Prosím o kontrolu LOGU

rado104 · Příspěvekod **rado104** » 14 srp 2014 15:04

ComboFix 14-08-12.01 - Radoslav . 08. 2014 14:52:46.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3016.1757 [GMT 2:00]
Running from: C:\Users\Radoslav\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

((((((((((((((((((((((((( Files Created from 2014-07-14 to 2014-08-14 )))))))))))))))))))))))))))))))

2014-08-14 13:00:01 . 2014-08-14 13:00:01 -------- d-----w- C:\Users\Default\AppData\Local\temp
2014-08-12 09:21:52 . 2014-08-12 16:29:55 30312 ----a-w- C:\windows\system32\drivers\TrueSight.sys
2014-08-12 09:21:51 . 2014-08-12 09:21:52 -------- d-----w- C:\ProgramData\RogueKiller
2014-08-12 08:35:26 . 2014-08-12 08:35:26 -------- d-----w- C:\windows\ERUNT
2014-08-11 19:04:22 . 2014-07-14 02:12:38 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F6AC3D1-F3DA-48F3-93F0-70B85E4CD7BE}\mpengine.dll
2014-08-11 19:04:21 . 2014-05-08 09:32:11 16384 ----a-w- C:\windows\system32\RdpGroupPolicyExtension.dll
2014-08-11 19:04:20 . 2014-05-08 09:32:11 3178496 ----a-w- C:\windows\system32\rdpcorets.dll
2014-08-11 19:04:15 . 2014-01-09 02:22:42 5694464 ----a-w- C:\windows\SysWow64\mstscax.dll
2014-08-11 19:04:15 . 2014-01-03 22:44:58 6574592 ----a-w- C:\windows\system32\mstscax.dll
2014-08-11 18:33:52 . 2014-08-12 09:07:11 122584 ----a-w- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-11 18:33:41 . 2014-08-11 18:33:44 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-11 18:33:41 . 2014-08-11 18:33:41 -------- d-----w- C:\ProgramData\Malwarebytes
2014-08-11 18:33:41 . 2014-05-12 05:26:10 63704 ----a-w- C:\windows\system32\drivers\mwac.sys
2014-08-11 18:33:41 . 2014-05-12 05:26:00 91352 ----a-w- C:\windows\system32\drivers\mbamchameleon.sys
2014-08-11 18:33:41 . 2014-05-12 05:25:56 25816 ----a-w- C:\windows\system32\drivers\mbam.sys
2014-08-11 18:33:27 . 2014-08-11 18:33:27 -------- d-----w- C:\Users\Radoslav\AppData\Local\Programs
2014-08-11 18:29:50 . 2010-08-30 06:34:16 536576 ----a-w- C:\windows\SysWow64\sqlite3.dll
2014-08-11 18:28:55 . 2014-08-12 08:28:24 -------- d-----w- C:\AdwCleaner
2014-08-11 18:28:53 . 2014-08-12 09:24:36 -------- d-sh--w- C:\Users\Radoslav\AppData\Local\EmieUserList
2014-08-11 18:28:53 . 2014-08-12 09:24:36 -------- d-sh--w- C:\Users\Radoslav\AppData\Local\EmieSiteList
2014-08-11 18:27:03 . 2014-08-11 18:27:03 -------- d-----w- C:\Users\Radoslav\AppData\Local\Broadcom
2014-08-10 22:52:34 . 2014-08-10 22:52:36 -------- d-----w- C:\Program Files\CCleaner
2014-08-10 22:32:16 . 2014-08-10 22:32:47 -------- d-----w- C:\Users\Radoslav\AppData\Roaming\Dropbox
2014-08-10 22:31:46 . 2014-08-10 22:31:46 -------- d-----w- C:\Users\Radoslav\AppData\Roaming\AVAST Software
2014-08-10 22:29:36 . 2014-08-10 22:30:51 427360 ----a-w- C:\windows\system32\drivers\aswsp.sys
2014-08-10 22:29:36 . 2014-08-10 22:29:21 92008 ----a-w- C:\windows\system32\drivers\aswStm.sys
2014-08-10 22:29:36 . 2014-08-10 22:29:21 79184 ----a-w- C:\windows\system32\drivers\aswMonFlt.sys
2014-08-10 22:29:36 . 2014-08-10 22:29:21 65776 ----a-w- C:\windows\system32\drivers\aswRvrt.sys
2014-08-10 22:29:36 . 2014-08-10 22:29:21 29208 ----a-w- C:\windows\system32\drivers\aswHwid.sys
