Prosím o kontrolu logu. "Zamrzající" pc. Díky Vyřešeno

[Likans011]

TDSSKiler no.2

11:37:48.0638 4916 PNRPsvc - ok
11:37:48.0653 4916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:37:48.0653 4916 PolicyAgent - ok
11:37:48.0669 4916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:37:48.0669 4916 Power - ok
11:37:48.0669 4916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:37:48.0669 4916 PptpMiniport - ok
11:37:48.0685 4916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:37:48.0685 4916 Processor - ok
11:37:48.0700 4916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:37:48.0700 4916 ProfSvc - ok
11:37:48.0716 4916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:37:48.0716 4916 ProtectedStorage - ok
11:37:48.0731 4916 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
11:37:48.0731 4916 ProtexisLicensing - ok
11:37:48.0747 4916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:37:48.0747 4916 Psched - ok
11:37:48.0778 4916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:37:48.0809 4916 ql2300 - ok
11:37:48.0825 4916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:37:48.0825 4916 ql40xx - ok
11:37:48.0856 4916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:37:48.0856 4916 QWAVE - ok
11:37:48.0872 4916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:37:48.0872 4916 QWAVEdrv - ok
11:37:48.0872 4916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:37:48.0872 4916 RasAcd - ok
11:37:48.0903 4916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:37:48.0903 4916 RasAgileVpn - ok
11:37:48.0919 4916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:37:48.0919 4916 RasAuto - ok
11:37:48.0934 4916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:37:48.0934 4916 Rasl2tp - ok
11:37:48.0950 4916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:37:48.0950 4916 RasMan - ok
11:37:48.0965 4916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:37:48.0965 4916 RasPppoe - ok
11:37:48.0981 4916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:37:48.0981 4916 RasSstp - ok
11:37:48.0997 4916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:37:48.0997 4916 rdbss - ok
11:37:49.0012 4916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
11:37:49.0012 4916 rdpbus - ok
11:37:49.0028 4916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:37:49.0028 4916 RDPCDD - ok
11:37:49.0043 4916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:37:49.0043 4916 RDPENCDD - ok
11:37:49.0043 4916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:37:49.0043 4916 RDPREFMP - ok
11:37:49.0090 4916 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:37:49.0090 4916 RdpVideoMiniport - ok
11:37:49.0121 4916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:37:49.0121 4916 RDPWD - ok
11:37:49.0137 4916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:37:49.0137 4916 rdyboost - ok
11:37:49.0168 4916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:37:49.0168 4916 RemoteAccess - ok
11:37:49.0184 4916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:37:49.0184 4916 RemoteRegistry - ok
11:37:49.0199 4916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:37:49.0199 4916 RpcEptMapper - ok
11:37:49.0215 4916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:37:49.0215 4916 RpcLocator - ok
11:37:49.0231 4916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:37:49.0231 4916 RpcSs - ok
11:37:49.0246 4916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:37:49.0246 4916 rspndr - ok
11:37:49.0277 4916 [ 130DD683DCC902F47A4AC35201D07E2F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:37:49.0293 4916 RTL8167 - ok
11:37:49.0309 4916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:37:49.0309 4916 SamSs - ok
11:37:49.0355 4916 [ CCBF62280DAF6D94A4C73E391CDAC68C ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
11:37:49.0355 4916 SbieDrv - ok
11:37:49.0355 4916 [ 8A1F63C6EC01C56C9EC4C681E593FE34 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
11:37:49.0355 4916 SbieSvc - ok
11:37:49.0371 4916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:37:49.0387 4916 sbp2port - ok
11:37:49.0387 4916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:37:49.0387 4916 SCardSvr - ok
11:37:49.0402 4916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:37:49.0402 4916 scfilter - ok
11:37:49.0418 4916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:37:49.0433 4916 Schedule - ok
11:37:49.0449 4916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:37:49.0449 4916 SCPolicySvc - ok
11:37:49.0511 4916 [ 958E956E119EB7B9ABA142AFED1B5FF4 ] ScsiAccess C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
11:37:49.0511 4916 ScsiAccess - ok
11:37:49.0527 4916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:37:49.0527 4916 SDRSVC - ok
11:37:49.0543 4916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:37:49.0543 4916 secdrv - ok
11:37:49.0543 4916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:37:49.0543 4916 seclogon - ok
11:37:49.0558 4916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:37:49.0558 4916 SENS - ok
