Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

notebook zpomalen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#16 Příspěvek od Rudy »

MozBackup přece neukládáte ve Wordu, nýbrž jako soubor na disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JelenJelcin
Návštěvník
Návštěvník
Příspěvky: 70
Registrován: 01 črc 2010 14:27

Re: notebook zpomalen

#17 Příspěvek od JelenJelcin »

Po kontrole toho co vse prestalo tak nejak fungovat po vami zadanymi kroky tak nejde ukladat v officech a nefunguje stahovani pres mozilu a nefunguje vubec skype a nefunguje windovs prohlizec fotografii a take jak jste radil abych stahovala pres IE tak kdyz je zaply dele nez cca 10min tak pc hodi modrou smrt..
a mozila backup sem si stahla ale po tom co jsem ji znovu nainstalovala stale nefunguje stahovani a stale prstavaji nejake skripty pracovat atd..
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#18 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JelenJelcin
Návštěvník
Návštěvník
Příspěvky: 70
Registrován: 01 črc 2010 14:27

Re: notebook zpomalen

#19 Příspěvek od JelenJelcin »

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27.8.2015
Čas skenování: 17:48
Protokol: scann.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.27.03
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Tereza

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 431535
Uplynulý čas: 24 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.Spigot.A, HKU\S-1-5-21-3075646771-320467267-1627183398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C6B2F429-06D5-4ACE-84BC-DD9D9886E8A6}, , [aa25a568ff8cb0864469c4633bc89c64],

Hodnoty registru: 2
PUP.Optional.Spigot.A, HKU\S-1-5-21-3075646771-320467267-1627183398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C6B2F429-06D5-4ACE-84BC-DD9D9886E8A6}|URL, http://search.yahoo.com/search?fr=chr-g ... earchTerms}, , [aa25a568ff8cb0864469c4633bc89c64]
PUP.Optional.Spigot.A, HKU\S-1-5-21-3075646771-320467267-1627183398-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C6B2F429-06D5-4ACE-84BC-DD9D9886E8A6}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, , [6669020b3f4cc2745d289811da2a8878]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 16
PUP.Optional.OpenCandy, C:\Users\Tereza\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe, , [3b9485880b8016200ae0d9a8a065629e],
PUP.Optional.DealPly, C:\Program Files (x86)\PC MEGA RAPIDO PRO 2.1\dealply.exe, , [448b898473184aecbecb1e71b451e61a],
PUP.FunMoods, C:\Program Files (x86)\PC MEGA RAPIDO PRO 2.1\funmoods.exe, , [557a2edf2b60ba7cf8877876e51bb24e],
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rlls64.dll, , [fcd3080592f994a2fc3992de937234cc],
PUP.Optional.Vittalia, C:\Windows\temp\update.zip, , [d8f7b25bf6957fb704c88fb226dbfa06],
PUP.Optional.APNToolBar.A, C:\Users\Tereza\Documents\APNSetup.exe, , [1eb14cc128639a9c17446e362ad735cb],
PUP.Optional.Vittalia, C:\Users\Tereza\Downloads\installer_pou_for_pc_1_2_6_English.exe, , [7d5257b6216a999dbebd2fb9936d817f],
PUP.Optional.APNToolBar.A, C:\Users\Tereza\Downloads\aTube_Catcher (1).exe, , [b21d64a96b207fb7aab2d4d0a55cf40c],
PUP.Optional.APNToolBar.A, C:\Users\Tereza\Downloads\aTube_Catcher (2).exe, , [ab24f01ded9e0432421a079da75a8a76],
PUP.Optional.APNToolBar.A, C:\Users\Tereza\Downloads\aTube_Catcher (3).exe, , [b718d33ab8d3b68096c6b5efc53c9868],
PUP.Optional.APNToolBar.A, C:\Users\Tereza\Downloads\aTube_Catcher.exe, , [dbf4cd400388ba7c4b11277dc23f5da3],
PUP.AdBundler, C:\Users\Tereza\Downloads\GotClip_Setup.exe, , [834cab622a6122140f600ac8cb36847c],
PUP.Optional.SweetIM, C:\Windows\Installer\afa9485.msi, , [f1deeb22d6b5be786e0e98e90afb6a96],
PUP.Optional.SweetIM, C:\Windows\Installer\afa9401.msi, , [8f40d538f2993ff76616cab764a1ba46],
PUP.Optional.SweetIM, C:\Windows\Installer\afa9467.msi, , [4c83fb12bad1082e2b513a47cd3849b7],
PUP.Optional.SweetIM, C:\Windows\Installer\afa947e.msi, , [21ae4ac35932a98d18646e13ed186b95],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#20 Příspěvek od Rudy »