2014-08-10 22:29:36 . 2014-08-10 22:29:21 224896 ----a-w- C:\windows\system32\drivers\aswVmm.sys
2014-08-10 22:29:36 . 2014-08-10 22:29:21 1041168 ----a-w- C:\windows\system32\drivers\aswSnx.sys
2014-08-10 22:29:35 . 2014-08-10 22:29:21 93568 ----a-w- C:\windows\system32\drivers\aswRdr2.sys
2014-08-10 22:29:26 . 2014-08-10 22:29:21 307344 ----a-w- C:\windows\system32\aswBoot.exe
2014-08-10 22:29:20 . 2014-08-10 22:29:20 43152 ----a-w- C:\windows\avastSS.scr
2014-08-10 22:28:44 . 2014-08-10 22:28:44 -------- d-----w- C:\Program Files\AVAST Software
2014-08-10 22:27:53 . 2014-08-10 22:28:44 -------- d-----w- C:\ProgramData\AVAST Software
2014-08-10 22:01:45 . 2014-08-10 22:01:45 -------- d-----w- C:\Program Files (x86)\Common Files\Java
2014-08-10 22:01:24 . 2014-07-25 10:55:09 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-10 22:00:35 . 2012-08-23 14:10:20 19456 ----a-w- C:\windows\system32\drivers\rdpvideominiport.sys
2014-08-10 22:00:35 . 2012-08-23 14:08:26 30208 ----a-w- C:\windows\system32\drivers\TsUsbGD.sys
2014-08-10 22:00:33 . 2012-08-23 14:13:11 243200 ----a-w- C:\windows\system32\rdpudd.dll
2014-08-10 22:00:33 . 2012-08-23 11:12:17 192000 ----a-w- C:\windows\SysWow64\rdpendp_winip.dll
2014-08-10 22:00:33 . 2012-08-23 10:51:14 228864 ----a-w- C:\windows\system32\rdpendp_winip.dll
2014-08-10 21:58:59 . 2013-09-25 02:23:41 1030144 ----a-w- C:\windows\system32\TSWorkspace.dll
2014-08-10 21:58:59 . 2013-09-25 01:57:53 792576 ----a-w- C:\windows\SysWow64\TSWorkspace.dll
2014-08-10 21:57:10 . 2012-05-04 09:59:54 514560 ----a-w- C:\windows\SysWow64\qdvd.dll
2014-08-10 21:57:09 . 2012-05-04 11:00:43 366592 ----a-w- C:\windows\system32\qdvd.dll
.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-08-05 07:20:00 . 2010-11-21 03:27:21 270496 ------w- C:\windows\system32\MpSigStub.exe
2014-07-09 18:33:33 . 2013-12-13 17:42:41 71344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 18:33:33 . 2013-12-13 17:42:41 699056 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-06-20 20:14:31 . 2014-07-09 08:31:55 266424 ----a-w- C:\windows\system32\iedkcs32.dll
2014-06-19 01:39:48 . 2014-07-09 08:31:45 23464448 ----a-w- C:\windows\system32\mshtml.dll
2014-06-19 01:06:55 . 2014-07-09 08:31:55 2724864 ----a-w- C:\windows\system32\mshtml.tlb
2014-06-19 01:06:24 . 2014-07-09 08:31:53 4096 ----a-w- C:\windows\system32\ieetwcollectorres.dll
2014-06-19 00:48:18 . 2014-07-09 08:31:51 2768384 ----a-w- C:\windows\system32\iertutil.dll
2014-06-19 00:42:57 . 2014-07-09 08:31:47 548352 ----a-w- C:\windows\system32\vbscript.dll
2014-06-19 00:42:49 . 2014-07-09 08:31:51 66048 ----a-w- C:\windows\system32\iesetup.dll
2014-06-19 00:41:52 . 2014-07-09 08:31:55 48640 ----a-w- C:\windows\system32\ieetwproxystub.dll
2014-06-19 00:41:16 . 2014-07-09 08:31:46 83968 ----a-w- C:\windows\system32\MshtmlDac.dll
2014-06-19 00:32:19 . 2014-07-09 08:31:50 51200 ----a-w- C:\windows\system32\jsproxy.dll
2014-06-19 00:31:24 . 2014-07-09 08:31:55 33792 ----a-w- C:\windows\system32\iernonce.dll
2014-06-19 00:26:41 . 2014-07-09 08:31:49 598016 ----a-w- C:\windows\system32\ieui.dll