11:37:49.0574 4916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:37:49.0574 4916 SensrSvc - ok
11:37:49.0589 4916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:37:49.0589 4916 Serenum - ok
11:37:49.0605 4916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:37:49.0605 4916 Serial - ok
11:37:49.0605 4916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:37:49.0605 4916 sermouse - ok
11:37:49.0683 4916 [ 78F7BB9F4924BE164294C59B8C3FC096 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:37:49.0683 4916 ServiceLayer - ok
11:37:49.0714 4916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:37:49.0714 4916 SessionEnv - ok
11:37:49.0730 4916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:37:49.0730 4916 sffdisk - ok
11:37:49.0730 4916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:37:49.0730 4916 sffp_mmc - ok
11:37:49.0745 4916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:37:49.0745 4916 sffp_sd - ok
11:37:49.0761 4916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
11:37:49.0761 4916 sfloppy - ok
11:37:49.0777 4916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:37:49.0777 4916 SharedAccess - ok
11:37:49.0792 4916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:37:49.0792 4916 ShellHWDetection - ok
11:37:49.0808 4916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:37:49.0808 4916 SiSRaid2 - ok
11:37:49.0823 4916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:37:49.0823 4916 SiSRaid4 - ok
11:37:49.0839 4916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:37:49.0839 4916 Smb - ok
11:37:49.0839 4916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:37:49.0855 4916 SNMPTRAP - ok
11:37:49.0917 4916 [ 3A4F2C0BB87A0895ABEBA341AA1E341B ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
11:37:49.0917 4916 Sony PC Companion - ok
11:37:49.0948 4916 [ 7455ED832A33FEF453407F5411C3342D ] speedfan C:\Windows\syswow64\speedfan.sys
11:37:49.0948 4916 speedfan - ok
11:37:49.0964 4916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:37:49.0964 4916 spldr - ok
11:37:49.0995 4916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:37:49.0995 4916 Spooler - ok
11:37:50.0073 4916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:37:50.0135 4916 sppsvc - ok
11:37:50.0167 4916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:37:50.0182 4916 sppuinotify - ok
11:37:50.0229 4916 [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
11:37:50.0245 4916 SRTSP - ok
11:37:50.0260 4916 [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
11:37:50.0260 4916 SRTSPX - ok
11:37:50.0276 4916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:37:50.0276 4916 srv - ok
11:37:50.0291 4916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:37:50.0291 4916 srv2 - ok
11:37:50.0291 4916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:37:50.0291 4916 srvnet - ok
11:37:50.0307 4916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:37:50.0307 4916 SSDPSRV - ok
11:37:50.0323 4916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:37:50.0323 4916 SstpSvc - ok
11:37:50.0385 4916 [ 2222073BE0232E70A397B8302293AA9D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:37:50.0385 4916 Stereo Service - ok
11:37:50.0416 4916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:37:50.0416 4916 stexstor - ok
11:37:50.0447 4916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:37:50.0447 4916 stisvc - ok
11:37:50.0479 4916 [ 6F715D00024CB60C2B60278425AD6EC2 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
11:37:50.0494 4916 SWDUMon - ok
11:37:50.0494 4916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:37:50.0494 4916 swenum - ok
11:37:50.0525 4916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:37:50.0541 4916 swprv - ok
11:37:50.0557 4916 [ 52DC0048D667757A8A2E4C87182890AC ] SymDS C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
11:37:50.0557 4916 SymDS - ok
11:37:50.0588 4916 [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
11:37:50.0603 4916 SymEFA - ok
11:37:50.0635 4916 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
11:37:50.0635 4916 SymEvent - ok
11:37:50.0666 4916 [ BFD99DC6C7FEB2F8B20D488FDF3A9A55 ] SymIM C:\Windows\system32\DRIVERS\SymIMv.sys
11:37:50.0666 4916 SymIM - ok
11:37:50.0681 4916 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
11:37:50.0697 4916 SymIRON - ok
11:37:50.0713 4916 [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
11:37:50.0713 4916 SymNetS - ok
11:37:50.0744 4916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:37:50.0775 4916 SysMain - ok
11:37:50.0775 4916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:37:50.0775 4916 TabletInputService - ok
11:37:50.0806 4916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:37:50.0806 4916 TapiSrv - ok
11:37:50.0806 4916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:37:50.0806 4916 TBS - ok
11:37:50.0853 4916 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:37:50.0900 4916 Tcpip - ok
11:37:50.0931 4916 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:37:50.0947 4916 TCPIP6 - ok