Všechny nálezy smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JelenJelcin
Návštěvník
Návštěvník
Příspěvky: 70
Registrován: 01 črc 2010 14:27

Re: notebook zpomalen

#21 Příspěvek od JelenJelcin »

vše sem smazala, ale stale nic z uvedených věcí nefunguje.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#22 Příspěvek od Rudy »

Dejte ještě log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JelenJelcin
Návštěvník
Návštěvník
Příspěvky: 70
Registrován: 01 črc 2010 14:27

Re: notebook zpomalen

#23 Příspěvek od JelenJelcin »

ComboFix 15-09-03.01 - Tereza 04.09.2015 16:59:53.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1608 [GMT 2:00]
Spuštěný z: C:\Users\Tereza\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý



((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files (x86)\SecureW2
C:\Program Files (x86)\SecureW2\Uninstall.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecureW2
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
C:\Users\Tereza\AppData\Local\assembly\tmp
C:\Users\Tereza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
C:\Users\Tereza\Documents\~WRL0133.tmp
C:\windows\msdownld.tmp
C:\windows\SysWow64\SET8A1D.tmp
C:\windows\TEMP\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\DismCorePS.dll
C:\windows\Temp\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\DismHost.exe
C:\windows\Temp\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\DismProv.dll
C:\windows\Temp\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\DmiProvider.dll
C:\windows\Temp\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\LogProvider.dll
C:\windows\TEMP\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\OSProvider.dll
C:\windows\TEMP\91E4D1E2-E8C7-4813-8315-10496C9DFB4F\wdscore.dll


((((((((((((((((((((((((( Soubory vytvořené od 2015-08-04 do 2015-09-04 )))))))))))))))))))))))))))))))


