Pomalé PC, prosím o pomoc s logem z ComboFixu
Napsal: 31 led 2015 23:09
Ahoj,
po roce se mi začal hrozně zpomalovat notebook. Mám nainstalovaný Avast a SpyHunter. Oba programy jsem nechal prohledat disk a nechal opravit vše podezřelé co našli, ale na rychlost PC se to moc neprojevilo, snad jen na rychlosti prohlížeče (Chrome). Na PC jsem nainstaloval programy které potřebuji k práci a v posledních měsících jsem toho moc neinstaloval a tak jsem použil program ComboFix a přikládám vyexportovaný log. Budu moc rád za každou radu.
Předem díky.
Mottca
Log z ComboFixu:
ComboFix 15-01-29.01 - PC4 31.01.2015 22:36:04.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2985.1002 [GMT 1:00]
Spuštěný z: c:\users\PC4\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
/wow section - STAGE 3
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\users\PC4\Documents\~WRL0767.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-28 do 2015-01-31 )))))))))))))))))))))))))))))))
.
.
2015-01-30 12:54 . 2015-01-31 21:39 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A780FB53-47F0-43A8-B7B8-0F9B91886DBC}\offreg.dll
2015-01-30 12:47 . 2014-12-02 11:01 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A780FB53-47F0-43A8-B7B8-0F9B91886DBC}\mpengine.dll
2015-01-28 17:33 . 2015-01-28 17:33 0 ----a-w- c:\windows\invcol.tmp
2015-01-18 10:17 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-01-18 10:17 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-18 10:17 . 2014-12-11 17:47 46592 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-18 10:17 . 2014-12-19 02:43 164864 ----a-w- c:\windows\system32\profsvc.dll
2015-01-18 10:17 . 2014-12-06 03:50 242688 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-18 10:17 . 2014-12-19 01:34 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-29 21:03 . 2012-11-06 16:56 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-29 21:03 . 2012-11-06 16:56 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-08 08:55 . 2014-05-07 20:35 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-24 22:01 . 2014-04-19 11:46 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-24 22:00 . 2014-04-19 11:46 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-24 21:59 . 2014-04-19 11:46 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-12-24 21:59 . 2014-04-19 11:46 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-24 21:59 . 2014-04-19 11:46 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-24 21:59 . 2014-04-19 11:46 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-24 21:59 . 2014-04-19 11:46 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-12-24 21:59 . 2014-04-19 11:46 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-24 21:59 . 2014-12-24 21:59 43152 ----a-w- c:\windows\avastSS.scr
2014-12-24 21:59 . 2014-12-24 21:59 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-13 03:33 . 2014-12-20 04:27 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-04 04:38 . 2014-12-14 12:46 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 04:38 . 2014-12-14 12:46 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 04:38 . 2014-12-14 12:46 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 04:38 . 2014-12-14 12:46 728576 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 04:38 . 2014-12-14 12:46 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 04:38 . 2014-12-14 12:46 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 04:34 . 2014-12-14 12:46 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-14 12:46 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-22 02:20 . 2014-12-14 12:46 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-14 12:46 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-14 12:46 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-14 12:46 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-14 12:46 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-14 12:46 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-14 12:46 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-14 12:46 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-14 12:46 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-14 12:46 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-14 12:46 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-14 12:46 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-14 12:46 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-14 12:46 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44 . 2014-12-14 12:46 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-20 11:50 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-20 11:50 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 01:32 . 2014-12-14 12:46 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45 . 2014-12-14 12:45 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 13:49 220632 ----a-w- c:\users\PC4\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 13:49 220632 ----a-w- c:\users\PC4\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 13:49 220632 ----a-w- c:\users\PC4\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-24 21:58 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-03-04 21:07 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-03-04 21:07 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioBox VSL"="c:\program files\PreSonus\AudioBox\AudioBox.exe" [2012-05-24 7591424]
