Pomalý start PC

Zpráva

hero88cz · #1 Příspěvek od **hero88cz** » 25 srp 2014 13:20

Dobrý den,

prosím o radu, jak vyřešit následující problém:

Trvání: cca 14 dní
Problémy: - Start PC trvá více než 5 min (dříve do 30 s)
- 1x zmizelo v oznamovací oblasti ikona Zvuky a MS Essentials
- Zamrzávání oken ve Windows

Projel jsem PC ComboFixem, ale bez účinku. Odinstaloval jsem poslední aktualizace MS W7, taktéž nic.

Níže přikládám log dle návodu FRST. V příloze ještě přikládám zazipovaný Addition.

Děkuji mockrát za odpověď a rady.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03
Ran by Michal (administrator) on MICHAL-PC on 25-08-2014 14:01:33
Running from C:\Users\Michal\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) H:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => H:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-4079425491-532840303-921040608-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: 01UnsuppModule -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 02SyncingModule -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 03SyncedModule -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: 04ReadOnlyModule -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll (TODO: <Company name>)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> H:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.2 10.0.1.6 192.168.1.254

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> H:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> H:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-24]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR StartupUrls: "https://www.google.cz/", "hxxp://news.google.cz/"
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-22]
CHR Extension: (Porsche) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2014-06-16]
CHR Extension: (Peněženka Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-22]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-03-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-10] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-05] (Disc Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-07-16] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 14:01 - 2014-08-25 14:01 - 00009990 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-08-25 14:01 - 2014-08-25 14:01 - 00000000 ____D () C:\FRST
2014-08-25 13:59 - 2014-08-25 14:00 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2014-08-25 13:59 - 2014-08-25 13:59 - 02103296 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-08-25 11:01 - 2014-08-25 11:01 - 00000546 _____ () C:\Windows\PFRO.log
2014-08-25 10:45 - 2014-08-25 10:45 - 05572212 ____R (Swearware) C:\Users\Michal\Desktop\ComboFix.exe
2014-08-24 00:07 - 2014-08-24 00:07 - 00000222 _____ () C:\Users\Michal\Desktop\Total War ROME II.url
2014-08-21 10:41 - 2014-08-25 11:01 - 00487448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 10:41 - 2014-08-25 11:01 - 00000224 _____ () C:\Windows\setupact.log
2014-08-21 10:41 - 2014-08-21 10:41 - 00134296 _____ () C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 10:41 - 2014-08-21 10:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-21 09:58 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 09:58 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 09:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 09:58 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 09:58 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 09:58 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 09:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 09:58 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 09:58 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 09:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 09:58 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 09:58 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 09:58 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 09:58 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-13 13:07 - 2014-08-13 13:07 - 00000000 ___HD () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-13 13:07 - 2014-08-13 13:07 - 00000000 ____D () C:\Program Files\iTunes
2014-08-13 13:07 - 2014-08-13 13:07 - 00000000 ____D () C:\Program Files\iPod
2014-08-08 11:46 - 2014-08-14 13:36 - 00000000 ____D () C:\Users\Michal\Desktop\BIVS
2014-08-04 19:52 - 2014-08-04 19:52 - 00000222 _____ () C:\Users\Michal\Desktop\Banished.url
2014-07-31 10:24 - 2014-07-31 10:24 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Synology

