Prosím o kontrolu - taskeng.exe Vyřešeno

[Kanovka]

tak problém nevyřešen, zase to tu probliklo

[Reklama]

[mople71]

Ok, jedeme dál...


Stáhni si FSS: http://www.bleepingcomputer.com/downloa ... e-scanner/

Ulož na Plochu, spusť jako Správce, zatrhni všechny možnosti a klikni na Scan. Následně přilož log.

-----------------------------------------------------------

Stáhni si ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypni trvale antivir! V průběhu skenu neotevírej žádná okna!

Ulož na Plochu. Zavři všechny okna, spusť jako správce, vše odsouhlas a nech CF pracovat.

Po dokončení skenu proběhne restart (nemusí) a log bude zde: C:\ComboFix.txt

Jeho obsah sem prosím vlož.

[Kanovka]

Farbar Service Scanner Version: 17-01-2015
Ran by Lucka (administrator) on 03-05-2015 at 11:22:41
Running from "C:\Users\Lucka\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

[Kanovka]

ComboFix 15-04-28.01 - Lucka 03.05.2015 11:29:25.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2570 [GMT 2:00]
Spuštěný z: c:\users\Lucka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Lucka\AppData\Local\assembly\tmp
c:\users\Lucka\AppData\Roaming\Microsoft\~DFK5b5648a.tmp
c:\users\Lucka\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Lucka\AppData\Roaming\Microsoft\bass.dll
c:\users\Lucka\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\Lucka\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Lucka\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Lucka\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Lucka\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Lucka\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\msdownld.tmp
c:\windows\s.bat
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\temp.006
c:\windows\SysWow64\temp.00F
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hola_net
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-03 do 2015-05-03 )))))))))))))))))))))))))))))))
.
.
2015-05-03 09:43 . 2015-05-03 09:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-03 06:03 . 2015-05-03 08:37 -------- d-----w- C:\FRST
2015-05-03 05:50 . 2015-05-03 05:50 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-05-02 05:41 . 2015-05-02 17:15 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-01 21:11 . 2015-05-02 05:41 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-01 21:10 . 2015-05-02 05:39 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-01 21:10 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-01 21:10 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-01 21:10 . 2015-05-01 21:11 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-01 20:44 . 2015-05-01 20:57 -------- d-----w- C:\AdwCleaner
2015-05-01 19:31 . 2015-05-03 09:35 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7DEC9E61-3E30-4CB4-A106-CA42A05A0E28}\offreg.dll
2015-05-01 19:02 . 2015-05-01 19:02 -------- d-----w- c:\program files (x86)\DLLSuite
2015-05-01 07:14 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7DEC9E61-3E30-4CB4-A106-CA42A05A0E28}\mpengine.dll
2015-04-25 14:21 . 2015-04-25 14:17 319912 ----a-w- c:\windows\system32\javaws.exe
2015-04-22 05:13 . 2015-04-22 05:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-04-19 19:37 . 2015-04-19 19:37 -------- d-----w- c:\users\Lucka\AppData\Roaming\CaseWare IDEA
2015-04-19 15:42 . 2012-11-12 08:54 6525440 ----a-w- c:\windows\system32\cdintf450_64.dll
2015-04-19 15:42 . 2012-11-12 08:54 4809728 ----a-w- c:\windows\SysWow64\cdintf450.dll
2015-04-19 15:38 . 2015-04-19 15:38 -------- d-----w- c:\program files (x86)\Common Files\Audicon
2015-04-19 15:37 . 2015-04-19 15:37 -------- d-----w- c:\program files (x86)\CaseWare IDEA
2015-04-19 15:32 . 2015-04-19 15:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2015-04-16 10:57 . 2015-04-16 10:57 -------- d-----w- c:\users\Lucka\AppData\Local\Startup
2015-04-16 10:42 . 2015-04-16 10:42 -------- d-----w- c:\programdata\Softland
2015-04-16 10:40 . 2015-04-26 20:10 -------- d-----w- c:\program files (x86)\Softland
2015-04-15 13:30 . 2015-03-23 03:24 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-15 13:29 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 13:27 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 13:27 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 13:27 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-13 15:03 . 2015-04-13 15:03 -------- d-----w- c:\users\Lucka\AppData\Roaming\Zeon
2015-04-13 15:01 . 2015-04-13 15:01 -------- d-----w- c:\programdata\zeon
2015-04-13 15:01 . 2015-04-13 15:01 -------- d-----w- c:\program files (x86)\Zeon
2015-04-04 01:01 . 2015-04-04 01:02 -------- d-s---w- c:\windows\system32\GWX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-25 14:17 . 2014-06-14 05:33 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-25 14:17 . 2014-06-14 05:33 207272 ----a-w- c:\windows\system32\javaw.exe
2015-04-25 14:17 . 2014-06-14 05:33 206760 ----a-w- c:\windows\system32\java.exe
2015-04-22 05:09 . 2015-04-25 14:22 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-18 06:35 . 2012-04-16 10:59 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-18 06:35 . 2011-06-06 08:15 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-18 06:35 . 2015-04-18 06:35 17244848 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-16 22:06 . 2010-07-04 05:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-04-16 22:06 . 2010-08-07 08:14 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2015-04-16 01:12 . 2010-06-16 11:45 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-06 19:40 . 2010-08-07 08:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-04-06 19:40 . 2010-07-04 05:55 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-03-28 05:40 . 2013-12-28 14:18 136752 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-03-28 05:40 . 2013-03-13 18:57 271200 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-03-28 05:40 . 2013-03-13 18:57 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-03-28 05:40 . 2010-08-24 10:16 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-03-28 05:40 . 2010-08-24 10:16 88408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-03-28 05:40 . 2015-03-28 05:41 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-03-28 05:40 . 2014-04-30 06:18 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-03-28 05:40 . 2012-02-25 11:13 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-03-28 05:39 . 2015-03-28 05:39 43112 ----a-w- c:\windows\avastSS.scr