"DellSystemDetect"="c:\users\PC4\AppData\Local\Apps\2.0\EE0W083H.OD1\WT2BAWXM.O22\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe" [2014-05-09 254976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 143384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 177176]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 178200]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1210640]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-01-17 112152]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-28 5227112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2011-1-20 1459056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2010-09-15 16:11 1971536 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2011-04-05 06:08 501104 ----a-w- c:\program files\DellTPad\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2013-03-26 15:43 703888 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
2010-03-12 15:42 462993 ------w- c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2010-11-17 15:35 514544 ----a-w- c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-04-16 10:26 116648 ----atw- c:\users\PC4\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
2011-05-20 17:26 765744 ----a-w- c:\windows\System32\M-AudioTaskBarIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2011-06-05 11:20 288872 ----a-w- c:\windows\System32\nvhotkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2010-11-25 10:33 240112 ----a-w- c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2011-01-25 09:57 536668 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
R1 {25d71abf-7776-46f5-a269-9951331f9030}Gw;{25d71abf-7776-46f5-a269-9951331f9030}Gw;c:\windows\system32\drivers\{25d71abf-7776-46f5-a269-9951331f9030}Gw.sys [x]
R1 {25d71abf-7776-46f5-a269-9951331f9030}w;{25d71abf-7776-46f5-a269-9951331f9030}w;c:\windows\system32\drivers\{25d71abf-7776-46f5-a269-9951331f9030}w.sys [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [2013-03-26 92112]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 DfuUsb;DfuUsb;c:\windows\system32\DRIVERS\DFUUsb.sys [2007-11-08 10880]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984]
R3 gbxavs;Maschine Midi;c:\windows\system32\Drivers\gbxavs.sys [2011-07-07 346192]
R3 gbxusb_svc;Maschine Controller;c:\windows\system32\Drivers\gbxusb.sys [2011-07-07 68688]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 kf1avs;Kontrol F1 Midi;c:\windows\system32\Drivers\kf1avs.sys [2011-09-15 346192]
R3 kf1usb_svc;Traktor Kontrol F1;c:\windows\system32\Drivers\kf1usb.sys [2011-09-15 48720]
R3 MADFUAXIOMPRO;Service for M-Audio AxiomPro DFU;c:\windows\system32\DRIVERS\MAudioAxiomPro_DFU.sys [2011-05-20 44080]
R3 MAUSBAXIOMPRO;Service for M-Audio AxiomPro;c:\windows\system32\DRIVERS\MAudioAxiomPro.sys [2011-05-20 160304]
R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7.sys [2011-01-04 60904]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7.sys [2011-01-04 62440]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
R3 paeusbaudio;paeusbaudio;c:\windows\system32\DRIVERS\paeusbaudio.sys [2012-05-24 195448]
R3 paeusbaudiodsp;paeusbaudiodsp;c:\windows\system32\DRIVERS\paeusbaudiodsp.sys [2012-05-24 60280]
R3 paeusbaudioks;paeusbaudioks;c:\windows\system32\DRIVERS\paeusbaudioks.sys [2012-05-24 42872]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 20328]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-12-24 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-12-24 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-06 242240]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-12-24 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-12-24 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-12-24 91496]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-10-25 826272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-10-25 32160]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-01-20 388464]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-09-22 110752]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-10-15 9748272]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [2013-04-08 1320496]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [2013-04-08 799280]
S2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [2011-10-12 191440]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-05 378472]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-03-26 555408]
S2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [2010-12-23 577536]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-07-18 302120]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-07-18 33832]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2010-08-24 33832]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\Netwsn00.sys [2012-09-30 10383360]
S3 NIWinCDEmu;ISO Mounter driver;c:\windows\system32\DRIVERS\NIWinCDEmu.sys [2014-02-03 63256]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-28 17:16 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-06 21:03]
.
2014-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-06 22:46]
.
2015-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-06 22:46]
.
2015-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2828802656-2869784079-4162893527-1001Core.job
- c:\users\PC4\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-16 10:26]
.
2015-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2828802656-2869784079-4162893527-1001UA.job
- c:\users\PC4\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-16 10:26]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/?clid=22668
mStart Page = https://www.seznam.cz/?clid=22668
mSearch Bar = https://www.seznam.cz/?clid=22668
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
Trusted Zone: zcu.cz\vpn
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-Infium - c:\program files\QIP 2012\qip.exe
MSConfigStartUp-Yahoo! Search - c:\users\PC4\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
AddRemove-Yahoo! Search - c:\users\PC4\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2828802656-2869784079-4162893527-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2828802656-2869784079-4162893527-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(668)
c:\windows\system32\wvauth.DLL
c:\windows\System32\TdmNetworkProvider.dll
.