2015-09-04 15:21:07 . 2015-09-04 15:21:07 -------- d-----w- C:\Users\Public\AppData\Local\temp
2015-09-04 15:21:07 . 2015-09-04 15:21:07 -------- d-----w- C:\Users\Default\AppData\Local\temp
2015-08-29 11:51:17 . 2015-08-29 11:51:18 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ECF0FA91-1BB4-4422-A8EB-2AE63089B249}\offreg.8224.dll
2015-08-27 15:47:11 . 2015-09-01 17:54:40 113880 ----a-w- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-27 15:32:19 . 2015-08-27 15:32:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-27 15:32:19 . 2015-08-27 15:32:19 -------- d-----w- C:\ProgramData\Malwarebytes
2015-08-27 15:32:19 . 2015-06-18 06:41:56 63704 ----a-w- C:\windows\system32\drivers\mwac.sys
2015-08-27 15:32:19 . 2015-06-18 06:41:44 109272 ----a-w- C:\windows\system32\drivers\mbamchameleon.sys
2015-08-27 15:32:19 . 2015-06-18 06:41:40 25816 ----a-w- C:\windows\system32\drivers\mbam.sys
2015-08-26 17:29:42 . 2015-08-26 17:29:42 -------- d-----w- C:\TEMP
2015-08-26 17:07:53 . 2015-06-15 21:45:42 3242496 ----a-w- C:\windows\system32\msi.dll
2015-08-26 17:07:53 . 2015-06-15 21:45:34 1941504 ----a-w- C:\windows\system32\authui.dll
2015-08-26 17:07:53 . 2015-06-15 21:44:47 128000 ----a-w- C:\windows\system32\msiexec.exe
2015-08-26 17:07:53 . 2015-06-15 21:43:35 2364416 ----a-w- C:\windows\SysWow64\msi.dll
2015-08-26 17:07:53 . 2015-06-15 21:43:24 1805824 ----a-w- C:\windows\SysWow64\authui.dll
2015-08-26 17:07:52 . 2015-06-15 21:50:42 112064 ----a-w- C:\windows\system32\consent.exe
2015-08-26 17:07:52 . 2015-06-15 21:45:42 504320 ----a-w- C:\windows\system32\msihnd.dll
2015-08-26 17:07:52 . 2015-06-15 21:45:34 70656 ----a-w- C:\windows\system32\appinfo.dll
2015-08-26 17:07:52 . 2015-06-15 21:43:35 337408 ----a-w- C:\windows\SysWow64\msihnd.dll
2015-08-26 17:07:52 . 2015-06-15 21:42:49 73216 ----a-w- C:\windows\SysWow64\msiexec.exe
2015-08-26 17:07:52 . 2015-06-15 21:42:46 25088 ----a-w- C:\windows\system32\msimsg.dll
2015-08-26 17:07:52 . 2015-06-15 21:37:15 25088 ----a-w- C:\windows\SysWow64\msimsg.dll
2015-08-26 07:43:04 . 2015-08-26 07:43:04 -------- d-----w- C:\windows\system32\appraiser
2015-08-26 07:11:33 . 2015-08-20 02:18:02 11745192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ECF0FA91-1BB4-4422-A8EB-2AE63089B249}\mpengine.dll
2015-08-26 07:09:36 . 2015-07-30 13:13:38 103120 ----a-w- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-26 07:09:36 . 2015-07-30 13:13:11 124624 ----a-w- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-26 06:32:23 . 2015-07-15 03:19:45 52736 ----a-w- C:\windows\system32\basesrv.dll
2015-08-26 06:32:14 . 2015-04-27 19:23:45 229376 ----a-w- C:\windows\system32\wintrust.dll