2015-03-28 05:38 . 2011-06-01 15:43 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-03-25 03:00 . 2015-04-15 13:31 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 13:31 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 13:31 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 13:31 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 13:31 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-17 05:16 . 2015-04-15 13:30 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-17 05:01 . 2015-04-15 13:30 3920824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-03-17 05:01 . 2015-04-15 13:30 3976632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-03-17 04:59 . 2015-04-15 13:30 1309696 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-03-17 04:57 . 2015-04-15 13:30 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-17 04:57 . 2015-04-15 13:30 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-17 04:57 . 2015-04-15 13:30 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-03-17 04:57 . 2015-04-15 13:30 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-17 04:57 . 2015-04-15 13:30 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-17 04:57 . 2015-04-15 13:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-03-17 04:57 . 2015-04-15 13:30 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-17 04:57 . 2015-04-15 13:30 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-17 04:57 . 2015-04-15 13:30 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-17 04:56 . 2015-04-15 13:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-17 04:56 . 2015-04-15 13:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-03-17 04:56 . 2015-04-15 13:30 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-03-17 04:56 . 2015-04-15 13:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-03-17 04:56 . 2015-04-15 13:30 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-03-17 04:53 . 2015-04-15 13:30 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-03-17 04:53 . 2015-04-15 13:30 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-03-17 03:45 . 2015-04-15 13:30 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2015-03-17 03:45 . 2015-04-15 13:30 2048 ----a-w- c:\windows\SysWow64\user.exe
2015-03-13 03:42 . 2015-04-15 13:29 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-03-13 03:28 . 2015-04-15 13:29 503296 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-03-13 03:28 . 2015-04-15 13:29 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-03-13 03:27 . 2015-04-15 13:29 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27 . 2015-04-15 13:29 340992 ----a-w- c:\windows\SysWow64\html.iec
2015-03-13 03:26 . 2015-04-15 13:29 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16 . 2015-04-15 13:29 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-03-13 03:15 . 2015-04-15 13:29 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-03-13 03:01 . 2015-04-15 13:29 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49 . 2015-04-15 13:29 4305408 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-03-13 02:43 . 2015-04-15 13:29 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-03-13 02:42 . 2015-04-15 13:29 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20 . 2015-04-15 13:29 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2015-03-10 07:22 . 2014-06-10 12:10 627920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-03-10 03:08 . 2015-04-15 13:30 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 13:30 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 04:05 . 2015-04-15 13:30 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-02-26 03:25 . 2015-03-11 15:17 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2010-07-30 04:20 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-11 15:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 15:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 15:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 15:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 15:19 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 15:19 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 15:19 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 15:19 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 15:19 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 15:19 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-11 15:17 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-11 15:15 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 15:15 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 15:19 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 15:19 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 15:19 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 15:19 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 15:19 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 15:19 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 15:17 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 15:17 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 15:18 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 15:18 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 15:18 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 15:19 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 15:19 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 15:19 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 15:19 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 15:19 37376 ----a-w- c:\windows\system32\pcadm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"="1430646562" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2009-09-15 536576]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-03-28 5512912]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-12-26 675840]
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 FortiSslvpnDaemon;FortiClient SSLVPN;c:\windows\SysWOW64\FortiSSLVPNdaemon.exe;c:\windows\SysWOW64\FortiSSLVPNdaemon.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 SnugTV Service;SnugTV Service;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 pppop;PPPoP WAN Adapter;c:\windows\system32\DRIVERS\pppop64.sys;c:\windows\SYSNATIVE\DRIVERS\pppop64.sys [x]
S3 USB_Ethernet_Adaptor;USB to Ethernet Adapter;c:\windows\system32\DRIVERS\USB_Ethernet_Adaptor.sys;c:\windows\SYSNATIVE\DRIVERS\USB_Ethernet_Adaptor.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-03 08:05 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-03-28 05:40 722400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-11-16 508472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-11-24 625032]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 172.16.0.5 172.16.10.1
FF - ProfilePath - c:\users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\2yzghyrg.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Kat MP3 Recorder - c:\program files (x86)\Kat MP3 Recorder\uninstall.exe
AddRemove-Plus500 - c:\program files (x86)\Plus500\Plus500.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2015-05-03 12:01:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-05-03 10:01
.
Před spuštěním: Volných bajtů: 60 145 500 160
Po spuštění: Volných bajtů: 59 688 251 392
.
- - End Of File - - 2DB0BFEEB8EB9F4FC60B3B37F783DFFF