- - - - - - - > 'Explorer.exe'(5132)
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
c:\windows\system32\nvvsvc.exe
c:\program files\IDT\WDM\STacSV.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\SPBA\upeksvr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\windows\system32\taskhost.exe
c:\program files\Enigma Software Group\SpyHunter\SpyHunter4.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-01-31 22:54:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-31 21:54
.
Před spuštěním: Volných bajtů: 15 703 322 624
Po spuštění: Volných bajtů: 23 294 865 408
.
- - End Of File - - F0644408B5589F4629EFFDAC5373920D
5C616939100B85E558DA92B899A0FC36
po roce se mi začal hrozně zpomalovat notebook. Mám nainstalovaný Avast a SpyHunter. Oba programy jsem nechal prohledat disk a nechal opravit vše podezřelé co našli, ale na rychlost PC se to moc neprojevilo, snad jen na rychlosti prohlížeče (Chrome). Na PC jsem nainstaloval programy které potřebuji k práci a v posledních měsících jsem toho moc neinstaloval a tak jsem použil program ComboFix a přikládám vyexportovaný log. Budu moc rád za každou radu.
Předem díky.
Mottca
Log z ComboFixu:
ComboFix 15-01-29.01 - PC4 31.01.2015 22:36:04.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2985.1002 [GMT 1:00]
Spuštěný z: c:\users\PC4\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
/wow section - STAGE 3
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Member of GRID - Goodware Repository Information Database.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk
c:\users\PC4\Documents\~WRL0767.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-28 do 2015-01-31 )))))))))))))))))))))))))))))))
.
.
2015-01-30 12:54 . 2015-01-31 21:39 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A780FB53-47F0-43A8-B7B8-0F9B91886DBC}\offreg.dll
2015-01-30 12:47 . 2014-12-02 11:01 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A780FB53-47F0-43A8-B7B8-0F9B91886DBC}\mpengine.dll
2015-01-28 17:33 . 2015-01-28 17:33 0 ----a-w- c:\windows\invcol.tmp
2015-01-18 10:17 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-01-18 10:17 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-01-18 10:17 . 2014-12-11 17:47 46592 ----a-w- c:\windows\system32\TSWbPrxy.exe
2015-01-18 10:17 . 2014-12-19 02:43 164864 ----a-w- c:\windows\system32\profsvc.dll
2015-01-18 10:17 . 2014-12-06 03:50 242688 ----a-w- c:\windows\system32\nlasvc.dll
2015-01-18 10:17 . 2014-12-19 01:34 116224 ----a-w- c:\windows\system32\drivers\mrxdav.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-29 21:03 . 2012-11-06 16:56 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-01-29 21:03 . 2012-11-06 16:56 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-08 08:55 . 2014-05-07 20:35 249488 ------w- c:\windows\system32\MpSigStub.exe
2014-12-24 22:01 . 2014-04-19 11:46 787800 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-12-24 22:00 . 2014-04-19 11:46 423784 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-12-24 21:59 . 2014-04-19 11:46 91496 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-12-24 21:59 . 2014-04-19 11:46 206248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-12-24 21:59 . 2014-04-19 11:46 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-12-24 21:59 . 2014-04-19 11:46 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-12-24 21:59 . 2014-04-19 11:46 81768 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-12-24 21:59 . 2014-04-19 11:46 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-12-24 21:59 . 2014-12-24 21:59 43152 ----a-w- c:\windows\avastSS.scr
2014-12-24 21:59 . 2014-12-24 21:59 291352 ----a-w- c:\windows\system32\aswBoot.exe
2014-12-13 03:33 . 2014-12-20 04:27 115712 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-04 04:38 . 2014-12-14 12:46 337920 ----a-w- c:\windows\system32\generaltel.dll
2014-12-04 04:38 . 2014-12-14 12:46 610304 ----a-w- c:\windows\system32\invagent.dll
2014-12-04 04:38 . 2014-12-14 12:46 315392 ----a-w- c:\windows\system32\devinv.dll
2014-12-04 04:38 . 2014-12-14 12:46 728576 ----a-w- c:\windows\system32\appraiser.dll
2014-12-04 04:38 . 2014-12-14 12:46 159744 ----a-w- c:\windows\system32\aepic.dll
2014-12-04 04:38 . 2014-12-14 12:46 202752 ----a-w- c:\windows\system32\aepdu.dll
2014-12-04 04:34 . 2014-12-14 12:46 873984 ----a-w- c:\windows\system32\aeinv.dll
2014-12-01 23:28 . 2014-12-14 12:46 1160872 ----a-w- c:\windows\system32\aitstatic.exe
2014-11-22 02:20 . 2014-12-14 12:46 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-22 02:20 . 2014-12-14 12:46 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-22 02:07 . 2014-12-14 12:46 501248 ----a-w- c:\windows\system32\vbscript.dll
2014-11-22 02:07 . 2014-12-14 12:46 62464 ----a-w- c:\windows\system32\iesetup.dll