2015-08-26 06:32:14 . 2015-04-27 19:23:13 188416 ----a-w- C:\windows\system32\cryptsvc.dll
2015-08-26 06:32:14 . 2015-04-27 19:23:13 1480192 ----a-w- C:\windows\system32\crypt32.dll
2015-08-26 06:32:14 . 2015-04-27 19:23:13 140288 ----a-w- C:\windows\system32\cryptnet.dll
2015-08-26 06:32:14 . 2015-04-27 19:05:58 179200 ----a-w- C:\windows\SysWow64\wintrust.dll
2015-08-26 06:32:14 . 2015-04-27 19:04:37 143872 ----a-w- C:\windows\SysWow64\cryptsvc.dll
2015-08-26 06:32:14 . 2015-04-27 19:04:37 1174528 ----a-w- C:\windows\SysWow64\crypt32.dll
2015-08-26 06:32:14 . 2015-04-27 19:04:37 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
2015-08-26 06:30:52 . 2015-07-09 17:57:57 193536 ----a-w- C:\windows\system32\notepad.exe
2015-08-25 19:57:11 . 2015-07-10 17:51:25 14177280 ----a-w- C:\windows\system32\shell32.dll
2015-08-19 19:34:23 . 2015-08-19 19:34:23 -------- d-----w- C:\Program Files (x86)\MozBackup
2015-08-11 19:02:18 . 2015-08-11 19:02:18 9284296 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2015-08-11 19:02:44 . 2012-10-14 07:39:15 778440 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2015-08-11 19:02:44 . 2011-09-30 15:14:48 142536 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-28 08:59:08 . 2011-09-28 17:56:28 132483416 ----a-w- C:\windows\system32\MRT.exe
2015-07-20 20:19:28 . 2014-10-02 13:59:46 150160 ----a-w- C:\windows\system32\drivers\aswStm.sys
2015-07-20 20:19:28 . 2014-10-02 13:59:45 28656 ----a-w- C:\windows\system32\drivers\aswHwid.sys
2015-07-20 20:19:28 . 2013-03-03 11:08:36 274808 ----a-w- C:\windows\system32\drivers\aswVmm.sys
2015-07-20 20:19:28 . 2013-03-03 11:08:35 65224 ----a-w- C:\windows\system32\drivers\aswRvrt.sys
2015-07-20 20:19:28 . 2011-09-27 22:41:40 447944 ----a-w- C:\windows\system32\drivers\aswSP.sys
2015-07-20 20:19:28 . 2011-09-27 22:41:39 90968 ----a-w- C:\windows\system32\drivers\aswMonFlt.sys
2015-07-20 20:19:27 . 2015-07-20 20:19:34 378880 ----a-w- C:\windows\system32\aswBoot.exe
2015-07-20 20:19:26 . 2012-03-04 15:39:15 93528 ----a-w- C:\windows\system32\drivers\aswRdr2.sys
2015-07-20 20:19:16 . 2015-07-20 20:19:16 43112 ----a-w- C:\windows\avastSS.scr
2015-07-20 20:18:38 . 2011-09-27 22:41:39 1048856 ----a-w- C:\windows\system32\drivers\aswSnx.sys
2015-07-15 18:10:56 . 2015-08-26 06:33:57 342016 ----a-w- C:\windows\system32\schannel.dll
2015-07-15 17:55:00 . 2015-08-26 06:33:57 248832 ----a-w- C:\windows\SysWow64\schannel.dll
2015-07-15 17:54:40 . 2015-08-26 06:33:55 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2015-06-23 11:30:20 . 2011-09-28 00:46:03 300704 ------w- C:\windows\system32\MpSigStub.exe
2015-06-16 23:01:52 . 2015-06-16 23:01:52 1202856 ----a-w- C:\windows\SysWow64\FM20.DLL