[Kanovka]

tak snad zase vše provedeno

[mople71]

Bezva.


Veškeré kroky prosím prováděj v nouzovém režimu!

Aplikuj skript pro ComboFix:

Na Ploše vytvoř nový textový dokument jménem CFScript, do něj vlož tento skript:

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

Přetáhni myší vytvořený soubor nad ikonu ComboFix a pusť. (jako přesouvání souboru do složky)

ComboFix vykoná příkazy a restartuje PC, nastartuj jej prosím do Nouzového režimu. Následně přilož log.

-----------------------------------------------------------------------

Stáhni si Eset Online Scanner: http://download.eset.com/special/eos/es ... er_enu.exe

Po otevření zatrhni YES, I accept the Terms of Use a klikni na Start.

Zatrhni Enable detection of potentially unwanted applications, potom klikni na Advanced settings, kde zruš zatržítko u Remove found threats a naopak zkontroluj/přidej zatržítko u Scan for potentially unsafe applications a Enable Anti-Stealth technology. Následně klikni na Start.

Stáhne se virová databáze a poté se spustí sken, který může být časově náročný. V době skenu s PC nijak nemanipuluj!

Po dokončení zruš zatržítko u možnosti Uninstall application on close a klikni na Finish.

Nakonec vyhledej log, který je umístěn v C:\Program Files\ESET\EsetOnlineScanner\log.txt a jeho obsah sem prosím vlož.

[Kanovka]

