Zpomalený ntb

Zpráva

666yorick · #1 Příspěvek od **666yorick** » 04 kvě 2014 11:17

Ahojte,
ntb manželky se začal hrozně zpomalovat - např. soubory pdf online otevírá buď abnormálně dlouho nebo pro jistotu vůbec...
|Prosím o kontrolu logu z combofix :

ComboFix 13-09-19.01 - Pavlíček 04.05.2014 11:38:46.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1790.926 [GMT 2:00]
Spuštěný z: c:\programy\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Pavlíček\AppData\Local\Google\Chrome\User Data\Default\preferences
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-04 do 2014-05-04 )))))))))))))))))))))))))))))))
.
.
2014-05-04 10:01 . 2014-05-04 10:01 -------- d-----w- c:\users\Pavlíček\AppData\Local\temp
2014-05-04 10:01 . 2014-05-04 10:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-05-04 10:01 . 2014-05-04 10:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-03 15:06 . 2014-05-03 15:06 -------- d-----w- C:\_OTM
2014-05-03 14:47 . 2014-05-03 14:47 -------- d-----w- c:\users\Pavlíček\AppData\Roaming\AVAST Software
2014-05-03 14:42 . 2014-05-03 14:42 67776 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-05-03 14:42 . 2014-05-03 14:42 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-03 14:42 . 2014-05-03 14:42 43152 ----a-w- c:\windows\avastSS.scr
2014-05-03 14:33 . 2014-05-03 14:33 -------- d-----w- c:\programdata\AVAST Software
2014-05-03 14:33 . 2014-05-03 14:42 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-03 14:33 . 2014-05-03 14:42 180632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-03 14:19 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-03 14:18 . 2014-05-03 14:20 -------- d-----w- C:\AdwCleaner
2014-05-03 10:41 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-02 12:46 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BF05862-B168-458F-9EF4-524C3EA77BF1}\mpengine.dll
2014-05-01 20:26 . 2014-05-01 20:26 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-01 07:46 . 2014-04-14 02:11 361984 ----a-w- c:\windows\system32\aepdu.dll
2014-05-01 07:46 . 2014-04-14 02:07 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-04-21 09:52 . 2014-04-21 09:52 -------- d-sh--w- c:\users\Pavlíček\AppData\Local\EmieUserList
2014-04-21 09:52 . 2014-04-21 09:52 -------- d-sh--w- c:\users\Pavlíček\AppData\Local\EmieSiteList
2014-04-11 18:46 . 2014-03-06 08:02 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-04-11 18:46 . 2014-03-06 05:50 257536 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-11 18:46 . 2014-03-08 01:59 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2014-04-11 18:46 . 2014-03-06 08:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-04-11 18:46 . 2014-03-06 05:31 271360 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2014-04-11 15:34 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-11 15:34 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-11 15:34 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-11 15:34 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-11 15:33 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-03 14:42 . 2012-03-30 15:51 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-03 14:42 . 2011-06-13 18:16 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-05-03 14:42 . 2010-04-19 19:35 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-05-03 14:42 . 2010-04-19 19:35 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-03 14:42 . 2010-04-19 19:35 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-29 18:36 . 2012-03-31 17:01 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-29 18:36 . 2011-06-13 18:19 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 07:35 . 2010-04-19 19:45 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-02-07 01:07 . 2014-03-14 07:00 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-14 07:00 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-14 07:01 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-03 14:42 260976 ----a-w- c:\programy\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-07-30 225280]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\programy\Avast\AvastUI.exe" [2014-05-03 3873704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-05-01 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-05-03 67776]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 171008]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1343400]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-05-03 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-05-03 411552]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [2009-03-02 81920]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-05-03 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-05-03 67824]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:36]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\jbkdld8h.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-05-04 12:07:19
ComboFix-quarantined-files.txt 2014-05-04 10:07
ComboFix2.txt 2013-02-16 19:14
.
Před spuštěním: Volných bajtů: 154 304 733 184
Po spuštění: Volných bajtů: 153 870 630 912
.
- - End Of File - - D00477C02747BA56E47A4A14A8E8E4DF
AC75679B389A30483D9048DE0D3391D2

A tady log z hijackthis:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:19:09, on 4.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
C:\Programy\Avast\AvastUI.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\rundll32.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Pavlíček\Desktop\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Programy\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\M_Office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe

--
End of file - 5591 bytes

#2 Příspěvek od **Rudy** » 04 kvě 2014 11:43

Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům? Hodláte si nabořit systém, nebo některou aplikaci?