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 10:31:54 2736128]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 07:33:30 4910912]
"cz.seznam.software.autoupdate"="C:\Users\Tereza\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 13:25:04 1062472]
"cz.seznam.software.szndesktop"="C:\Users\Tereza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 11:38:44 103080]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2015-06-29 14:41:34 53282944]
"Zoner Photo Studio Autoupdate"="C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 15:11:32 779776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 08:23:10 656920]
"File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 18:41:42 12274688]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 17:00:32 283160]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-28 01:45:31 113288]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 18:38:48 336384]
"DTRun"="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 18:00:06 517456]
"HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-09-28 01:42:22 169528]
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 17:36:46 30040]
"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 09:46:20 103992]
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 11:58:42 333728]
"seznam-listicka-distribuce"="C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 13:25:04 1062472]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2015-07-20 20:19:18 6109776]
"VICTORY Gaming Keyboard"="C:\Program Files (x86)\Gaming Keyboard\Monitor.exe" [2013-04-09 11:13:44 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09:12 75360 ----a-w- C:\Windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""

R2 ArcGIS License Manager;ArcGIS License Manager;C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe;C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [x]
R2 aswStm;aswStm;C:\windows\system32\drivers\aswStm.sys;C:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe;C:\Program Files (x86)\Xobni\XobniService.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\system32\DRIVERS\btath_flt.sys;C:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\system32\drivers\btath_a2dp.sys;C:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\system32\drivers\btath_avdt.sys;C:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\system32\DRIVERS\btath_hcrp.sys;C:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\system32\DRIVERS\btath_lwflt.sys;C:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\system32\DRIVERS\btath_rcp.sys;C:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;C:\windows\system32\DRIVERS\btfilter.sys;C:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DAMDrv;DAMDrv;C:\windows\system32\DRIVERS\DAMDrv64.sys;C:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\Windows\SysWOW64\flcdlock.exe;c:\Windows\SysWOW64\flcdlock.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;C:\windows\system32\DRIVERS\ewdcsc.sys;C:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;C:\windows\system32\DRIVERS\ewusbdev.sys;C:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\system32\IEEtwCollector.exe;C:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\system32\drivers\rdpvideominiport.sys;C:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\windows\system32\DRIVERS\taphss6.sys;C:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\windows\system32\DRIVERS\VBoxNetAdp.sys;C:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\system32\Wat\WatAdminSvc.exe;C:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 Workflow Manager Spatial Notification Service;Workflow Manager Spatial Notification Service;C:\Program Files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe 30;C:\Program Files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe 30 [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys;C:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys;C:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;C:\windows\system32\DRIVERS\cnnctfy3.sys;C:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys;C:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;C:\windows\system32\DRIVERS\VBoxDrv.sys;C:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\windows\system32\DRIVERS\VBoxUSBMon.sys;C:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe;C:\Program Files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe;C:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;C:\windows\system32\drivers\aswHwid.sys;C:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\windows\system32\drivers\aswMonFlt.sys;C:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Connectify;Connectify;C:\Program Files (x86)\Connectify\ConnectifyService.exe;C:\Program Files (x86)\Connectify\ConnectifyService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;C:\windows\System32\svchost.exe;C:\windows\SYSNATIVE\svchost.exe [x]
S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe;C:\Program Files\HitmanPro\hmpsched.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;C:\windows\system32\Hpservice.exe;C:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 RtlISMServ;RtlISMServ;C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe;C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [x]
S2 uArcCapture;ArcCapture;C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\system32\vcsFPService.exe;C:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\system32\DRIVERS\ArcSoftVCapture.sys;C:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\system32\DRIVERS\btath_bus.sys;C:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;C:\windows\system32\DRIVERS\igdpmd64.sys;C:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys;C:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;C:\windows\system32\drivers\mbam.sys;C:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\system32\drivers\MBAMSwissArmy.sys;C:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\system32\drivers\mwac.sys;C:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\system32\DRIVERS\nusb3hub.sys;C:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\system32\DRIVERS\nusb3xhc.sys;C:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys;C:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;C:\windows\system32\DRIVERS\VBoxNetFlt.sys;C:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]


--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - hitmanpro37

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29:54 451872 ----a-w- C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe

Obsah adresáře 'Naplánované úlohy'

2015-09-04 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 17:20:58 . 2015-08-11 19:02:46]

2015-09-03 C:\windows\Tasks\HPCeeScheduleForTEREZA-HP$.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43:00 . 2011-07-15 03:43:00]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-20 20:19:27 777544 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 01:10:56 13880]
"MfeEpePcMonitor"="C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-08-22 13:50:26 200704]
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 00:20:00 689488]
"IgfxTray"="C:\windows\system32\igfxtray.exe" [2011-01-27 06:15:52 167960]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2011-01-27 06:15:38 391704]
"Persistence"="C:\windows\system32\igfxpers.exe" [2011-01-27 06:15:48 418328]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [2013-06-13 20:34:37 1664000]
"BtTray"="C:\Program Files (x86)\Bluetooth Suite\BtTray.exe" [2012-09-14 11:42:14 764544]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [2012-09-14 11:42:18 127616]
"Connectify Hotspot"="C:\Program Files (x86)\Connectify\Connectify.exe" [2013-11-05 20:07:42 3727648]
"Connectify Dispatch"="C:\Program Files (x86)\Connectify\DispatchUI.exe" [2013-11-05 20:07:42 1656608]