ComboFix 15-04-28.01 - Lucka 03.05.2015 19:25:51.2.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.3078 [GMT 2:00]
Spuštěný z: c:\users\Lucka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lucka\Desktop\CFScript.TXT
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!SysWOW64!userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-04-03 do 2015-05-03 )))))))))))))))))))))))))))))))
.
.
2015-05-03 17:41 . 2015-05-03 17:41 -------- d-----w- c:\users\Michal\AppData\Local\temp
2015-05-03 17:41 . 2015-05-03 17:41 -------- d-----w- c:\users\Hanka\AppData\Local\temp
2015-05-03 17:41 . 2015-05-03 17:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-03 17:41 . 2015-05-03 17:41 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2015-05-03 06:03 . 2015-05-03 08:37 -------- d-----w- C:\FRST
2015-05-03 05:50 . 2015-05-03 05:50 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-05-02 05:41 . 2015-05-02 17:15 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-01 21:11 . 2015-05-02 05:41 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-01 21:10 . 2015-05-02 05:39 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-01 21:10 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-01 21:10 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-01 21:10 . 2015-05-01 21:11 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-01 20:44 . 2015-05-01 20:57 -------- d-----w- C:\AdwCleaner
2015-05-01 19:31 . 2015-05-03 09:35 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7DEC9E61-3E30-4CB4-A106-CA42A05A0E28}\offreg.dll
2015-05-01 19:02 . 2015-05-01 19:02 -------- d-----w- c:\program files (x86)\DLLSuite
2015-05-01 07:14 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7DEC9E61-3E30-4CB4-A106-CA42A05A0E28}\mpengine.dll
2015-04-25 14:21 . 2015-04-25 14:17 319912 ----a-w- c:\windows\system32\javaws.exe
2015-04-22 05:13 . 2015-04-22 05:13 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-04-19 19:37 . 2015-04-19 19:37 -------- d-----w- c:\users\Lucka\AppData\Roaming\CaseWare IDEA
2015-04-19 15:42 . 2012-11-12 08:54 6525440 ----a-w- c:\windows\system32\cdintf450_64.dll
2015-04-19 15:42 . 2012-11-12 08:54 4809728 ----a-w- c:\windows\SysWow64\cdintf450.dll
2015-04-19 15:38 . 2015-04-19 15:38 -------- d-----w- c:\program files (x86)\Common Files\Audicon
2015-04-19 15:37 . 2015-04-19 15:37 -------- d-----w- c:\program files (x86)\CaseWare IDEA
2015-04-19 15:32 . 2015-04-19 15:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2015-04-16 10:57 . 2015-04-16 10:57 -------- d-----w- c:\users\Lucka\AppData\Local\Startup
2015-04-16 10:42 . 2015-04-16 10:42 -------- d-----w- c:\programdata\Softland
2015-04-16 10:40 . 2015-04-26 20:10 -------- d-----w- c:\program files (x86)\Softland
2015-04-15 13:30 . 2015-03-23 03:24 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-15 13:29 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 13:27 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 13:27 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 13:27 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-13 15:03 . 2015-04-13 15:03 -------- d-----w- c:\users\Lucka\AppData\Roaming\Zeon
2015-04-13 15:01 . 2015-04-13 15:01 -------- d-----w- c:\programdata\zeon
2015-04-13 15:01 . 2015-04-13 15:01 -------- d-----w- c:\program files (x86)\Zeon
2015-04-04 01:01 . 2015-04-04 01:02 -------- d-s---w- c:\windows\system32\GWX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-25 14:17 . 2014-06-14 05:33 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-25 14:17 . 2014-06-14 05:33 207272 ----a-w- c:\windows\system32\javaw.exe
2015-04-25 14:17 . 2014-06-14 05:33 206760 ----a-w- c:\windows\system32\java.exe
2015-04-22 05:09 . 2015-04-25 14:22 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-18 06:35 . 2012-04-16 10:59 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-18 06:35 . 2011-06-06 08:15 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-18 06:35 . 2015-04-18 06:35 17244848 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-16 22:06 . 2010-07-04 05:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2015-04-16 22:06 . 2010-08-07 08:14 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2015-04-16 01:12 . 2010-06-16 11:45 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-06 19:40 . 2010-08-07 08:14 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2015-04-06 19:40 . 2010-07-04 05:55 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-03-28 05:40 . 2013-12-28 14:18 136752 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-03-28 05:40 . 2013-03-13 18:57 271200 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-03-28 05:40 . 2013-03-13 18:57 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-03-28 05:40 . 2010-08-24 10:16 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-03-28 05:40 . 2010-08-24 10:16 88408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-03-28 05:40 . 2015-03-28 05:41 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-03-28 05:40 . 2014-04-30 06:18 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-03-28 05:40 . 2012-02-25 11:13 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-03-28 05:39 . 2015-03-28 05:39 43112 ----a-w- c:\windows\avastSS.scr
2015-03-28 05:38 . 2011-06-01 15:43 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-03-25 03:00 . 2015-04-15 13:31 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 13:31 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 13:31 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 13:31 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 13:31 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-17 05:16 . 2015-04-15 13:30 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-17 05:01 . 2015-04-15 13:30 3920824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-03-17 05:01 . 2015-04-15 13:30 3976632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-03-17 04:59 . 2015-04-15 13:30 1309696 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-03-17 04:57 . 2015-04-15 13:30 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2015-03-17 04:57 . 2015-04-15 13:30 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2015-03-17 04:57 . 2015-04-15 13:30 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-03-17 04:57 . 2015-04-15 13:30 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-03-17 04:57 . 2015-04-15 13:30 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2015-03-17 04:57 . 2015-04-15 13:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-03-17 04:57 . 2015-04-15 13:30 221184 ----a-w- c:\windows\SysWow64\ncrypt.dll
2015-03-17 04:57 . 2015-04-15 13:30 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-03-17 04:57 . 2015-04-15 13:30 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-03-17 04:56 . 2015-04-15 13:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-03-17 04:56 . 2015-04-15 13:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-03-17 04:56 . 2015-04-15 13:30 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2015-03-17 04:56 . 2015-04-15 13:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-03-17 04:56 . 2015-04-15 13:30 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-03-17 04:53 . 2015-04-15 13:30 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2015-03-17 04:53 . 2015-04-15 13:30 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-03-17 03:45 . 2015-04-15 13:30 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2015-03-17 03:45 . 2015-04-15 13:30 2048 ----a-w- c:\windows\SysWow64\user.exe