2014-11-22 02:06 . 2014-12-14 12:46 47616 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-22 02:05 . 2014-12-14 12:46 64000 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-22 01:55 . 2014-12-14 12:46 102912 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-22 01:54 . 2014-12-14 12:46 620032 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-22 01:48 . 2014-12-14 12:46 667648 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-22 01:40 . 2014-12-14 12:46 60416 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-22 01:29 . 2014-12-14 12:46 4299264 ----a-w- c:\windows\system32\jscript9.dll
2014-11-22 01:22 . 2014-12-14 12:46 2052096 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-22 01:21 . 2014-12-14 12:46 1155072 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-22 01:00 . 2014-12-14 12:46 1888256 ----a-w- c:\windows\system32\wininet.dll
2014-11-19 03:31 . 2014-11-19 03:31 1217192 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44 . 2014-12-14 12:46 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-11-11 02:44 . 2014-11-20 11:50 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-20 11:50 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 01:32 . 2014-12-14 12:46 74752 ----a-w- c:\windows\system32\drivers\tdx.sys
2014-11-08 02:45 . 2014-12-14 12:45 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-16 13:49 220632 ----a-w- c:\users\PC4\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-16 13:49 220632 ----a-w- c:\users\PC4\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-16 13:49 220632 ----a-w- c:\users\PC4\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-12-24 21:58 723976 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2011-03-04 21:07 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2011-03-04 21:07 120184 ----a-w- c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioBox VSL"="c:\program files\PreSonus\AudioBox\AudioBox.exe" [2012-05-24 7591424]
"DellSystemDetect"="c:\users\PC4\AppData\Local\Apps\2.0\EE0W083H.OD1\WT2BAWXM.O22\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe" [2014-05-09 254976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 143384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 177176]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 178200]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-23 1210640]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-01-17 112152]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-28 5227112]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2011-1-20 1459056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2010-09-15 16:11 1971536 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 02:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2011-04-05 06:08 501104 ----a-w- c:\program files\DellTPad\Apoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2013-03-26 15:43 703888 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-11-06 10:46 3673728 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
2010-03-12 15:42 462993 ------w- c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool]
2010-11-17 15:35 514544 ----a-w- c:\program files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2013-04-16 10:26 116648 ----atw- c:\users\PC4\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M-Audio Taskbar Icon]
2011-05-20 17:26 765744 ----a-w- c:\windows\System32\M-AudioTaskBarIcon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVHotkey]
2011-06-05 11:20 288872 ----a-w- c:\windows\System32\nvhotkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2010-11-25 10:33 240112 ----a-w- c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2011-01-25 09:57 536668 ----a-w- c:\program files\IDT\WDM\sttray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
R1 {25d71abf-7776-46f5-a269-9951331f9030}Gw;{25d71abf-7776-46f5-a269-9951331f9030}Gw;c:\windows\system32\drivers\{25d71abf-7776-46f5-a269-9951331f9030}Gw.sys [x]
R1 {25d71abf-7776-46f5-a269-9951331f9030}w;{25d71abf-7776-46f5-a269-9951331f9030}w;c:\windows\system32\drivers\{25d71abf-7776-46f5-a269-9951331f9030}w.sys [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [2013-03-26 92112]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-03-18 947528]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 DfuUsb;DfuUsb;c:\windows\system32\DRIVERS\DFUUsb.sys [2007-11-08 10880]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys [2012-06-22 19984]
R3 gbxavs;Maschine Midi;c:\windows\system32\Drivers\gbxavs.sys [2011-07-07 346192]
R3 gbxusb_svc;Maschine Controller;c:\windows\system32\Drivers\gbxusb.sys [2011-07-07 68688]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 kf1avs;Kontrol F1 Midi;c:\windows\system32\Drivers\kf1avs.sys [2011-09-15 346192]
R3 kf1usb_svc;Traktor Kontrol F1;c:\windows\system32\Drivers\kf1usb.sys [2011-09-15 48720]
R3 MADFUAXIOMPRO;Service for M-Audio AxiomPro DFU;c:\windows\system32\DRIVERS\MAudioAxiomPro_DFU.sys [2011-05-20 44080]
R3 MAUSBAXIOMPRO;Service for M-Audio AxiomPro;c:\windows\system32\DRIVERS\MAudioAxiomPro.sys [2011-05-20 160304]