11:37:50.0978 4916 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:37:50.0978 4916 tcpipreg - ok
11:37:50.0993 4916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:37:50.0993 4916 TDPIPE - ok
11:37:51.0009 4916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:37:51.0009 4916 TDTCP - ok
11:37:51.0025 4916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:37:51.0025 4916 tdx - ok
11:37:51.0040 4916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:37:51.0040 4916 TermDD - ok
11:37:51.0071 4916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:37:51.0071 4916 TermService - ok
11:37:51.0087 4916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:37:51.0103 4916 Themes - ok
11:37:51.0118 4916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:37:51.0118 4916 THREADORDER - ok
11:37:51.0134 4916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:37:51.0134 4916 TrkWks - ok
11:37:51.0165 4916 [ 8DE922CD4FEA6F83B10805DF965B9A08 ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
11:37:51.0165 4916 truecrypt - ok
11:37:51.0196 4916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:37:51.0196 4916 TrustedInstaller - ok
11:37:51.0212 4916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:37:51.0227 4916 tssecsrv - ok
11:37:51.0259 4916 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:37:51.0259 4916 TsUsbFlt - ok
11:37:51.0274 4916 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:37:51.0274 4916 TsUsbGD - ok
11:37:51.0290 4916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:37:51.0290 4916 tunnel - ok
11:37:51.0305 4916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:37:51.0305 4916 uagp35 - ok
11:37:51.0321 4916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:37:51.0321 4916 udfs - ok
11:37:51.0337 4916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:37:51.0337 4916 UI0Detect - ok
11:37:51.0352 4916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:37:51.0352 4916 uliagpkx - ok
11:37:51.0368 4916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:37:51.0368 4916 umbus - ok
11:37:51.0383 4916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:37:51.0383 4916 UmPass - ok
11:37:51.0383 4916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:37:51.0399 4916 upnphost - ok
11:37:51.0430 4916 [ 311C90F0767A63000AC35DD0A7078A30 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:37:51.0430 4916 upperdev - ok
11:37:51.0446 4916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:37:51.0446 4916 usbccgp - ok
11:37:51.0461 4916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:37:51.0461 4916 usbcir - ok
11:37:51.0477 4916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:37:51.0477 4916 usbehci - ok
11:37:51.0493 4916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:37:51.0493 4916 usbhub - ok
11:37:51.0493 4916 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:37:51.0508 4916 usbohci - ok
11:37:51.0508 4916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
11:37:51.0508 4916 usbprint - ok
11:37:51.0524 4916 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:37:51.0524 4916 usbscan - ok
11:37:51.0555 4916 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
11:37:51.0555 4916 usbser - ok
11:37:51.0571 4916 [ C03DA998E412D69D18DD11D835229AF0 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
11:37:51.0586 4916 UsbserFilt - ok
11:37:51.0586 4916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:37:51.0586 4916 USBSTOR - ok
11:37:51.0602 4916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:37:51.0602 4916 usbuhci - ok
11:37:51.0633 4916 [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
11:37:51.0633 4916 usb_rndisx - ok
11:37:51.0649 4916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:37:51.0649 4916 UxSms - ok
11:37:51.0649 4916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:37:51.0649 4916 VaultSvc - ok
11:37:51.0664 4916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:37:51.0664 4916 vdrvroot - ok
11:37:51.0680 4916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:37:51.0680 4916 vds - ok
11:37:51.0695 4916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:37:51.0695 4916 vga - ok
11:37:51.0711 4916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:37:51.0711 4916 VgaSave - ok
11:37:51.0727 4916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:37:51.0727 4916 vhdmp - ok
11:37:51.0742 4916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:37:51.0742 4916 viaide - ok
11:37:51.0758 4916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:37:51.0758 4916 volmgr - ok
11:37:51.0773 4916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:37:51.0773 4916 volmgrx - ok
11:37:51.0789 4916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:37:51.0789 4916 volsnap - ok
11:37:51.0805 4916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:37:51.0805 4916 vsmraid - ok
11:37:51.0836 4916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:37:51.0867 4916 VSS - ok
11:37:51.0883 4916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:37:51.0898 4916 vwifibus - ok
11:37:51.0914 4916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:37:51.0914 4916 W32Time - ok