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

666yorick · #3 Příspěvek od **666yorick** » 04 kvě 2014 13:22

Děkuji za rychlou reakci...provedl jsem vše viz. váš návod,ale bohužel nemohu říct, že by došlo k nějaké změně...pro všechny případy přikládám log :

ComboFix 13-09-19.01 - Pavlíček 04.05.2014 13:39:59.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1790.648 [GMT 2:00]
Spuštěný z: c:\users\PavlÝŔek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\PavlÝŔek\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-04 do 2014-05-04 )))))))))))))))))))))))))))))))
.
.
2014-05-04 12:02 . 2014-05-04 12:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-05-04 12:02 . 2014-05-04 12:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-04 10:07 . 2014-05-04 12:02 -------- d-----w- c:\users\Pavlíček\AppData\Local\temp
2014-05-03 15:06 . 2014-05-03 15:06 -------- d-----w- C:\_OTM
2014-05-03 14:47 . 2014-05-03 14:47 -------- d-----w- c:\users\Pavlíček\AppData\Roaming\AVAST Software
2014-05-03 14:42 . 2014-05-03 14:42 67776 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-05-03 14:42 . 2014-05-03 14:42 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-03 14:42 . 2014-05-03 14:42 43152 ----a-w- c:\windows\avastSS.scr
2014-05-03 14:33 . 2014-05-03 14:33 -------- d-----w- c:\programdata\AVAST Software
2014-05-03 14:33 . 2014-05-03 14:42 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-03 14:33 . 2014-05-03 14:42 180632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-03 14:19 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-03 14:18 . 2014-05-03 14:20 -------- d-----w- C:\AdwCleaner
2014-05-03 10:41 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-02 12:46 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0BF05862-B168-458F-9EF4-524C3EA77BF1}\mpengine.dll
2014-05-01 20:26 . 2014-05-01 20:26 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-01 07:46 . 2014-04-14 02:11 361984 ----a-w- c:\windows\system32\aepdu.dll
2014-05-01 07:46 . 2014-04-14 02:07 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-04-21 09:52 . 2014-04-21 09:52 -------- d-sh--w- c:\users\Pavlíček\AppData\Local\EmieUserList
2014-04-21 09:52 . 2014-04-21 09:52 -------- d-sh--w- c:\users\Pavlíček\AppData\Local\EmieSiteList
2014-04-11 18:46 . 2014-03-06 08:02 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-04-11 18:46 . 2014-03-06 05:50 257536 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-04-11 18:46 . 2014-03-08 01:59 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2014-04-11 18:46 . 2014-03-06 08:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-04-11 18:46 . 2014-03-06 05:31 271360 ----a-w- c:\program files\Internet Explorer\ieproxy.dll
2014-04-11 15:34 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-11 15:34 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-11 15:34 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-11 15:34 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-11 15:33 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-03 14:42 . 2012-03-30 15:51 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-03 14:42 . 2011-06-13 18:16 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-05-03 14:42 . 2010-04-19 19:35 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-05-03 14:42 . 2010-04-19 19:35 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-03 14:42 . 2010-04-19 19:35 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-04-29 18:36 . 2012-03-31 17:01 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-29 18:36 . 2011-06-13 18:19 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 07:35 . 2010-04-19 19:45 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-02-07 01:07 . 2014-03-14 07:00 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-14 07:00 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-14 07:01 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-03 14:42 260976 ----a-w- c:\programy\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-07-30 225280]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AvastUI.exe"="c:\programy\Avast\AvastUI.exe" [2014-05-03 3873704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-05-01 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 08:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-05-03 67776]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 171008]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1343400]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-05-03 776976]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-05-03 411552]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe [2009-03-02 81920]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-05-03 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-05-03 67824]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-09-17 29472]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:36]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\jbkdld8h.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5076)
c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
.
Celkový čas: 2014-05-04 14:09:22
ComboFix-quarantined-files.txt 2014-05-04 12:09
ComboFix2.txt 2014-05-04 10:07
ComboFix3.txt 2013-02-16 19:14
.
Před spuštěním: Volných bajtů: 153 994 788 864
Po spuštění: Volných bajtů: 153 925 242 880
.
- - End Of File - - 24227F42F4752A936B025B3B102500B8
AC75679B389A30483D9048DE0D3391D2

#4 Příspěvek od **Rudy** » 04 kvě 2014 16:34

CF nemazal z toho důvodu, že se skript nenačetl, protože máte v názvu profilu diakritiku a to CF nepřečte (zkomolí to na c:\users\PavlÝŔek\Desktop\ComboFix.exe). Přesuňte CF i CFScript na kořenový adresář c:\ a postup zopakujte. Přetažení proveďte v průzkumníku windows, nebo jiném souborovém manažeru.

666yorick · #5 Příspěvek od **666yorick** » 04 kvě 2014 18:33

Provedeno a žena je s výsledkem spokojena

Přiznám se, že já ještě frčím na XP a ve srovnání s Win7 mi XP příjdou nesrovnatelně rychlejší, ale možná je to jen můj dojem

Děkuji mnohokrát a přeji vše dobré...

#6 Příspěvek od **Rudy** » 04 kvě 2014 18:45

Asi takhle: Hodně záleží na velikosti RAM. K stejné rychlosti chodu potřebuje Win7 asi 3x tolik, než XP. Nemáte zač!

VIRY.CZ

Zpomalený ntb

Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb

Re: Zpomalený ntb