2015-03-13 03:42 . 2015-04-15 13:29 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-03-13 03:28 . 2015-04-15 13:29 503296 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-03-13 03:28 . 2015-04-15 13:29 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-03-13 03:27 . 2015-04-15 13:29 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27 . 2015-04-15 13:29 340992 ----a-w- c:\windows\SysWow64\html.iec
2015-03-13 03:26 . 2015-04-15 13:29 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16 . 2015-04-15 13:29 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2015-03-13 03:15 . 2015-04-15 13:29 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-03-13 03:01 . 2015-04-15 13:29 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49 . 2015-04-15 13:29 4305408 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-03-13 02:43 . 2015-04-15 13:29 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-03-13 02:42 . 2015-04-15 13:29 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20 . 2015-04-15 13:29 1888256 ----a-w- c:\windows\SysWow64\wininet.dll
2015-03-10 07:22 . 2014-06-10 12:10 627920 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-03-10 03:08 . 2015-04-15 13:30 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 13:30 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-03-05 04:05 . 2015-04-15 13:30 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-02-26 03:25 . 2015-03-11 15:17 3204096 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2010-07-30 04:20 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-11 15:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 15:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 15:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 15:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 15:19 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 15:19 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 15:19 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 15:19 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 15:19 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 15:19 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-02-17 15:04 . 2015-02-17 15:04 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-11 15:17 14177280 ----a-w- c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13 869536 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-11 15:15 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 15:15 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 15:19 693176 ----a-w- c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 15:19 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 15:19 616360 ----a-w- c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 15:19 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 15:19 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 15:19 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 15:17 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 15:17 215552 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 15:18 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 15:18 5120 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 15:18 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 15:19 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 15:19 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 15:19 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 15:19 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 15:19 37376 ----a-w- c:\windows\system32\pcadm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 07:22 1729752 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Adobe Speed Launcher"="1430675207" [X]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2009-09-15 536576]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2015-03-28 5512912]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-11-17 448856]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WLStart"="c:\program files (x86)\Windows Live\Installer\wlstart.exe" [2009-07-26 779600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-12-26 675840]
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-8-11 1080608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys;c:\windows\SYSNATIVE\drivers\WDBridge.sys [x]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IGRS;IGRS;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe;c:\program files (x86)\Lenovo\ReadyComm\common\IGRS.exe [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe;c:\program files\Lenovo\ReadyComm\AppSvc.exe [x]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe;c:\windows\SYSNATIVE\IgrsSvcs.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]
S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]
S2 AVerUpdateServer;AVerUpdateServer;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe;c:\program files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 FortiSslvpnDaemon;FortiClient SSLVPN;c:\windows\SysWOW64\FortiSSLVPNdaemon.exe;c:\windows\SysWOW64\FortiSSLVPNdaemon.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 SnugTV Service;SnugTV Service;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe;c:\program files (x86)\SnugTV\SnugTV Station\AMAServer.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 pppop;PPPoP WAN Adapter;c:\windows\system32\DRIVERS\pppop64.sys;c:\windows\SYSNATIVE\DRIVERS\pppop64.sys [x]
S3 USB_Ethernet_Adaptor;USB to Ethernet Adapter;c:\windows\system32\DRIVERS\USB_Ethernet_Adaptor.sys;c:\windows\SYSNATIVE\DRIVERS\USB_Ethernet_Adaptor.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys;c:\windows\SYSNATIVE\DRIVERS\WDMirror.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
<NO NAME> REG_SZ
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-03 08:05 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.135\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-03-10 08:43 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-03-28 05:40 722400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-11-16 508472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-11-24 625032]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2009-12-19 776608]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\utility.exe" [2009-12-17 4367808]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6988736]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 172.16.0.5 172.16.10.1
FF - ProfilePath - c:\users\Lucka\AppData\Roaming\Mozilla\Firefox\Profiles\2yzghyrg.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Kat MP3 Recorder - c:\program files (x86)\Kat MP3 Recorder\uninstall.exe
AddRemove-Plus500 - c:\program files (x86)\Plus500\Plus500.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files\Microsoft Office 15\Root\Office15\MsoSync.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2015-05-03 19:56:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-05-03 17:55
ComboFix2.txt 2015-05-03 10:01
.
Před spuštěním: Volných bajtů: 59 889 098 752
Po spuštění: Volných bajtů: 59 578 486 784
.
- - End Of File - - AACAE42EDD20452B25F04605EF2FB7F8