11:37:51.0929 4916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:37:51.0929 4916 WacomPen - ok
11:37:51.0945 4916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:37:51.0945 4916 WANARP - ok
11:37:51.0961 4916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:37:51.0961 4916 Wanarpv6 - ok
11:37:52.0007 4916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:37:52.0023 4916 WatAdminSvc - ok
11:37:52.0054 4916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:37:52.0085 4916 wbengine - ok
11:37:52.0101 4916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:37:52.0101 4916 WbioSrvc - ok
11:37:52.0117 4916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:37:52.0117 4916 wcncsvc - ok
11:37:52.0132 4916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:37:52.0132 4916 WcsPlugInService - ok
11:37:52.0163 4916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:37:52.0163 4916 Wd - ok
11:37:52.0179 4916 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:37:52.0195 4916 Wdf01000 - ok
11:37:52.0210 4916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:37:52.0210 4916 WdiServiceHost - ok
11:37:52.0210 4916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:37:52.0210 4916 WdiSystemHost - ok
11:37:52.0241 4916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:37:52.0241 4916 WebClient - ok
11:37:52.0257 4916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:37:52.0257 4916 Wecsvc - ok
11:37:52.0273 4916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:37:52.0273 4916 wercplsupport - ok
11:37:52.0288 4916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:37:52.0288 4916 WerSvc - ok
11:37:52.0288 4916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:37:52.0288 4916 WfpLwf - ok
11:37:52.0288 4916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:37:52.0288 4916 WIMMount - ok
11:37:52.0304 4916 WinDefend - ok
11:37:52.0304 4916 WinHttpAutoProxySvc - ok
11:37:52.0351 4916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:37:52.0351 4916 Winmgmt - ok
11:37:52.0397 4916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:37:52.0429 4916 WinRM - ok
11:37:52.0475 4916 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:37:52.0475 4916 WinUsb - ok
11:37:52.0522 4916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:37:52.0522 4916 Wlansvc - ok
11:37:52.0631 4916 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:37:52.0678 4916 wlidsvc - ok
11:37:52.0678 4916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:37:52.0678 4916 WmiAcpi - ok
11:37:52.0694 4916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:37:52.0694 4916 wmiApSrv - ok
11:37:52.0709 4916 WMPNetworkSvc - ok
11:37:52.0725 4916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:37:52.0725 4916 WPCSvc - ok
11:37:52.0741 4916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:37:52.0741 4916 WPDBusEnum - ok
11:37:52.0756 4916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:37:52.0756 4916 ws2ifsl - ok
11:37:52.0756 4916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:37:52.0772 4916 wscsvc - ok
11:37:52.0772 4916 WSearch - ok
11:37:52.0819 4916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:37:52.0865 4916 wuauserv - ok
11:37:52.0897 4916 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:37:52.0897 4916 WudfPf - ok
11:37:52.0912 4916 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:37:52.0912 4916 WUDFRd - ok
11:37:52.0928 4916 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:37:52.0928 4916 wudfsvc - ok
11:37:52.0943 4916 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:37:52.0943 4916 WwanSvc - ok
11:37:52.0959 4916 ================ Scan global ===============================
11:37:52.0990 4916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:37:53.0006 4916 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:37:53.0021 4916 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:37:53.0021 4916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:37:53.0068 4916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:37:53.0068 4916 [Global] - ok
11:37:53.0068 4916 ================ Scan MBR ==================================
11:37:53.0068 4916 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:37:53.0224 4916 \Device\Harddisk0\DR0 - ok
11:37:53.0224 4916 ================ Scan VBR ==================================
11:37:53.0224 4916 [ 116C7EA5BFCBD1D3402E62F95CE6FBA0 ] \Device\Harddisk0\DR0\Partition1
11:37:53.0224 4916 \Device\Harddisk0\DR0\Partition1 - ok
11:37:53.0240 4916 [ C8D8897FD5F8F5D900759BBF96E26372 ] \Device\Harddisk0\DR0\Partition2
11:37:53.0240 4916 \Device\Harddisk0\DR0\Partition2 - ok
11:37:53.0255 4916 [ 7EAE766AB6B0C04AA36BEEA0E4A1FC45 ] \Device\Harddisk0\DR0\Partition3
11:37:53.0255 4916 \Device\Harddisk0\DR0\Partition3 - ok
11:37:53.0255 4916 ============================================================
11:37:53.0255 4916 Scan finished
11:37:53.0255 4916 ============================================================
11:37:53.0255 4908 Detected object count: 0
11:37:53.0255 4908 Actual detected object count: 0