2014-06-19 00:24:30 . 2014-07-09 08:31:48 139264 ----a-w- C:\windows\system32\ieUnatt.exe
2014-06-19 00:24:12 . 2014-07-09 08:31:53 111616 ----a-w- C:\windows\system32\ieetwcollector.exe
2014-06-19 00:23:53 . 2014-07-09 08:31:47 752640 ----a-w- C:\windows\system32\jscript9diag.dll
2014-06-19 00:14:28 . 2014-07-09 08:31:45 940032 ----a-w- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 00:09:47 . 2014-07-09 08:31:52 452608 ----a-w- C:\windows\system32\dxtmsft.dll
2014-06-18 23:59:04 . 2014-07-09 08:31:55 38400 ----a-w- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37 . 2014-07-09 08:31:54 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-06-18 23:53:27 . 2014-07-09 08:31:46 195584 ----a-w- C:\windows\system32\msrating.dll
2014-06-18 23:51:38 . 2014-07-09 08:31:47 5721088 ----a-w- C:\windows\system32\jscript9.dll
2014-06-18 23:50:47 . 2014-07-09 08:31:48 85504 ----a-w- C:\windows\system32\mshtmled.dll
2014-06-18 23:48:44 . 2014-07-09 08:31:49 292864 ----a-w- C:\windows\system32\dxtrans.dll
2014-06-18 23:39:30 . 2014-07-09 08:31:52 608768 ----a-w- C:\windows\system32\ie4uinit.exe
2014-06-18 23:38:40 . 2014-07-09 08:31:50 455168 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-06-18 23:37:23 . 2014-07-09 08:31:53 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-06-18 23:36:35 . 2014-07-09 08:31:55 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55 . 2014-07-09 08:31:49 62464 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:33:07 . 2014-07-09 08:31:52 631808 ----a-w- C:\windows\system32\msfeeds.dll
2014-06-18 23:27:45 . 2014-07-09 08:31:48 1249280 ----a-w- C:\windows\system32\mshtmlmedia.dll
2014-06-18 23:27:07 . 2014-07-09 08:31:51 2040832 ----a-w- C:\windows\system32\inetcpl.cpl
2014-06-18 23:23:27 . 2014-07-09 08:31:50 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40 . 2014-07-09 08:31:55 592896 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10 . 2014-07-09 08:31:55 32256 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27 . 2014-07-09 08:31:46 2266112 ----a-w- C:\windows\system32\wininet.dll
2014-06-18 22:52:18 . 2014-07-09 08:31:50 4254720 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-06-18 22:51:48 . 2014-07-09 08:31:49 13527040 ----a-w- C:\windows\system32\ieframe.dll
2014-06-18 22:46:23 . 2014-07-09 08:31:50 1068032 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59 . 2014-07-09 08:31:53 1964544 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:34:25 . 2014-07-09 08:31:53 1393664 ----a-w- C:\windows\system32\urlmon.dll
2014-06-18 22:15:24 . 2014-07-09 08:31:47 846336 ----a-w- C:\windows\system32\ieapfltr.dll
2014-06-18 22:13:59 . 2014-07-09 08:31:50 1791488 ----a-w- C:\windows\SysWow64\wininet.dll
2014-06-18 02:18:30 . 2014-07-09 08:32:13 692736 ----a-w- C:\windows\system32\osk.exe
2014-06-18 01:51:32 . 2014-07-09 08:32:13 646144 ----a-w- C:\windows\SysWow64\osk.exe
2014-06-18 01:10:36 . 2014-07-09 08:32:13 3157504 ----a-w- C:\windows\system32\win32k.sys
2014-06-06 10:10:34 . 2014-07-09 08:32:11 624128 ----a-w- C:\windows\system32\qedit.dll
2014-06-06 09:44:17 . 2014-07-09 08:32:11 509440 ----a-w- C:\windows\SysWow64\qedit.dll