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-25 14:01 - 2014-08-25 14:01 - 00009990 _____ () C:\Users\Michal\Desktop\FRST.txt
2014-08-25 14:01 - 2014-08-25 14:01 - 00000000 ____D () C:\FRST
2014-08-25 14:00 - 2014-08-25 13:59 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2014-08-25 13:59 - 2014-08-25 13:59 - 02103296 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2014-08-25 12:36 - 2014-07-20 12:17 - 01365300 _____ () C:\Windows\WindowsUpdate.log
2014-08-25 11:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-25 11:08 - 2009-07-14 06:45 - 00023072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-25 11:08 - 2009-07-14 06:45 - 00023072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-25 11:01 - 2014-08-25 11:01 - 00000546 _____ () C:\Windows\PFRO.log
2014-08-25 11:01 - 2014-08-21 10:41 - 00487448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 11:01 - 2014-08-21 10:41 - 00000224 _____ () C:\Windows\setupact.log
2014-08-25 11:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-25 10:54 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-25 10:51 - 2014-04-21 19:52 - 00000000 ___HD () C:\Qoobox
2014-08-25 10:50 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-25 10:45 - 2014-08-25 10:45 - 05572212 ____R (Swearware) C:\Users\Michal\Desktop\ComboFix.exe
2014-08-25 10:19 - 2014-06-20 00:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-25 10:14 - 2013-10-09 20:43 - 00000000 ____D () C:\Users\Michal\AppData\Local\CloudStation
2014-08-24 00:07 - 2014-08-24 00:07 - 00000222 _____ () C:\Users\Michal\Desktop\Total War ROME II.url
2014-08-21 10:41 - 2014-08-21 10:41 - 00134296 _____ () C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 10:41 - 2014-08-21 10:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-19 10:56 - 2014-01-28 16:23 - 00000000 ____D () C:\Users\Michal\Ubiquiti UniFi
2014-08-19 00:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-14 23:34 - 2009-07-14 17:18 - 00671796 _____ () C:\Windows\system32\perfh005.dat
2014-08-14 23:34 - 2009-07-14 17:18 - 00142392 _____ () C:\Windows\system32\perfc005.dat
2014-08-14 23:34 - 2009-07-14 07:13 - 01591814 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-14 20:18 - 2013-10-09 20:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 20:17 - 2013-10-09 20:50 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 20:16 - 2013-10-09 21:06 - 00000000 ___HD () C:\ProgramData\Microsoft Help
2014-08-14 13:36 - 2014-08-08 11:46 - 00000000 ____D () C:\Users\Michal\Desktop\BIVS
2014-08-13 13:07 - 2014-08-13 13:07 - 00000000 ___HD () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-13 13:07 - 2014-08-13 13:07 - 00000000 ____D () C:\Program Files\iTunes
2014-08-13 13:07 - 2014-08-13 13:07 - 00000000 ____D () C:\Program Files\iPod
2014-08-04 19:52 - 2014-08-04 19:52 - 00000222 _____ () C:\Users\Michal\Desktop\Banished.url
2014-08-02 00:36 - 2014-02-22 03:15 - 00000000 ___HD () C:\ProgramData\Origin
2014-08-01 23:22 - 2013-10-10 02:24 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-01 23:22 - 2013-10-10 01:30 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-01 23:22 - 2013-10-10 01:30 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-01 23:21 - 2014-07-21 23:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-31 10:24 - 2014-07-31 10:24 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Synology

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-18 23:15

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:119.24 GB) (Free:32.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Game) (Fixed) (Total:234.37 GB) (Free:185.78 GB) NTFS
Drive e: (Downloads) (Fixed) (Total:332.03 GB) (Free:331.39 GB) NTFS
Drive f: (Disk) (Fixed) (Total:136.72 GB) (Free:136.59 GB) NTFS
Drive g: (Dokumenty) (Fixed) (Total:228.39 GB) (Free:221 GB) NTFS
Drive h: () (Fixed) (Total:37.17 GB) (Free:34.98 GB) NTFS
Drive k: (WXPOEMPROSP3P) (CDROM) (Total:0.81 GB) (Free:0 GB) CDFS

Available physical RAM: 6298.46 MB
Total physical RAM: 8190.18 MB
Percentage of memory in use: 23%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 37.3 GB) (Disk ID: 4D8FA9B0)
Partition 1: (Not Active) - (Size=37.2 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 23ECEDFB)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4F44E323)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 7 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"H:\Program Files (x86)\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore
C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk
C:\PROGRA~2\HP\DIGITA~1\bin\hpqtra08.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

V příloze ještě přikládám zazipovaný Addition

#2 Příspěvek od **Rudy** » 25 srp 2014 18:09

Zdravím!
Proč spouštíte ComboFix, utilitu určenou pouze profesionálům?. Chcete si nabořit systém, nebo některou aplikaci?

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [] => [X]
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-07-16] (StdLib)
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

hero88cz · #3 Příspěvek od **hero88cz** » 25 srp 2014 18:18

Dobrý den,

děkuji za radu, zde je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 03
Ran by Michal at 2014-08-25 19:16:59 Run:1
Running from C:\Users\Michal\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-07-16] (StdLib)
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64 => Service stopped successfully.
{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64 => Service deleted successfully.

==== End of Fixlog ====

#4 Příspěvek od **Rudy** » 25 srp 2014 18:30

Smazáno. Nastala nějaká změna?

hero88cz · #5 Příspěvek od **hero88cz** » 25 srp 2014 20:12

Dobrý večer,

bohužel žádné změny nenastaly, po restartu opět nenaběhla ikona Zvuky. Mám ještě udělat log z jiných testů (DDS nebo RSIT)? V příloze posílám screen z Události správy, pokud Vám to k něčemu bude.