[Reklama]

[memphisto]

Toto otestuj na Virustotal
c:\windows\Setup1.exe
c:\windows\system32\drivers\TeeDriverx64.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\programdata\Spybot - Search & Destroy

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Likans011]

1.Setup1.exe

https://www.virustotal.com/cs/file/6116 ... 375009948/

2.c:\windows\system32\drivers\TeeDriverx64.sys

https://www.virustotal.com/cs/file/64a4 ... 375010259/

[Likans011]

Mám ted velký problém.

Po spuštění scriptu přesně dle instrukcí, se pc restartoval, po přihlášení se zjevil log, ale NEJDE SPUSTIT ŽÁDNÝ PROGRAM V PC. Všude se objevuje pouze hláška:
"Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění"

Nejde spustit vůbec nic, takže jsem se musel přihlásit z druhého PC...

Zkusím dát log z ComboFix:

1.
Add-Remove Programs.txt

dobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Aiseesoft Blu-ray Ripper 6.3.62
AnvSoft Photo Slideshow Maker Professional 5.56
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 2013 v.11.0.5
Astroburn Lite
µTorrent
Auslogics BenchTown
Auslogics Registry Defrag
AviSynth 2.5
BDlot DVD ISO Master 3.0.2
Canon Easy-WebPrint EX
Canon MP Navigator EX 4.0
Canon My Printer
Canon Solution Menu EX
CanoScan Toolbox Ver4.6
Corel Paint Shop Pro Photo X2
CrystalDiskInfo 5.0.0
D3DX10
DAEMON Tools Lite
Driver Genius Professional Edition
Dropbox
Etron USB3.0 Host Controller
FlashCrypt for Windows
Font Xplorer 1.2.2
Fotogalerie
GIGABYTE FORCE Driver
Haali Media Splitter
HD Tune 2.55
HF Designer 4.4
HijackThis 2.0.2
Inpaint 4.7
Intel(R) Management Engine Components
ioIsland.com Places Bar Tweaker
iResizer 2.2
Java 7 Update 25
Java Auto Updater
KeePass Password Safe 2.22
Keltští králové
LastPass (odinstalace)
Malwarebytes Anti-Malware verze 1.70.0.1100
Medal of Honor (TM)
Microsoft DirectX SDK (June 2010)
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC100_CRT_SP1_x86
Movie Maker
MozBackup 1.5.1
Mozilla Firefox 22.0 (x86 cs)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.3 (x86 cs)
Mp3tag v2.57
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSVCRT110
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
MT2.5_RAFF
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
Norton Internet Security
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OpenOffice.org 3.4.1
PC Connectivity Solution
Photo Common
Photo Gallery
Photodex Presenter
PHOTOfunSTUDIO 5.0 HD Edition
Picasa 3
Process Lasso
ProShow Producer
QuickTime
Rainlendar2 (remove only)
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Registrace uživatele zařízení Canon MG5100 series
Risen 2 Dark Waters
RonyaSoft Poster Designer (Poster Forge) 2.01
Samsung_MonSetup
SeaTools for Windows
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Seznam DVD 5.x
Sony Ericsson Update Engine
Sony PC Companion 2.10.165
Sothink Movie DVD Maker
SpeedFan (remove only)
StormWare Pohoda CZ
TrueCrypt
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
uRex DVD Ripper Platinum
Verbatim GREEN BUTTON 1.69
Verbatim Product Update 1.06
VLC media player 2.0.7
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
WinMend Folder Hidden 1.4.9
WMP Tag Plus 1.2
XnView 2.04

