Zpomalený notebook HP 635

Zpráva

#16 Příspěvek od **Rudy** » 18 pro 2013 20:41

Změnilo se teď něco? Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

MrAnnix99 · #17 Příspěvek od **MrAnnix99** » 21 pro 2013 10:08

Trošku lepší, ale furt nic moc.

#18 Příspěvek od **Rudy** » 21 pro 2013 11:09

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

MrAnnix99 · #19 Příspěvek od **MrAnnix99** » 22 pro 2013 21:08

ComboFix 13-12-21.01 - JAKUB 22.12.2013 20:36:05.14.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2270 [GMT 1:00]
Spuštěný z: c:\users\JAKUB\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\capsys184523.log
c:\windows\windefendam.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-22 do 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2013-12-22 19:51 . 2013-12-22 19:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-22 19:51 . 2013-12-22 19:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-22 19:22 . 2013-12-22 19:22 -------- d-----w- c:\windows\LastGood
2013-12-22 19:22 . 2013-12-22 19:22 -------- d-----w- c:\programdata\Hotspot Shield
2013-12-22 19:20 . 2013-12-22 19:23 -------- d-----w- c:\program files (x86)\Hotspot Shield
2013-12-22 18:21 . 2011-06-22 22:05 755016 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor50.dll
2013-12-22 18:21 . 2011-06-22 22:05 756552 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
2013-12-22 08:11 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B147CE77-E00E-44E7-886E-F7B4DEB90C7B}\mpengine.dll
2013-12-21 07:40 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-20 21:33 . 2013-11-26 09:46 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-12-20 18:08 . 2013-12-21 07:32 6416 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2013-12-15 13:45 . 2013-12-15 13:45 -------- d-----w- c:\programdata\RegClean
2013-12-15 09:31 . 2013-12-15 09:32 -------- d-----w- c:\users\JAKUB\AppData\Local\Spotify
2013-12-15 09:30 . 2013-12-15 20:24 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Spotify
2013-12-14 15:13 . 2013-12-17 05:33 -------- d-----w- c:\program files (x86)\SmartTweak
2013-12-14 15:13 . 2013-12-14 15:13 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-14 15:12 . 2013-12-16 20:52 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Seznam.cz
2013-12-14 15:12 . 2013-12-17 05:35 -------- d-----w- c:\users\JAKUB\AppData\Local\FilesFrog Update Checker
2013-12-14 13:39 . 2010-02-25 16:51 29696 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-12-14 12:28 . 2013-12-14 15:27 -------- d-----w- c:\program files\CyberGhost 5
2013-12-14 07:35 . 2013-12-14 07:34 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABE1A540-66B6-42CD-8810-43163932C690}\gapaengine.dll
2013-12-14 07:30 . 2013-12-20 21:32 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-12-14 07:30 . 2013-12-20 21:32 -------- d-----w- c:\program files\Microsoft Security Client
2013-12-12 14:43 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-12 14:43 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-12 14:43 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-12 14:43 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-12 14:43 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-12 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-12 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-12 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-12 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-12 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-12 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-12 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-12 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-12 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-12 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 13:37 . 2013-12-11 13:37 9293192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-10 13:45 . 2013-12-10 13:45 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Apple Computer
2013-12-08 18:29 . 2013-12-08 18:29 -------- d-----w- c:\users\JAKUB\AppData\Roaming\FUEL
2013-12-08 18:18 . 2013-12-08 18:18 -------- d-----w- c:\program files\Codemasters
2013-12-07 21:03 . 2013-12-07 21:03 -------- d-----w- c:\programdata\Apple