------- Doplňkový sken -------

uStart Page = hxxp://www.seznam.cz/?clid=13415
uLocal Page = C:\windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.11.101 10.11.1.101
FF - ProfilePath - C:\Users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\zeo3lzon.default-1434279289197\

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ANDY OS - C:\Program Files\Andy\uninstall.exe
AddRemove-Crash Bandicoot (pSX 1.13 emulation) - C:\Users\Tereza\Desktop\cr\Uninstal.exe
AddRemove-SecureW2 EAP Suite - C:\Program Files (x86)\SecureW2\Uninstall.exe
AddRemove-{6D5D9B6F-FA1C-4E19-A674-D7417D1EE61A} - C:\Program Files (x86)\InstallShield Installation Information\{6D5D9B6F-FA1C-4E19-A674-D7417D1EE61A}\HP_UI\Uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - C:\Program Files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe



[HKEY_LOCAL_MACHINE\system\ControlSet002\services\pdfcDispatcher]
"ImagePath"="C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3075646771-320467267-1627183398-1001\Software\SecuROM\License information*]
"datasecu"=hex:52,67,9a,fb,10,81,b7,5d,56,e4,e6,0e,ae,3b,e5,10,25,8f,de,05,02,
ca,a9,33,6b,eb,0e,79,1f,c4,45,af,d5,4a,20,9d,04,46,39,0a,6b,e5,13,00,fd,28,\
"rkeysecu"=hex:6f,df,06,dd,63,df,b7,fa,c0,ee,53,09,26,40,10,fc

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_232_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_232.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)

Celkový čas: 2015-09-04 17:26:38
ComboFix-quarantined-files.txt 2015-09-04 15:26:37

Před spuštěním: Volných bajtů: 67 509 780 480
Po spuštění: Volných bajtů: 66 969 055 232

- - End Of File - - 5B5E1C9535583671C33E692A00C0C549
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#24 Příspěvek od Rudy »

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Driver::
BBSvc
BBUpdate

Regnull::
[HKEY_USERS\S-1-5-21-3075646771-320467267-1627183398-1001\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0013\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0014\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0015\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0016\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0017\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0018\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]

Reboot::
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JelenJelcin
Návštěvník
Návštěvník
Příspěvky: 70
Registrován: 01 črc 2010 14:27

Re: notebook zpomalen

#25 Příspěvek od JelenJelcin »