2.
KillAll::
Folder::
c:\programdata\Spybot - Search & Destroy

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
3.
ComboFix-quarantined-files.txt

013-07-28 11:17:29 . 2013-07-28 11:17:29 0 ----a-w- C:\Qoobox\Quarantine\catchme.txt
2013-07-28 10:24:00 . 2013-07-28 10:24:00 512 ----a-w- C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
2013-07-28 10:23:15 . 2013-07-28 11:28:16 248 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 248 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 248 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 248 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 248 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 243 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 242 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89}.reg.dat
2013-07-28 10:23:15 . 2013-07-28 11:28:16 241 ----a-w- C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D}.reg.dat
2013-07-28 10:21:21 . 2013-07-28 11:19:37 6,318 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2013-07-28 10:16:56 . 2013-07-28 11:16:56 102 ----a-w- C:\Qoobox\Quarantine\catchme.log
2013-07-27 15:40:33 . 2013-07-27 17:19:09 143 ----a-w- C:\Qoobox\Quarantine\C\Windows\wininit.ini.vir
2013-05-29 14:06:51 . 2013-05-29 14:06:51 0 ----a-w- C:\Qoobox\Quarantine\C\Windows\config.ini.vir
2013-05-10 06:41:54 . 1997-05-30 10:13:50 314,880 ----a-w- C:\Qoobox\Quarantine\C\Windows\IsUn0405.exe.vir

[memphisto]

Restartuj několikrát PC a mělo by být vše ok. Zapomněl jsem to tam do návodu dopsat

[Likans011]

Tak stačilo restartovat ještě jednou...ale že jsem se pořádně vylekal...

Díky, a co dál ?

[memphisto]

Dodej ten log z Combofixu. Najdeš jej v kořenovém adresáři disku C soubor Combofix.txt

[Likans011]

Doufám, že je to on:

ComboFix 13-07-27.01 - DanRad 28.07.2013 13:17:46.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8175.6164 [GMT 2:00]
Spuštěný z: c:\users\DanRad\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\DanRad\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Spybot - Search & Destroy
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-28 do 2013-07-28 )))))))))))))))))))))))))))))))
.
.
2013-07-28 11:20 . 2013-07-28 11:20 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-07-28 11:20 . 2013-07-28 11:20 -------- d-----w- c:\users\kshr\AppData\Local\temp
2013-07-28 11:20 . 2013-07-28 11:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-28 09:19 . 2013-07-28 09:19 -------- d-----w- c:\windows\ERUNT
2013-07-27 21:01 . 2013-07-27 21:01 -------- d-----w- c:\users\DanRad\AppData\Roaming\NVIDIA
2013-07-27 17:22 . 2013-07-27 17:22 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2013-07-27 17:02 . 2013-07-27 17:02 -------- d-----w- c:\users\UpdatusUser
2013-07-27 17:01 . 2013-06-21 12:06 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-07-27 17:01 . 2013-06-21 12:06 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-07-27 17:01 . 2013-07-27 17:22 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-07-27 17:00 . 2013-03-15 05:53 1807136 ----a-w- c:\windows\system32\nvdispco6431422.dll
2013-07-27 17:00 . 2013-03-15 05:53 1510176 ----a-w- c:\windows\system32\nvdispgenco6431422.dll
2013-07-27 16:50 . 2013-06-21 10:23 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-07-27 16:50 . 2013-06-21 10:23 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-07-27 16:50 . 2013-06-21 10:23 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-07-27 16:50 . 2013-06-21 10:23 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-07-27 16:50 . 2013-06-21 10:23 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-07-27 16:50 . 2013-06-21 10:23 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-07-27 16:50 . 2013-06-20 04:17 3253909 ----a-w- c:\windows\system32\nvcoproc.bin
2013-07-27 16:49 . 2013-07-27 17:23 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-07-27 14:50 . 2013-07-27 14:50 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-07-27 14:50 . 2013-07-27 14:50 -------- d-----w- c:\program files\Realtek
2013-07-27 14:50 . 2013-07-04 15:32 211184 ----a-w- c:\windows\system32\SRSTSH64.dll
2013-07-27 14:50 . 2013-07-04 15:32 2103040 ----a-w- c:\windows\system32\WavesGUILib64.dll
2013-07-27 14:50 . 2013-07-04 15:32 518896 ----a-w- c:\windows\system32\SRSTSX64.dll
2013-07-27 14:50 . 2013-07-04 15:32 198896 ----a-w- c:\windows\system32\SRSHP64.dll
2013-07-27 14:50 . 2013-07-04 15:32 155888 ----a-w- c:\windows\system32\SRSWOW64.dll
2013-07-27 13:47 . 2006-02-07 13:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2013-07-27 13:47 . 2006-02-07 13:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2013-07-27 13:47 . 2006-02-07 13:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2013-07-27 13:47 . 2006-02-07 13:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2013-07-27 13:47 . 2006-02-07 13:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2013-07-27 13:47 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2013-07-27 13:47 . 2013-07-27 13:47 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2013-07-27 13:47 . 2013-07-27 13:47 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2013-07-27 13:15 . 2013-05-31 11:30 99800 ----a-w- c:\windows\system32\drivers\TeeDriverx64.sys
2013-07-27 13:15 . 2013-05-31 11:30 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2013-07-27 13:14 . 2013-04-10 09:09 849992 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-07-27 13:14 . 2013-04-10 09:09 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-07-26 09:51 . 2013-07-26 09:51 -------- d-----w- c:\users\DanRad\AppData\Local\Adobe
2013-07-13 18:34 . 2013-07-13 18:36 -------- d-----w- c:\windows\system32\MRT
2013-07-10 08:44 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-07 20:31 . 2013-01-29 08:35 1510176 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2013-07-07 19:53 . 2013-07-27 17:23 -------- d-----w- c:\users\DanRad\AppData\Local\NVIDIA
2013-07-07 19:45 . 2013-06-21 12:06 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-07-07 19:45 . 2013-06-21 12:06 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-07-07 19:45 . 2013-06-21 12:06 1059560 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-07-07 19:45 . 2013-05-12 21:42 1832224 ----a-w- c:\windows\system32\nvdispco6432018.dll
2013-07-07 19:45 . 2013-05-12 21:42 1511712 ----a-w- c:\windows\system32\nvdispgenco6432018.dll
2013-07-07 17:03 . 2013-07-27 20:49 -------- d-----r- c:\users\DanRad\Dropbox
2013-07-07 16:54 . 2013-07-27 20:59 -------- d-----w- c:\users\DanRad\AppData\Roaming\Dropbox
2013-07-05 11:46 . 2013-07-24 09:12 -------- d-----w- c:\users\DanRad\AppData\Roaming\Mp3tag
2013-07-05 11:46 . 2013-07-13 13:39 -------- d-----w- c:\program files (x86)\Mp3tag
2013-07-01 09:38 . 2013-07-01 09:38 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-07-01 09:38 . 2013-07-01 09:38 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-07-01 09:38 . 2013-07-01 09:38 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-07-01 09:38 . 2013-07-01 09:38 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-07-01 09:38 . 2013-07-01 09:38 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-07-01 09:35 . 2013-07-01 09:35 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-26 09:51 . 2012-04-01 08:41 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-26 09:51 . 2012-03-21 15:40 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-01 09:35 . 2012-08-20 17:06 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-01 09:35 . 2012-03-23 11:31 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2012-03-08 16:30 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-06-19 08:45 . 2012-03-22 16:34 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-06-17 07:15 . 2013-06-17 07:15 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-06-17 07:15 . 2013-06-17 07:15 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-06-10 13:44 . 2012-03-08 15:59 2080472 ----a-w- c:\windows\RtlExUpd.dll