2013-12-07 20:12 . 2013-12-07 20:12 -------- d-----w- c:\windows\SysWow64\spool
2013-12-07 20:12 . 2013-12-07 20:12 -------- d-----w- c:\programdata\Sony
2013-12-07 18:27 . 2013-12-08 07:20 -------- d-----w- c:\users\JAKUB\AppData\Roaming\YouTube Downloader
2013-12-07 18:23 . 2013-12-08 07:16 -------- d-----w- c:\program files (x86)\YTD
2013-12-07 18:11 . 2013-12-07 18:12 -------- d-----w- c:\users\JAKUB\AppData\Local\Windows Live
2013-12-05 19:27 . 2013-12-05 19:27 -------- d-----r- C:\MSOCache
2013-12-05 14:37 . 2013-12-05 14:37 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Unity
2013-12-03 21:03 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-03 20:58 . 2013-12-03 20:58 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-12-03 15:50 . 2013-12-03 15:50 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Sony Creative Software Inc
2013-12-03 15:46 . 2013-12-07 20:12 -------- d-----w- c:\users\JAKUB\AppData\Local\Sony
2013-12-03 15:46 . 2013-12-07 20:12 -------- d-----w- c:\program files (x86)\Sony
2013-12-03 15:45 . 2013-12-07 20:12 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Sony
2013-11-27 17:12 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 17:12 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 17:12 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 17:12 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 17:12 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 17:12 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 17:12 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 19:59 . 2013-11-26 19:59 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Electronic Arts
2013-11-26 19:57 . 2013-11-26 19:57 -------- d-----w- c:\users\JAKUB\AppData\Local\Unity
2013-11-25 17:22 . 2010-12-16 10:06 47232 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-11-25 17:12 . 2013-11-25 17:13 -------- d-----w- c:\program files (x86)\AMD High-Definition Graphics Driver
2013-11-25 16:54 . 2013-11-25 16:54 -------- d-----w- c:\program files (x86)\JAM Software
2013-11-24 19:26 . 2013-11-24 19:26 -------- d-----w- c:\users\JAKUB\AppData\Local\SplitMediaLabs
2013-11-24 19:26 . 2013-11-24 19:45 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-11-24 19:25 . 2013-11-26 00:53 -------- d-----w- c:\programdata\SplitMediaLabs
2013-11-24 19:25 . 2013-11-26 00:55 -------- d-----w- c:\program files (x86)\SplitMediaLabs
2013-11-24 19:23 . 2013-11-26 00:54 -------- d-----w- c:\users\JAKUB\AppData\Roaming\SplitMediaLabs
2013-11-24 19:00 . 2013-11-24 19:00 -------- d-----w- c:\users\JAKUB\AppData\Roaming\CyberLink
2013-11-24 17:43 . 2013-11-24 17:43 -------- d-----w- c:\users\JAKUB\AppData\Roaming\OBS
2013-11-24 17:43 . 2013-11-24 17:43 -------- d-----w- c:\program files\OBS
2013-11-24 17:43 . 2013-11-27 14:04 -------- d-----w- c:\program files (x86)\OBS
2013-11-24 12:50 . 2013-12-17 05:35 -------- d-----w- c:\users\JAKUB\AppData\Local\Brice_Lambson
2013-11-24 12:49 . 2013-11-24 12:49 -------- d-----w- c:\program files\Image Resizer for Windows
2013-11-24 12:49 . 2013-11-24 12:49 -------- d-----w- c:\program files (x86)\Image Resizer for Windows
2013-11-24 12:25 . 2013-11-24 12:25 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-11-24 12:24 . 2013-11-24 12:24 -------- d-----w- c:\program files (x86)\Free Video to GIF Converter
2013-11-23 19:37 . 2013-11-23 19:37 883928 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-11-23 19:37 . 2013-11-23 19:37 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-11-23 19:35 . 2013-11-23 19:35 3379272 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2013-11-23 19:35 . 2013-11-23 19:35 2797128 ----a-w- c:\windows\system32\RtPgEx64.dll
2013-11-23 19:35 . 2013-11-23 19:35 1659464 ----a-w- c:\windows\system32\RTSnMg64.cpl
2013-11-23 19:35 . 2013-11-23 19:35 991816 ----a-w- c:\windows\system32\RtkApi64.dll
2013-11-23 19:35 . 2013-11-23 19:35 613448 ----a-w- c:\windows\system32\RtDataProc64.dll
2013-11-23 19:35 . 2013-11-23 19:35 3693128 ----a-w- c:\windows\system32\RtkAPO64.dll
2013-11-23 19:35 . 2013-11-23 19:35 21170176 ----a-w- c:\windows\system32\RCoRes64.dat
2013-11-23 19:35 . 2013-11-23 19:35 135240 ----a-w- c:\windows\system32\RCoInstII64.dll
