zpomalení a zasekávání PC

[Jedi_Ataru]

Dobrý den,
PC je nyní výrazně rychlejší, ale bohužel se stále zasekává. Svítí přitom dioda HDD. Ale disk je půlroku starý, takže nepředpokládám, že by to byl HW problém.

[Rudy]

Dejte ještě log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[Jedi_Ataru]

ComboFix 13-05-16.02 - Jirka 18.05.2013 11:38:29.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.16329.13942 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jirka\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Jirka\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-18 do 2013-05-18 )))))))))))))))))))))))))))))))
.
.
2013-06-01 00:38 . 2013-05-16 21:44 -------- d-----w- c:\windows\Panther
2013-05-17 19:20 . 2013-05-17 19:20 -------- d-----w- C:\rsit
2013-05-17 19:01 . 2013-05-17 19:01 -------- d-----w- c:\users\Jirka\AppData\Local\ElevatedDiagnostics
2013-05-16 21:32 . 2013-05-16 21:32 -------- d-----w- c:\program files\CCleaner
2013-05-16 21:19 . 2013-05-16 21:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-16 21:19 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-16 18:57 . 2013-05-17 19:20 -------- d-----w- c:\program files\trend micro
2013-05-10 07:57 . 2013-05-10 07:57 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 07:57 . 2013-05-10 07:57 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-02 16:33 . 2013-05-02 16:33 -------- d-----w- c:\users\Jirka\AppData\Roaming\EPSON
2013-04-30 20:33 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-04-30 20:33 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-04-30 20:33 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-04-30 20:33 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-04-29 19:31 . 2013-04-29 19:31 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2013-04-21 12:39 . 2013-04-21 12:39 -------- d-----w- c:\users\Jirka\AppData\Local\PCTV Systems
2013-04-21 12:37 . 2013-04-22 17:32 -------- d-----w- c:\programdata\PCTV Systems
2013-04-21 12:36 . 2013-04-21 12:36 -------- d-----w- c:\program files (x86)\DivX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-18 09:44 . 2013-05-18 09:44 77824 ----a-w- c:\windows\Keygen.exe
2013-05-15 18:18 . 2013-03-07 19:53 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:18 . 2013-01-25 22:29 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-15 05:53 . 2013-03-26 21:40 968408 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-03-15 05:53 . 2013-03-26 21:40 9414456 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-03-26 21:40 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2013-03-26 21:40 7573816 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-03-26 21:40 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2013-03-26 21:40 420128 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-03-15 05:53 . 2013-03-26 21:40 364832 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-03-15 05:53 . 2013-03-26 21:40 2913056 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-03-26 21:40 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-03-26 21:40 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-03-26 21:40 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-03-15 05:53 . 2013-03-26 21:40 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-26 21:40 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-03-26 21:40 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-03-15 05:53 . 2013-03-26 21:40 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-26 21:40 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-03-26 21:40 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-03-26 21:40 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-03-26 21:40 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-03-26 21:40 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2013-01-06 18:39 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2013-01-06 18:39 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2013-01-06 18:39 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-01-06 18:39 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2013-01-06 18:39 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2013-01-06 18:39 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-01-06 18:39 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 04:16 . 2013-01-06 18:40 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2013-01-06 18:40 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2013-03-26 21:41 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2013-01-06 18:40 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2013-01-06 18:40 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2013-01-06 18:40 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 21:15 . 2013-03-14 21:15 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-03-14 21:07 . 2013-03-14 21:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2013-01-06 18:40 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-07 19:50 . 2013-01-24 20:17 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-07 19:50 . 2013-01-24 20:17 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-05-10 38984]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Remote Control.lnk - c:\program files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe [2013-1-7 94208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-01-06 1432400]
R3 MSICDSetup;MSICDSetup;H:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;H:\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 57904]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-06 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-11 135824]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 174368]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2010-01-22 38944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 16:57 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 18:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-26 6325936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 217.195.165.131 217.195.160.10
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\lr49zxyj.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-05-18 11:46:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-18 09:46
.
Před spuštěním: Volných bajtů: 551 197 261 824
Po spuštění: Volných bajtů: 552 107 360 256
.
- - End Of File - - B95659F73A7FDF8B775AAFB2B2564836

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\Keygen.exe

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pustte. CF se spustí a vykoná příkazy ze skriptu.

[Jedi_Ataru]

vkládám log:

ComboFix 13-05-16.02 - Jirka 18.05.2013 12:30:07.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.16329.14106 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jirka\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-18 do 2013-05-18 )))))))))))))))))))))))))))))))
.
.
2013-06-01 00:38 . 2013-05-16 21:44 -------- d-----w- c:\windows\Panther
2013-05-18 10:34 . 2013-05-18 10:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-05-18 10:34 . 2013-05-18 10:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-17 19:20 . 2013-05-17 19:20 -------- d-----w- C:\rsit
2013-05-17 19:01 . 2013-05-17 19:01 -------- d-----w- c:\users\Jirka\AppData\Local\ElevatedDiagnostics
2013-05-16 21:32 . 2013-05-16 21:32 -------- d-----w- c:\program files\CCleaner
2013-05-16 21:19 . 2013-05-16 21:19 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-16 21:19 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-16 18:57 . 2013-05-17 19:20 -------- d-----w- c:\program files\trend micro
2013-05-10 07:57 . 2013-05-10 07:57 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 07:57 . 2013-05-10 07:57 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-02 16:33 . 2013-05-02 16:33 -------- d-----w- c:\users\Jirka\AppData\Roaming\EPSON
2013-04-30 20:33 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-04-30 20:33 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-04-30 20:33 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-04-30 20:33 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-04-29 19:31 . 2013-04-29 19:31 -------- d-----w- c:\program files (x86)\Common Files\SWF Studio
2013-04-21 12:39 . 2013-04-21 12:39 -------- d-----w- c:\users\Jirka\AppData\Local\PCTV Systems
2013-04-21 12:37 . 2013-04-22 17:32 -------- d-----w- c:\programdata\PCTV Systems
2013-04-21 12:36 . 2013-04-21 12:36 -------- d-----w- c:\program files (x86)\DivX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 18:18 . 2013-03-07 19:53 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 18:18 . 2013-01-25 22:29 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-15 05:53 . 2013-03-26 21:40 968408 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-03-15 05:53 . 2013-03-26 21:40 9414456 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:53 . 2013-03-26 21:40 7959000 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-03-15 05:53 . 2013-03-26 21:40 7573816 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:53 . 2013-03-26 21:40 6271872 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-03-15 05:53 . 2013-03-26 21:40 420128 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2013-03-15 05:53 . 2013-03-26 21:40 364832 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2013-03-15 05:53 . 2013-03-26 21:40 2913056 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:53 . 2013-03-26 21:40 2728736 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-03-15 05:53 . 2013-03-26 21:40 26956576 ----a-w- c:\windows\system32\nvoglv64.dll
2013-03-15 05:53 . 2013-03-26 21:40 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-03-15 05:53 . 2013-03-26 21:40 2355488 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-26 21:40 20542752 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-03-15 05:53 . 2013-03-26 21:40 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-03-15 05:53 . 2013-03-26 21:40 1995552 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-03-15 05:53 . 2013-03-26 21:40 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-03-15 05:53 . 2013-03-26 21:40 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-03-15 05:53 . 2013-03-26 21:40 11048736 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-03-15 05:53 . 2013-03-26 21:40 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:53 . 2013-03-26 21:40 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-03-15 05:53 . 2013-01-06 18:39 2864144 ----a-w- c:\windows\system32\nvapi64.dll
2013-03-15 05:53 . 2013-01-06 18:39 2539128 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-03-15 05:53 . 2013-01-06 18:39 17990800 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-03-15 05:53 . 2013-01-06 18:39 15508512 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-03-15 05:53 . 2013-01-06 18:39 15042928 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-03-15 05:53 . 2013-01-06 18:39 13088000 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-03-15 05:53 . 2013-01-06 18:39 1118776 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-03-15 04:16 . 2013-01-06 18:40 3477280 ----a-w- c:\windows\system32\nvsvc64.dll
2013-03-15 04:16 . 2013-01-06 18:40 6398240 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 04:16 . 2013-03-26 21:41 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-03-15 04:16 . 2013-01-06 18:40 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-03-15 04:16 . 2013-01-06 18:40 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-03-15 04:16 . 2013-01-06 18:40 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-14 21:15 . 2013-03-14 21:15 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-03-14 21:07 . 2013-03-14 21:07 559904 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-03-13 16:24 . 2013-01-06 18:40 3065455 ----a-w- c:\windows\system32\nvcoproc.bin
2013-03-07 19:50 . 2013-01-24 20:17 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-07 19:50 . 2013-01-24 20:17 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2012-12-21 1090040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-05-10 38984]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Remote Control.lnk - c:\program files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe [2013-1-7 94208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 364416]
R3 azvusb;Virtual USB Hub;c:\windows\system32\DRIVERS\azvusb.sys [2009-08-24 54784]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-01-06 1432400]
R3 MSICDSetup;MSICDSetup;H:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;H:\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-11-28 57904]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-06 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 211344]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 149592]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 59440]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe [2011-12-11 135824]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-17 165760]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-17 32344]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2010-01-22 174368]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2010-01-22 38944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 16:57 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-07 18:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-26 6325936]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 217.195.165.131 217.195.160.10
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\lr49zxyj.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-05-18 12:37:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-18 10:37
ComboFix2.txt 2013-05-18 09:46
.
Před spuštěním: Volných bajtů: 552 176 144 384
Po spuštění: Volných bajtů: 552 099 377 152
.
- - End Of File - - ACE3AC4C66B562D1F0ABF57480586A48

[Rudy]

Log je již OK. Nastala nějaká změna?

[Jedi_Ataru]

Bohužel ne. PC se stále zasekává.

[Rudy]

Co jste instaloval těsně před tím, než se problém objevil?

[Jedi_Ataru]

Dobrý večer,
nejsem si vědom, že bych něco v poslední době instaloval. PC jsem v poslední době (cca měsíc zpět) používal spíše na serfování po netu a sledování filmů.

Po Vámi doporučených krocích se PC výrazně zrychlilo, ale občasné zasekávání přetrvává. Zkoušel jsem přeinstalovat kodeky, ovladače grafiky, přehrávač i prohlížeč, ale stejně nic nepomohlo. Na řadě je nejspíš format

[Rudy]

Ještě zkuste defragmentovat disk.