2013-05-28 16:30 . 2013-04-14 13:58 276256 ----a-w- c:\windows\system32\drivers\DigiartyVirtualCDBus.sys
2013-05-23 05:25 . 2013-06-11 13:54 1139800 ----a-w- c:\windows\system32\drivers\NISx64\1404000.028\symefa64.sys
2013-05-22 09:49 . 2013-05-22 09:45 19 ----a-w- c:\users\DanRad\AppData\Roaming\mdbu.bin
2013-05-22 08:39 . 2013-05-22 08:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-05-21 05:02 . 2013-06-11 13:54 493656 ----a-w- c:\windows\system32\drivers\NISx64\1404000.028\symds64.sys
2013-05-16 05:02 . 2013-06-11 13:54 796760 ----a-w- c:\windows\system32\drivers\NISx64\1404000.028\srtsp64.sys
2013-05-13 05:51 . 2013-06-14 17:19 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-14 17:19 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-14 17:19 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-14 17:19 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-14 17:19 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-14 17:19 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-14 17:19 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-14 17:19 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-14 17:19 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-14 17:19 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 07:07 . 2013-05-10 07:07 253952 ------w- c:\windows\Setup1.exe
2013-05-10 07:07 . 2013-05-10 07:07 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-05-10 05:49 . 2013-06-14 17:19 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-14 17:19 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-14 17:19 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-01 12:40 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-01 01:59 . 2013-05-01 01:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 01:59 . 2013-05-01 01:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2012-03-22 16:20 . 2012-03-22 16:20 10134560 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-27 12:25 222832 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-27 12:25 222832 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-27 12:25 222832 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627_1\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 130736 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2012-12-29 4359680]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 DigiartyVirtualCDBus;Digiarty Virtual Driver;c:\windows\system32\drivers\DigiartyVirtualCDBus.sys;c:\windows\SYSNATIVE\drivers\DigiartyVirtualCDBus.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys;c:\windows\SYSNATIVE\Drivers\IT9135BDA.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130726.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130726.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1404000.028\SYMNETS.SYS [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-27 12:25 261744 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-27 12:25 261744 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-27 12:25 261744 ----a-w- c:\users\DanRad\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627_1\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-07-03 00:50 164016 ----a-w- c:\users\DanRad\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 212.158.128.2 212.158.128.3
FF - ProfilePath - c:\users\DanRad\AppData\Roaming\Mozilla\Firefox\Profiles\zs5xg4ax.default\
FF - prefs.js: browser.search.selectedEngine - Uloz.to!
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{83BEA36E-7680-4598-A4DF-994426F6E78D} - (no file)
ShellIconOverlayIdentifiers-{845B7388-6F85-4F32-9FD5-F02DC7882B89} - (no file)
ShellIconOverlayIdentifiers-{F6378A7A-F753-449B-AE1B-997A96132E61} - (no file)
ShellIconOverlayIdentifiers-{3A511828-777D-46F8-82F4-5B530C1B3D9E} - (no file)
ShellIconOverlayIdentifiers-{C8C88204-5B14-40EC-BA72-8AEBC762047E} - (no file)
ShellIconOverlayIdentifiers-{ACFF45C3-3EEB-4351-86C2-6696BA264239} - (no file)
ShellIconOverlayIdentifiers-{29AF997F-488B-46F0-AE78-7146F1B89CC3} - (no file)
ShellIconOverlayIdentifiers-{03F9AD29-1C78-4B66-8890-B177B5430C53} - (no file)
AddRemove-Driver Genius Professional Edition_is1 - c:\program files (x86)\Driver-Soft\DriverGenius\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\bgsvcgen.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PSIService.exe
c:\program files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-07-28 13:29:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-28 11:29
ComboFix2.txt 2013-07-28 10:24
.
Před spuštěním: Volných bajtů: 64 445 419 520
Po spuštění: Volných bajtů: 64 367 640 576
.
- - End Of File - - D832A3AD6DBFB4A2EC4111F40C548898
A36C5E4F47E84449FF07ED3517B43A31

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?

[Likans011]

Zatím nespadnul při naší komunikaci na internetu ani jednou..ale on to třeba včera udělal po cca 1,5-2 hod na netu, ale zato hned dvakrát po sobě..
Jinak, jak už jsem psal na začátku, dokud jsem nespustil net, pc byl v pohodě i předtím..
Ted zkusím doporučené kroky, a dám vědět.

[Likans011]

Já se omlouvám, ale nějak jsem nepobral ten odinstal ComboFix...

Start-Spustit...mohlo by to být napsáno jak pro blbé? Nevím, zda mám spustit systémový START, nebo start samotného ComboFixu..předem díky..

[memphisto]

Klikni dole na start a spustit (nebo do toho bílého okýnka v případě Windows 7) a napiš ten příkaz