2013-11-23 19:35 . 2013-11-23 19:35 1284680 ----a-w- c:\windows\system32\RTCOM64.dll
2013-11-23 19:35 . 2013-11-23 19:35 110592 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-23 19:35 . 2013-11-23 19:35 208072 ----a-w- c:\windows\system32\AERTAC64.dll
2013-11-23 19:24 . 2013-11-23 19:24 -------- d-----w- c:\users\JAKUB\AppData\Roaming\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-22 19:34 . 2013-10-06 09:01 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-12-20 21:21 . 2013-05-04 08:44 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 13:37 . 2013-02-19 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 13:37 . 2013-02-19 17:35 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-03 20:58 . 2013-12-03 20:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-11-23 19:37 . 2011-09-28 15:26 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-13 10:51 . 2013-11-13 10:51 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-11-09 20:01 . 2013-11-09 20:01 388096 ----a-r- c:\users\JAKUB\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-17 14:03 . 2013-10-17 14:03 31136 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2013-10-12 02:30 . 2013-11-21 20:08 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-21 20:08 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-21 20:08 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-21 20:08 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-21 20:08 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-21 20:12 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-21 20:12 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-21 20:09 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-21 20:09 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-21 20:11 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2013-06-18 20:50 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:26 . 2013-11-21 20:10 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 02:26 . 2013-11-21 20:10 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:23 . 2013-11-21 20:10 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-25 02:23 . 2013-11-21 20:10 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 02:23 . 2013-11-21 20:10 28160 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 02:22 . 2013-11-21 20:10 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 02:21 . 2013-11-21 20:10 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 02:21 . 2013-11-21 20:10 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 01:58 . 2013-11-21 20:10 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-25 01:57 . 2013-11-21 20:10 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-25 01:57 . 2013-11-21 20:10 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-25 01:56 . 2013-11-21 20:10 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03 . 2013-11-21 20:10 30720 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 atillk64;atillk64; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64; [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GDPkIcpt;GDPkIcpt; [x]
R3 GPU-Z;GPU-Z;c:\users\JAKUB\AppData\Local\Temp\GPU-Z.sys;c:\users\JAKUB\AppData\Local\Temp\GPU-Z.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - HSSDRV6
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-29 18:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 13:37]
.
2013-12-22 c:\windows\Tasks\HPCeeScheduleForJAKUB.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-12 21720]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
FF - ProfilePath - c:\users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\
FF - prefs.js: network.proxy.type -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\SecuROM\License information*]
"datasecu"=hex:7a,c0,bc,f4,b0,ab,74,c7,37,d9,6b,a3,83,36,00,d3,39,03,e5,51,da,
74,71,51,0d,ca,a9,2b,1e,42,51,f9,22,58,73,3f,f8,73,70,c3,35,b7,8a,43,f2,1c,\
"rkeysecu"=hex:19,78,53,0e,6b,5b,62,f9,9f,1c,48,0c,57,67,50,76
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-12-22 21:07:03
ComboFix-quarantined-files.txt 2013-12-22 20:06
.
Před spuštěním: Volných bajtů: 117 797 052 416
Po spuštění: Volných bajtů: 117 803 347 968
.
- - End Of File - - C1D7B39E13000F30C230E1CF9B99BCC7
A36C5E4F47E84449FF07ED3517B43A31