[Kanovka]

bohužel se mi nepodařilo nastartovat to z toho restartu opět do nouzového režimu, pokud je s tím problém, provedu ten první krok znovu, na ten eset se opět přepnu do toho nouzového režimu

[mople71]

ComboFix byl proveden v nouzovém režimu?

V tom případě se přepni znovu do nouzového režimu a v něm proveď další krok.

[Kanovka]

ano ComboFix byl proveden v nouzovém režimu, po restartu ovšem nebyl znovu načten nouzový režim, takže teď jsem se znovu dostala do noouzovýho režimu a jdu na ten eset

[Kanovka]

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0b51c28a5bd1ca409b83d2d5e0b36955
# engine=23675
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-05-03 08:20:20
# local_time=2015-05-03 10:20:20 )
# country="Czech Republic"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 38695 182314270 0 0
# scanned=288762
# found=6
# cleaned=0
# scan_time=6351
sh=886271A59B6E513DE79B853354A67CB9D0B6F9E0 ft=1 fh=e47de79839fbeae1 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Ask\APN-Stub\ATU2\APNIC.dll.vir"
sh=4B0F3C79BAB3B47DAC180CAECB53ED7A294B0B35 ft=1 fh=873e80e27dcd41ab vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=E0BA599048B8C2B518CF3D262C13FD4B69BEB832 ft=0 fh=0000000000000000 vn="Win32/AztecMedia.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lucka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah\2.0.0.5_0\newtab.html.vir"
sh=08A5CE348D319335A92076C65C1091277AFED1B9 ft=1 fh=158b9db86261fb7d vn="a variant of Win64/Systweak.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir"
sh=35C96F72A5D6A44FCE7CE68DF1BCAF7B48350091 ft=1 fh=a22e4ae349e54c97 vn="a variant of Win32/Speedchecker.B potentially unwanted application" ac=I fn="C:\Users\Lucka\Documents\PCSU_Update.exe"
sh=F53194FE335C1DF41F1BC945626206D3F844FA89 ft=1 fh=d05664838e1e7c7e vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Users\Lucka\Documents\Lucka\Ostatní\škola - zuzka\VŠ\Státnice 2013\FoxitReader545.0124_enu_Setup.exe"

[Kanovka]

tak vše snad hotovo