994A57A49C2E8F66F53A38349ECA383073A9BFE8AE4CD7C1EFAE29A3FD32AE0D6B3F1C4FA696BF93C60A2572080E31BB46DC8842F81501B1ED99DA544C8D8CD7273DEC569B4D61CEBCF7095468BFE3822053821A9190C2CE01640E9A8FEA3A33BB98EEE8064B2E120D0976C422D8080718E1CBB5CFD76DC647568EB1B5264612EBA93CDD094B10B93DC6F1512C16832F1DE277F81D4A0627B1391CF8BDDE714E4ECAE0ABD94FA7082B3C762D8E7974C5EE358DF17A88C7E486DCEBF4BB76B3A24DDCDDF1409A472285FA732CE948AAF8A23908CC7BF91F56DF13A4CD589537B1A8C329EE1C357692D096C748708AAA5B21D3D55E45482DB6AA34634E51A6DAFD71E52B0ADB6BF044E4A9CB22E68D2E64A770DA1D94E1C7A6A997B76873D8B07110AFC04B864D270AEBCE4AF72764206C45FBEDA3B87979A8F19E262D279FFED6BD903ADE352F3B1AE628FDB222612134DF67D8319504FE24ECAB25D662B1415F8BFBDE969528060CA95A1CDAD720075B3028DB28213C4AE4D9242341B08B249F5AEAE566E616925F5C0DC99EE07B596AC3B92A0FE69F001AC8F37EE934EA0C1061577DE700192073F86D9F4E6417D4CA7998E91206F1F957A00A8B7720538F8CABC045D7CB93228F522C2DE222566ACB0847B7FEB237C5949A5791B0BD8B7855182C531744AFC0DB09FC74F36D623E1FF64A21C9343BA52B44D24E81679F4590D9A0AF2AFBD756E5179A6B40ABA9285BA32B2908E48B8EDB01F7F0F910DDA7C4F5A9D8BB193D741F4740F9A9D65C367A3F78C6F6347A294B05461ECDB95A885EC8D7BE16D3535C5DB92E82B5FCEF28DBCCC3E572A69E557E5A3EECD47DEB802F803EC6ABFAD2875961AAD210C19DF1C0A722657ED15122E2DE68690C082DDDE9A0724A91EDB79F3108FC33835AE13C507AAD97C3E131D54645CD9391987C2529FE14958022428665C672DC8390FE6494C683448B159F6B5D117E602A05FE0B67C6BFE9542277CC5C8F5BFDA74379FA7CE1462644C0C38E3F1F0DB63E349B7A05779AFC8F8A9D"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-01-08 13:10:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-08 12:10
ComboFix2.txt 2014-01-06 09:58
.
Před spuštěním: 8 032 059 392
Po spuštění: 7 661 953 024
.
- - End Of File - - 0CF71724AE8D33ACCAD9C8C30625373A
5C616939100B85E558DA92B899A0FC36

[memphisto]

Máš málo volného místa na systémovém disku. Mělo by být volno alespoň 15 % kapacity pro plynulý chod. Něco smaž, odstraň, přotřiď.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?

[axplus2]

Systémový disk promazaný a více než 15% volného místa je na světě =)

Počítač šlape jako nikdy. Jsem Vám neskonalé vděčný.

Chtěl jsem se zeptat, jestli neexistuje nějaký návod, či rada, jak si tohle vše dělat sám. Jak poznat, co smazat a co ne. Rád bych si tyhle věci dělal sám a nerad vás pořád otravoval.

Ještě jednou moc děkuji.


Zde log:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:11:44, on 9.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\TOM\Desktop\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe" /tray
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockPlus2\ObjectDock.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8037 bytes

[jaro3]

To je těžké , nevíš co je a co není nákaza. Chce to znát co patří k systému , nebo je infikované. Taky sopučásti všech programů , abys nemazal ty správné. Co nevíme , hledáme na netu nebo dáváme otestovat.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.