Trvalo to skoro 45 minut.

#20 Příspěvek od **Rudy** » 22 pro 2013 21:33

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Regnull::
[HKEY_USERS\S-1-5-21-1617569673-3034970362-4137664275-1001\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

MrAnnix99 · #21 Příspěvek od **MrAnnix99** » 23 pro 2013 08:43

ComboFix 13-12-21.01 - JAKUB 23.12.2013 8:08.16.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3835.2626 [GMT 1:00]
Spuštěný z: c:\users\JAKUB\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\JAKUB\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\WindowsUpdate.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-23 do 2013-12-23 )))))))))))))))))))))))))))))))
.
.
2013-12-23 07:22 . 2013-12-23 07:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-23 07:22 . 2013-12-23 07:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-22 08:11 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B147CE77-E00E-44E7-886E-F7B4DEB90C7B}\mpengine.dll
2013-12-21 07:40 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-20 21:33 . 2013-11-26 09:46 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-12-20 18:08 . 2013-12-21 07:32 6416 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2013-12-15 13:45 . 2013-12-15 13:45 -------- d-----w- c:\programdata\RegClean
2013-12-15 09:31 . 2013-12-15 09:32 -------- d-----w- c:\users\JAKUB\AppData\Local\Spotify
2013-12-15 09:30 . 2013-12-15 20:24 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Spotify
2013-12-14 15:13 . 2013-12-17 05:33 -------- d-----w- c:\program files (x86)\SmartTweak
2013-12-14 15:13 . 2013-12-14 15:13 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-14 15:12 . 2013-12-16 20:52 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Seznam.cz
2013-12-14 15:12 . 2013-12-17 05:35 -------- d-----w- c:\users\JAKUB\AppData\Local\FilesFrog Update Checker
2013-12-14 13:39 . 2010-02-25 16:51 29696 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-12-14 12:28 . 2013-12-14 15:27 -------- d-----w- c:\program files\CyberGhost 5
2013-12-14 07:35 . 2013-12-14 07:34 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{ABE1A540-66B6-42CD-8810-43163932C690}\gapaengine.dll
2013-12-14 07:30 . 2013-12-20 21:32 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-12-14 07:30 . 2013-12-20 21:32 -------- d-----w- c:\program files\Microsoft Security Client
2013-12-12 14:43 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-12 14:43 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-12 14:43 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-12 14:43 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-12 14:43 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-12 14:42 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-12 14:42 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-12 14:42 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-12 14:42 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-12 14:42 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-12 14:42 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-12 14:42 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-12 14:42 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-12 14:42 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-12 14:42 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2013-12-11 13:37 . 2013-12-11 13:37 9293192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-10 13:45 . 2013-12-10 13:45 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Apple Computer
2013-12-08 18:29 . 2013-12-08 18:29 -------- d-----w- c:\users\JAKUB\AppData\Roaming\FUEL
2013-12-08 18:18 . 2013-12-08 18:18 -------- d-----w- c:\program files\Codemasters
2013-12-07 21:03 . 2013-12-07 21:03 -------- d-----w- c:\programdata\Apple
2013-12-07 20:12 . 2013-12-07 20:12 -------- d-----w- c:\windows\SysWow64\spool
2013-12-07 20:12 . 2013-12-07 20:12 -------- d-----w- c:\programdata\Sony
2013-12-07 18:27 . 2013-12-08 07:20 -------- d-----w- c:\users\JAKUB\AppData\Roaming\YouTube Downloader
2013-12-07 18:23 . 2013-12-08 07:16 -------- d-----w- c:\program files (x86)\YTD
2013-12-07 18:11 . 2013-12-07 18:12 -------- d-----w- c:\users\JAKUB\AppData\Local\Windows Live
2013-12-05 19:27 . 2013-12-05 19:27 -------- d-----r- C:\MSOCache
2013-12-05 14:37 . 2013-12-05 14:37 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Unity
2013-12-03 21:03 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-03 20:58 . 2013-12-03 20:58 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-12-03 15:50 . 2013-12-03 15:50 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Sony Creative Software Inc
2013-12-03 15:46 . 2013-12-07 20:12 -------- d-----w- c:\users\JAKUB\AppData\Local\Sony
2013-12-03 15:46 . 2013-12-07 20:12 -------- d-----w- c:\program files (x86)\Sony
2013-12-03 15:45 . 2013-12-07 20:12 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Sony
2013-11-27 17:12 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 17:12 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 17:12 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 17:12 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 17:12 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 17:12 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 17:12 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 19:59 . 2013-11-26 19:59 -------- d-----w- c:\users\JAKUB\AppData\Roaming\Electronic Arts
2013-11-26 19:57 . 2013-11-26 19:57 -------- d-----w- c:\users\JAKUB\AppData\Local\Unity
2013-11-25 17:22 . 2010-12-16 10:06 47232 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2013-11-25 17:12 . 2013-11-25 17:13 -------- d-----w- c:\program files (x86)\AMD High-Definition Graphics Driver
2013-11-25 16:54 . 2013-11-25 16:54 -------- d-----w- c:\program files (x86)\JAM Software
2013-11-24 19:26 . 2013-11-24 19:26 -------- d-----w- c:\users\JAKUB\AppData\Local\SplitMediaLabs
2013-11-24 19:26 . 2013-11-24 19:45 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-11-24 19:25 . 2013-11-26 00:53 -------- d-----w- c:\programdata\SplitMediaLabs
2013-11-24 19:25 . 2013-11-26 00:55 -------- d-----w- c:\program files (x86)\SplitMediaLabs
2013-11-24 19:23 . 2013-11-26 00:54 -------- d-----w- c:\users\JAKUB\AppData\Roaming\SplitMediaLabs
2013-11-24 19:00 . 2013-11-24 19:00 -------- d-----w- c:\users\JAKUB\AppData\Roaming\CyberLink