Děkuji mockrát za odpověď.

#6 Příspěvek od **Rudy** » 25 srp 2014 20:15

Když už jste dělal ComboFix, dejte z něj log. Najdete ho v c:\comgofix.txt .

hero88cz · #7 Příspěvek od **hero88cz** » 26 srp 2014 01:50

Dobrý den,

tady je log z ComboFixu:

ComboFix 14-08-24.01 - Michal 26.08.2014 2:45.5.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8190.6112 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-26 do 2014-08-26 )))))))))))))))))))))))))))))))
.
.
2014-08-26 00:48 . 2014-08-26 00:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-26 00:48 . 2014-08-26 00:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-26 00:42 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-26 00:42 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-26 00:42 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-26 00:42 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-26 00:42 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-26 00:42 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-26 00:41 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-26 00:41 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-25 19:14 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6112F4B1-DA96-40C3-AE42-A3411CCF60BD}\mpengine.dll
2014-08-24 17:49 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-20 18:55 . 2014-08-19 18:55 1169712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CB961476-C713-4A19-8A82-A9FF5B0A8C6A}\gapaengine.dll
2014-08-14 18:06 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-14 18:06 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-13 11:07 . 2014-08-13 11:07 -------- d--h--w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-13 11:07 . 2014-08-13 11:07 -------- d-----w- c:\program files\iTunes
2014-08-13 11:07 . 2014-08-13 11:07 -------- d-----w- c:\program files\iPod
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-19 18:55 . 2013-10-18 07:59 1169712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-08-14 18:17 . 2013-10-09 18:50 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-01 21:22 . 2013-10-10 00:24 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-08-01 21:22 . 2013-10-09 23:30 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-08-01 21:22 . 2013-10-09 23:30 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-07-16 17:49 . 2014-07-21 23:58 61112 ----a-w- c:\windows\system32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys
2014-07-15 12:43 . 2014-01-02 19:25 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2014-07-10 21:15 . 2013-10-09 23:30 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-06-18 02:18 . 2014-07-09 18:06 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 18:06 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-09 18:06 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-06-06 10:10 . 2014-07-09 18:06 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 18:06 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 18:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 18:06 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 18:06 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-06-04 22:35 . 2014-06-04 22:35 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-05-30 08:08 . 2014-07-09 18:06 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 18:06 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 18:06 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 18:06 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 18:06 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 18:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 18:06 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 18:06 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 18:06 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 18:06 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 18:06 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 18:06 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 18:06 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 18:06 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 18:06 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="h:\program files (x86)\iTunes\iTunesHelper.exe" [2014-08-01 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-17 18:29 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2014-04-02 13:32 2765312 ----a-w- c:\users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2014-04-02 13:32 2765312 ----a-w- c:\users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2014-04-02 13:32 2765312 ----a-w- c:\users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04ReadOnlyModule]
@="{A433C3E0-8B24-40EB-93C3-4B10D9959F58}"
[HKEY_CLASSES_ROOT\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}]
2014-04-02 13:32 2765312 ----a-w- c:\users\Michal\AppData\Local\CloudStation\iconoverlay_v7\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - h:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.1.2 10.0.1.6 192.168.1.254
.
Supplementary scan did not complete!
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4079425491-532840303-921040608-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-08-26 02:49:53
ComboFix-quarantined-files.txt 2014-07-05 11:24
.
Před spuštěním: Volných bajtů: 34 024 542 208
Po spuštění: Volných bajtů: 34 433 691 648
.
- - End Of File - - F7E19CEF1CBBE1A1F430A074BE7F5331
A36C5E4F47E84449FF07ED3517B43A31

hero88cz · #8 Příspěvek od **hero88cz** » 26 srp 2014 10:04

Dobrý den,

nemám moc dobré zprávy, při nabíhání Windows mi vyskočí bluescreen, obrázek přikládám v příloze. Jdu Windows přeinstalovat, s takto nakopnutým systémem nechci žít. Jen doufám, že mi neodešel disk. Každopádně Vám děkuji za ochotu a rady.

S pozdravem

Michal

#9 Příspěvek od **Rudy** » 26 srp 2014 17:08

Můžete nejprve zkusit opravu startu: http://forum.viry.cz/viewtopic.php?f=46&t=106339 . Disková chyba to ale být může.

VIRY.CZ

Pomalý start PC

Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC

Re: Pomalý start PC