Prosím o kontrolu logu z HJT - problémy s PC Vyřešeno

[Daemonic14]

ComboFix 16-08-31.01 - DeeDee 10.09.2016 16:27:47.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.6143.4617 [GMT 2:00]
Spuštěný z: c:\users\DeeDee\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\DeeDee\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\sjcsu64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\sjcsu64.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SJCST
-------\Service_sjcst
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-08-10 do 2016-09-10 )))))))))))))))))))))))))))))))
.
.
2016-09-10 14:39 . 2013-07-02 14:29 24824 ----a-w- c:\windows\system32\drivers\IOMap64.sys
2016-09-10 14:37 . 2016-09-10 14:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-08 16:35 . 2016-09-08 16:35 391496 ----a-w- c:\windows\system32\aswBoot.exe
2016-09-08 16:35 . 2016-09-08 16:35 53208 ----a-w- c:\windows\avastSS.scr
2016-09-08 14:14 . 2016-09-08 14:14 -------- d-----w- c:\users\DeeDee\AppData\Roaming\Cakewalk
2016-09-08 14:11 . 2006-11-30 13:49 368640 ----a-w- c:\windows\SysWow64\ReWire.dll
2016-09-08 14:09 . 2016-09-08 14:24 -------- d-----w- C:\Cakewalk Projects
2016-09-08 14:09 . 2016-09-08 14:11 -------- d-----w- c:\programdata\Cakewalk
2016-09-08 14:09 . 2016-09-08 14:11 -------- d-----w- c:\program files\Cakewalk
2016-09-08 13:32 . 2016-09-08 13:32 -------- d-----w- c:\users\DeeDee\AppData\Local\Diagnostics
2016-09-02 19:12 . 2016-09-08 13:01 -------- d-----w- c:\users\DeeDee\AppData\Local\CrashDumps
2016-09-01 18:44 . 2016-09-10 14:40 -------- d-----w- c:\users\DeeDee\AppData\Local\Temp
2016-09-01 18:44 . 2016-09-01 18:31 24064 ----a-w- c:\windows\zoek-delete.exe
2016-09-01 18:31 . 2016-09-01 18:42 -------- d-----w- C:\zoek_backup
2016-09-01 14:56 . 2016-09-01 14:56 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-09-01 14:55 . 2016-09-01 14:55 -------- d-----w- c:\programdata\RogueKiller
2016-08-30 10:22 . 2016-09-01 14:35 -------- d-----w- C:\AdwCleaner
2016-08-29 18:55 . 2016-08-29 18:55 -------- d-----w- c:\program files (x86)\Seagate
2016-08-28 07:58 . 2016-08-28 07:58 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2016-08-28 07:44 . 2016-08-28 07:44 -------- d-----w- c:\program files (x86)\HD Tune
2016-08-17 18:44 . 2016-08-17 18:45 -------- d-----w- c:\program files (x86)\Outlast
2016-08-17 18:40 . 2016-08-17 18:40 -------- d-----w- c:\users\DeeDee\AppData\Roaming\Condemned - Criminal Origins
2016-08-17 18:27 . 2016-08-17 18:27 -------- d-----w- c:\program files (x86)\R.G. Mechanics
2016-08-17 07:36 . 2016-09-04 11:37 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-08-17 07:35 . 2016-08-17 07:35 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-08-17 07:35 . 2016-08-17 07:35 -------- d-----w- c:\programdata\Malwarebytes
2016-08-17 07:35 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-08-17 07:35 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-08-17 07:35 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-08 16:35 . 2016-04-17 11:49 513496 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-09-08 16:35 . 2016-04-17 11:49 292704 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-09-08 16:35 . 2016-04-17 11:49 163416 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-09-08 16:35 . 2016-04-17 11:49 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-09-08 16:35 . 2016-04-17 11:49 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-09-08 16:35 . 2016-04-17 11:49 108816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-09-08 16:35 . 2016-04-17 11:49 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-09-08 16:35 . 2016-04-17 11:49 969560 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-09-08 16:35 . 2016-04-17 11:52 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-07-10 03:32 . 2016-07-10 03:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6B30D36-3BD8-495D-A429-AA11D1E5CBB4}\offreg.2932.dll
2016-07-08 02:49 . 2016-07-08 02:49 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D6B30D36-3BD8-495D-A429-AA11D1E5CBB4}\offreg.2604.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-09-16 8461224]
"Akamai NetSession Interface"="c:\users\DeeDee\AppData\Local\Akamai\netsession_win.exe" [2015-09-10 4691384]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-20 5199984]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-09-08 9107104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x]
R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 tap-tb-0901;TunnelBear Adapter V9;c:\windows\system32\DRIVERS\tap-tb-0901.sys;c:\windows\SYSNATIVE\DRIVERS\tap-tb-0901.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-09-08 16:35 1031520 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} - c:\progra~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe
AddRemove-InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1} - c:\progra~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
AddRemove-InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D} - c:\progra~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{74d0e5db-b326-4dae-a6b2-445b9de1836e} - c:\programdata\Package Cache\{74d0e5db-b326-4dae-a6b2-445b9de1836e}\VC_redist.x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2310595992-1803282387-632550759-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:7c,8d,9d,75,b3,43,9b,db,3d,10,16,10,8d,8f,be,49,b3,03,80,e2,b8,c5,5c,
a7,cb,86,a0,d5,63,60,ea,83,f2,89,c3,25,56,58,df,ec,b1,fe,fe,8b,4c,9d,aa,f5,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-2310595992-1803282387-632550759-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:cd,81,14,3d,0d,d1,9a,41,71,ab,6d,6d,8f,91,3c,4a,43,90,de,59,bf,
3a,2d,fb,86,3f,95,cd,e2,ad,f0,51,bc,d2,6e,a0,72,9c,f4,86,1f,84,eb,fd,6e,c4,\
"rkeysecu"=hex:bf,75,7e,54,b2,e4,9e,f2,22,fb,60,d2,4e,51,14,d3
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2016-09-10 16:48:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-09-10 14:48
ComboFix2.txt 2016-09-06 12:52
ComboFix3.txt 2016-09-04 11:25
.
Před spuštěním: Volných bajtů: 613 705 994 240
Po spuštění: Volných bajtů: 613 677 674 496
.
- - End Of File - - 2C62F6A7D9B7E8D71703AE88A602FDAD
A36C5E4F47E84449FF07ED3517B43A31

[Reklama]

[Daemonic14]

Btw, stále používám Chrome, teď mi to při pokusu o spuštění ( po restartu PC skrz ComboFix) hodilo něco jako ,,Pokud o použití smazaného registru" , ale napodruhé se už Chrome spustil..snad to nějak neobnovuju tímhle

[jerabina]

Dobře. Co ten aswMBR?