ComboFix 15-09-03.01 - Tereza 05.09.2015 15:21:48.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1964 [GMT 2:00]
Spuštěný z: c:\users\Tereza\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tereza\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-08-05 do 2015-09-05 )))))))))))))))))))))))))))))))
.
.
2015-09-05 13:35 . 2015-09-05 13:42 -------- d-----w- c:\users\Tereza\AppData\Local\temp
2015-09-05 13:35 . 2015-09-05 13:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-09-05 13:35 . 2015-09-05 13:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-29 11:51 . 2015-08-29 11:51 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ECF0FA91-1BB4-4422-A8EB-2AE63089B249}\offreg.8224.dll
2015-08-27 15:47 . 2015-09-05 13:40 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-27 15:32 . 2015-08-27 15:32 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-08-27 15:32 . 2015-08-27 15:32 -------- d-----w- c:\programdata\Malwarebytes
2015-08-27 15:32 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-08-27 15:32 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-27 15:32 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-08-26 17:29 . 2015-08-26 17:29 -------- d-----w- C:\TEMP
2015-08-26 17:07 . 2015-06-15 21:45 3242496 ----a-w- c:\windows\system32\msi.dll
2015-08-26 17:07 . 2015-06-15 21:45 1941504 ----a-w- c:\windows\system32\authui.dll
2015-08-26 17:07 . 2015-06-15 21:44 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-08-26 17:07 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-08-26 17:07 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-08-26 17:07 . 2015-06-15 21:50 112064 ----a-w- c:\windows\system32\consent.exe
2015-08-26 17:07 . 2015-06-15 21:45 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-08-26 17:07 . 2015-06-15 21:45 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-08-26 17:07 . 2015-06-15 21:43 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-08-26 17:07 . 2015-06-15 21:42 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-08-26 17:07 . 2015-06-15 21:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-08-26 17:07 . 2015-06-15 21:37 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2015-08-26 07:43 . 2015-08-26 07:43 -------- d-----w- c:\windows\system32\appraiser
2015-08-26 07:11 . 2015-08-20 02:18 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ECF0FA91-1BB4-4422-A8EB-2AE63089B249}\mpengine.dll
2015-08-26 07:09 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-26 06:32 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2015-08-26 06:32 . 2015-04-27 19:23 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-08-26 06:32 . 2015-04-27 19:23 188416 ----a-w- c:\windows\system32\cryptsvc.dll
2015-08-26 06:32 . 2015-04-27 19:23 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-08-26 06:32 . 2015-04-27 19:23 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-08-26 06:32 . 2015-04-27 19:04 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-08-26 06:32 . 2015-04-27 19:04 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-08-26 06:32 . 2015-04-27 19:04 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-08-26 06:30 . 2015-07-09 17:57 193536 ----a-w- c:\windows\system32\notepad.exe
2015-08-25 19:57 . 2015-07-10 17:51 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-08-25 19:57 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
2015-08-25 19:57 . 2015-07-20 18:12 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-08-25 19:57 . 2015-07-20 18:12 37888 ----a-w- c:\windows\system32\wups2.dll
2015-08-25 19:57 . 2015-07-20 18:12 3154944 ----a-w- c:\windows\system32\wucltux.dll
2015-08-25 19:57 . 2015-07-20 18:12 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-08-25 19:57 . 2015-07-20 18:12 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-08-25 19:57 . 2015-07-20 18:12 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-08-25 19:57 . 2015-07-20 18:12 37376 ----a-w- c:\windows\system32\wuapp.exe
2015-08-25 19:57 . 2015-07-20 18:12 139776 ----a-w- c:\windows\system32\wuauclt.exe
2015-08-25 19:57 . 2015-07-20 18:12 36864 ----a-w- c:\windows\system32\wups.dll
2015-08-25 19:57 . 2015-07-20 18:12 2606080 ----a-w- c:\windows\system32\wuaueng.dll
2015-08-25 19:57 . 2015-07-20 18:12 192000 ----a-w- c:\windows\system32\wuwebv.dll
2015-08-19 19:34 . 2015-08-19 19:34 -------- d-----w- c:\program files (x86)\MozBackup
2015-08-11 19:02 . 2015-08-11 19:02 9284296 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-11 19:02 . 2012-10-14 07:39 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-11 19:02 . 2011-09-30 15:14 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-30 13:13 . 2015-08-26 07:09 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-28 08:59 . 2011-09-28 17:56 132483416 ----a-w- c:\windows\system32\MRT.exe
2015-07-20 20:19 . 2014-10-02 13:59 150160 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-07-20 20:19 . 2014-10-02 13:59 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-07-20 20:19 . 2013-03-03 11:08 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-07-20 20:19 . 2013-03-03 11:08 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-07-20 20:19 . 2011-09-27 22:41 447944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-07-20 20:19 . 2011-09-27 22:41 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-07-20 20:19 . 2015-07-20 20:19 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-07-20 20:19 . 2012-03-04 15:39 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-07-20 20:19 . 2015-07-20 20:19 43112 ----a-w- c:\windows\avastSS.scr