2013-11-24 17:43 . 2013-11-24 17:43 -------- d-----w- c:\users\JAKUB\AppData\Roaming\OBS
2013-11-24 17:43 . 2013-11-24 17:43 -------- d-----w- c:\program files\OBS
2013-11-24 17:43 . 2013-11-27 14:04 -------- d-----w- c:\program files (x86)\OBS
2013-11-24 12:50 . 2013-12-17 05:35 -------- d-----w- c:\users\JAKUB\AppData\Local\Brice_Lambson
2013-11-24 12:49 . 2013-11-24 12:49 -------- d-----w- c:\program files\Image Resizer for Windows
2013-11-24 12:49 . 2013-11-24 12:49 -------- d-----w- c:\program files (x86)\Image Resizer for Windows
2013-11-24 12:25 . 2013-11-24 12:25 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-11-24 12:24 . 2013-11-24 12:24 -------- d-----w- c:\program files (x86)\Free Video to GIF Converter
2013-11-23 19:37 . 2013-11-23 19:37 883928 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-11-23 19:37 . 2013-11-23 19:37 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-11-23 19:35 . 2013-11-23 19:35 3379272 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2013-11-23 19:35 . 2013-11-23 19:35 2797128 ----a-w- c:\windows\system32\RtPgEx64.dll
2013-11-23 19:35 . 2013-11-23 19:35 1659464 ----a-w- c:\windows\system32\RTSnMg64.cpl
2013-11-23 19:35 . 2013-11-23 19:35 991816 ----a-w- c:\windows\system32\RtkApi64.dll
2013-11-23 19:35 . 2013-11-23 19:35 613448 ----a-w- c:\windows\system32\RtDataProc64.dll
2013-11-23 19:35 . 2013-11-23 19:35 3693128 ----a-w- c:\windows\system32\RtkAPO64.dll
2013-11-23 19:35 . 2013-11-23 19:35 21170176 ----a-w- c:\windows\system32\RCoRes64.dat
2013-11-23 19:35 . 2013-11-23 19:35 135240 ----a-w- c:\windows\system32\RCoInstII64.dll
2013-11-23 19:35 . 2013-11-23 19:35 1284680 ----a-w- c:\windows\system32\RTCOM64.dll
2013-11-23 19:35 . 2013-11-23 19:35 110592 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-11-23 19:35 . 2013-11-23 19:35 208072 ----a-w- c:\windows\system32\AERTAC64.dll
2013-11-23 19:24 . 2013-11-23 19:24 -------- d-----w- c:\users\JAKUB\AppData\Roaming\IObit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-23 07:23 . 2013-10-06 09:01 29 ----a-w- c:\windows\SysWow64\TempWmicBatchFile.bat
2013-12-20 21:21 . 2013-05-04 08:44 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 13:37 . 2013-02-19 17:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 13:37 . 2013-02-19 17:35 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-03 20:58 . 2013-12-03 20:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-11-23 19:37 . 2011-09-28 15:26 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-13 10:51 . 2013-11-13 10:51 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-11-09 20:01 . 2013-11-09 20:01 388096 ----a-r- c:\users\JAKUB\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-17 14:03 . 2013-10-17 14:03 31136 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2013-10-12 02:30 . 2013-11-21 20:08 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-21 20:08 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-21 20:08 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-21 20:08 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-21 20:08 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-21 20:12 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-21 20:12 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-21 20:09 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-21 20:09 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-21 20:11 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2013-06-18 20:50 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:26 . 2013-11-21 20:10 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 02:26 . 2013-11-21 20:10 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:23 . 2013-11-21 20:10 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-25 02:23 . 2013-11-21 20:10 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 02:23 . 2013-11-21 20:10 28160 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 02:22 . 2013-11-21 20:10 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 02:21 . 2013-11-21 20:10 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 02:21 . 2013-11-21 20:10 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 01:58 . 2013-11-21 20:10 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-25 01:57 . 2013-11-21 20:10 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-25 01:57 . 2013-11-21 20:10 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-25 01:56 . 2013-11-21 20:10 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03 . 2013-11-21 20:10 30720 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux7"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R2 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 atillk64;atillk64; [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 EagleX64;EagleX64; [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\Common\temp\FairplayKD.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 GDPkIcpt;GDPkIcpt; [x]
R3 GPU-Z;GPU-Z;c:\users\JAKUB\AppData\Local\Temp\GPU-Z.sys;c:\users\JAKUB\AppData\Local\Temp\GPU-Z.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTCore64;RTCore64;c:\program files (x86)\RMClock\RTCore64.sys;c:\program files (x86)\RMClock\RTCore64.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 CronService;Cron Service for Prey;c:\prey\platform\windows\cronsvc.exe;c:\prey\platform\windows\cronsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-29 18:32 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 13:37]
.
2013-12-22 c:\windows\Tasks\HPCeeScheduleForJAKUB.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
FF - ProfilePath - c:\users\JAKUB\AppData\Roaming\Mozilla\Firefox\Profiles\4anqzj7d.default\
FF - prefs.js: network.proxy.type -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-SLABCOMM&10C4&EA60 - c:\program files (x86)\Silabs\MCU\DriverUninstall\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
.
**************************************************************************
.
Celkový čas: 2013-12-23 08:41:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-23 07:41
ComboFix2.txt 2013-12-22 20:07
.
Před spuštěním: Volných bajtů: 117 846 638 592
Po spuštění: Volných bajtů: 117 560 098 816
.
- - End Of File - - 5309C4A710BE689C326EF43FA0B45C12
A36C5E4F47E84449FF07ED3517B43A31