R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\O2MDFw7.sys [2011-01-04 60904]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\DRIVERS\O2MDRw7.sys [2011-01-04 62440]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7.sys [2011-03-23 63976]
R3 paeusbaudio;paeusbaudio;c:\windows\system32\DRIVERS\paeusbaudio.sys [2012-05-24 195448]
R3 paeusbaudiodsp;paeusbaudiodsp;c:\windows\system32\DRIVERS\paeusbaudiodsp.sys [2012-05-24 60280]
R3 paeusbaudioks;paeusbaudioks;c:\windows\system32\DRIVERS\paeusbaudioks.sys [2012-05-24 42872]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 20328]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-12-24 787800]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-12-24 423784]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-11-06 242240]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-12-24 24184]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-12-24 70384]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-12-24 91496]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-10-25 826272]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-10-25 32160]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2011-01-20 388464]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-09-22 110752]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-10-15 9748272]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [2013-04-08 1320496]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [2013-04-08 799280]
S2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [2011-10-12 191440]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-05 378472]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-03-26 555408]
S2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;c:\program files\Intel\WiFi\bin\ZCfgSvc7.exe [2010-12-23 577536]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [2011-07-18 302120]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-07-18 33832]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 144576]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2010-08-24 33832]
S3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2014-01-07 15384]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-20 41088]
S3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\Netwsn00.sys [2012-09-30 10383360]
S3 NIWinCDEmu;ISO Mounter driver;c:\windows\system32\DRIVERS\NIWinCDEmu.sys [2014-02-03 63256]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-28 17:16 1086280 ----a-w- c:\program files\Google\Chrome\Application\40.0.2214.93\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-06 21:03]
.
2014-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-06 22:46]
.
2015-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-10-06 22:46]
.
2015-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2828802656-2869784079-4162893527-1001Core.job
- c:\users\PC4\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-16 10:26]
.
2015-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2828802656-2869784079-4162893527-1001UA.job
- c:\users\PC4\AppData\Local\Google\Update\GoogleUpdate.exe [2013-04-16 10:26]
.
.
------- Doplňkový sken -------
.
uStart Page = https://www.seznam.cz/?clid=22668
mStart Page = https://www.seznam.cz/?clid=22668
mSearch Bar = https://www.seznam.cz/?clid=22668
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: dell.com
Trusted Zone: zcu.cz\vpn
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
MSConfigStartUp-Infium - c:\program files\QIP 2012\qip.exe
MSConfigStartUp-Yahoo! Search - c:\users\PC4\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
AddRemove-Yahoo! Search - c:\users\PC4\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2828802656-2869784079-4162893527-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2828802656-2869784079-4162893527-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(668)
c:\windows\system32\wvauth.DLL
c:\windows\System32\TdmNetworkProvider.dll
.
- - - - - - - > 'Explorer.exe'(5132)
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
c:\windows\system32\nvvsvc.exe
c:\program files\IDT\WDM\STacSV.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\SPBA\upeksvr.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\windows\system32\taskhost.exe
c:\program files\Enigma Software Group\SpyHunter\SpyHunter4.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2015-01-31 22:54:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-31 21:54
.
Před spuštěním: Volných bajtů: 15 703 322 624
Po spuštění: Volných bajtů: 23 294 865 408
.
- - End Of File - - F0644408B5589F4629EFFDAC5373920D
5C616939100B85E558DA92B899A0FC36
Protoze jste pri spusteni ComboFixu souhlasil s podminkami uziti, jen se ujistim, ze jste osoba pro praci s nim vyskolena nebo Vam alespon osoba zkusena asistovala. CF mimochodem castecne smazal stopy po haveti, takze ted je log z RSIT/FRST krapet k nicemu.