2015-07-20 20:18 . 2011-09-27 22:41 1048856 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-07-20 17:56 . 2015-08-25 19:57 93184 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-07-20 17:56 . 2015-08-25 19:57 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-07-20 17:56 . 2015-08-25 19:57 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-07-20 17:56 . 2015-08-25 19:57 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-07-20 17:56 . 2015-08-25 19:57 34816 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-07-16 19:51 . 2015-08-26 06:33 504320 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-07-16 19:12 . 2015-08-26 06:30 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2015-07-16 18:42 . 2015-08-26 06:33 1951232 ----a-w- c:\windows\SysWow64\wininet.dll
2015-07-15 18:10 . 2015-08-26 06:33 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-15 17:55 . 2015-08-26 06:33 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-07-15 17:55 . 2015-08-26 06:33 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-07-15 17:55 . 2015-08-26 06:33 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-07-15 17:55 . 2015-08-26 06:33 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-07-15 17:55 . 2015-08-26 06:33 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-07-15 17:54 . 2015-08-26 06:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-15 17:54 . 2015-08-26 06:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-07-15 17:53 . 2015-08-26 06:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-07-15 17:53 . 2015-08-26 06:33 665088 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2015-07-15 17:53 . 2015-08-26 06:33 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-07-15 16:37 . 2015-08-26 06:33 2048 ----a-w- c:\windows\SysWow64\user.exe
2015-07-01 20:30 . 2015-08-26 06:31 206848 ----a-w- c:\windows\SysWow64\WebClnt.dll
2015-06-23 11:30 . 2011-09-28 00:46 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\SysWow64\FM20.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2736128]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"cz.seznam.software.autoupdate"="c:\users\Tereza\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Tereza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-06-29 53282944]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2014-03-13 779776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-28 113288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-09-28 169528]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-20 6109776]
"VICTORY Gaming Keyboard"="c:\program files (x86)\Gaming Keyboard\Monitor.exe" [2013-04-09 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files (x86)\ArcGIS\License10.2\bin\lmgrd.exe;c:\program files (x86)\ArcGIS\License10.2\bin\lmgrd.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 Workflow Manager Spatial Notification Service;Workflow Manager Spatial Notification Service;c:\program files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe 30;c:\program files (x86)\ArcGIS\WMX\Desktop10.2\Bin\WMXSpatialNotificationService.exe 30 [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 RtlISMServ;RtlISMServ;c:\program files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe;c:\program files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 ZAtheros Bt and Wlan Coex Agent;ZAtheros Bt and Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - HITMANPRO37
*Deregistered* - hitmanpro37
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 19:02]
.
2015-09-03 c:\windows\Tasks\HPCeeScheduleForTEREZA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-20 20:19 777544 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-08-22 200704]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-11 689488]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-13 1664000]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-09-14 764544]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-09-14 127616]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=13415
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.11.101 10.11.1.101
FF - ProfilePath - c:\users\Tereza\AppData\Roaming\Mozilla\Firefox\Profiles\zeo3lzon.default-1434279289197\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ANDY OS - c:\program files\Andy\uninstall.exe
AddRemove-Crash Bandicoot (pSX 1.13 emulation) - c:\users\Tereza\Desktop\cr\Uninstal.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-{6D5D9B6F-FA1C-4E19-A674-D7417D1EE61A} - c:\program files (x86)\InstallShield Installation Information\{6D5D9B6F-FA1C-4E19-A674-D7417D1EE61A}\HP_UI\Uninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_232_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-09-05 15:54:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-09-05 13:54
ComboFix2.txt 2015-09-04 15:26
.
Před spuštěním: Volných bajtů: 68 196 990 976
Po spuštění: Volných bajtů: 67 959 648 256
.
- - End Of File - - 8A024AFD3C02D24821C4239FF4C7A740
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#26 Příspěvek od Rudy »

Smazáno. CF přejmenujte na uninstall a spusťte. CF bude odinstalován. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
JelenJelcin
Návštěvník
Návštěvník
Příspěvky: 70
Registrován: 01 črc 2010 14:27

Re: notebook zpomalen

#27 Příspěvek od JelenJelcin »

Ano změnilo. Už vše funguje. Moc děkuji. :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119366
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: notebook zpomalen

#28 Příspěvek od Rudy »

Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“