#22 Příspěvek od **Rudy** » 23 pro 2013 08:54

Smazáno. Nastala nějaká změna?

MrAnnix99 · #23 Příspěvek od **MrAnnix99** » 23 pro 2013 09:05

Zas o trochu lepší, ale stále start trvá neskutečně dlouho..

#24 Příspěvek od **Rudy** » 23 pro 2013 09:09

Startmenu>přík. řádek (napsat) msconfig>Enter. V otevřeném okně na záložkách "Po spuštění" a "Služby" odstraňte zatržítka u těch položek, které nemusí automaticky startovat. Tj. u těch, které lze v případě potřeby spustit ručně.

MrAnnix99 · #25 Příspěvek od **MrAnnix99** » 23 pro 2013 11:16

HOTOVO..

MrAnnix99 · #26 Příspěvek od **MrAnnix99** » 23 pro 2013 13:27

Mám ještě jeden problém... Hraju FIFU 14 a jede mi to asi na 55 FPS, což je ještě v poho, ale když chci poslouchat něco na internetu např. na youtube tak se to neskutečně trhá a jeden to na 15 FPS a to tak mi dělá každá hra, co s tím mám dělat ?

#27 Příspěvek od **Rudy** » 23 pro 2013 14:26

Jakou máte rychlost připojení? Můžete zkontrolovat zde: www.dsl.cz .

MrAnnix99 · #28 Příspěvek od **MrAnnix99** » 23 pro 2013 14:58

6,662 Mbit/s

#29 Příspěvek od **Rudy** » 23 pro 2013 15:14

Sice nejsem pařan a nevím, kolik síť. prostředků spotřebuje taková online hra, ale za jistých okolností to může být málo. Dost záleží na tom, jakou rychlost máte deklarovanou ve smlouvě o přiojení.

MrAnnix99 · #30 Příspěvek od **MrAnnix99** » 24 pro 2013 12:04

A mám udělat ještě nějaké scany?

VIRY.CZ

Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635

Re: Zpomalený notebook HP 635