2014-06-05 14:45:15 . 2014-07-09 08:30:18 1460736 ----a-w- C:\windows\system32\lsasrv.dll
2014-06-05 14:26:58 . 2014-07-09 08:30:18 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2014-06-05 14:25:49 . 2014-07-09 08:30:18 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
2014-05-30 08:08:52 . 2014-07-09 08:32:05 210944 ----a-w- C:\windows\system32\wdigest.dll
2014-05-30 08:08:49 . 2014-07-09 08:32:05 86528 ----a-w- C:\windows\system32\TSpkg.dll
2014-05-30 08:08:47 . 2014-07-09 08:32:07 340992 ----a-w- C:\windows\system32\schannel.dll
2014-05-30 08:08:41 . 2014-07-09 08:32:05 314880 ----a-w- C:\windows\system32\msv1_0.dll
2014-05-30 08:08:41 . 2014-07-09 08:32:05 307200 ----a-w- C:\windows\system32\ncrypt.dll
2014-05-30 08:08:36 . 2014-07-09 08:32:06 728064 ----a-w- C:\windows\system32\kerberos.dll
2014-05-30 08:08:31 . 2014-07-09 08:32:04 22016 ----a-w- C:\windows\system32\credssp.dll
2014-05-30 07:52:51 . 2014-07-09 08:32:05 172032 ----a-w- C:\windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 . 2014-07-09 08:32:05 65536 ----a-w- C:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 . 2014-07-09 08:32:06 247808 ----a-w- C:\windows\SysWow64\schannel.dll
2014-05-30 07:52:41 . 2014-07-09 08:32:05 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 . 2014-07-09 08:32:05 259584 ----a-w- C:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 . 2014-07-09 08:32:07 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 . 2014-07-09 08:32:04 17408 ----a-w- C:\windows\SysWow64\credssp.dll
2014-05-30 06:45:52 . 2014-07-09 08:32:11 497152 ----a-w- C:\windows\system32\drivers\afd.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-06-17 17:11:44 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 08:20:50 283160]
"331BigDog"="C:\Program Files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 11:38:46 536576]
"UpdateP2GShortCut"="C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 16:35:56 222504]
"YouCam Mirage"="C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 23:29:36 136488]
"YouCam Tray"="C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 23:29:36 228448]
"VeriFaceManager"="C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe" [2011-06-17 17:18:51 329056]
"UpdatePRCShortCut"="C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 16:38:24 222504]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 16:57:26 959904]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 10:29:36 256896]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2014-08-10 22:30:51 4085896]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""

R2 aswStm;aswStm;C:\windows\system32\drivers\aswStm.sys;C:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 cfwids;McAfee Inc. cfwids;C:\windows\system32\drivers\cfwids.sys;C:\windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\system32\IEEtwCollector.exe;C:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McAWFwk;McAfee Activation Service;c:\PROGRA~1\mcafee\msc\mcawfwk.exe;c:\PROGRA~1\mcafee\msc\mcawfwk.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;C:\windows\system32\drivers\mferkdet.sys;C:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\system32\drivers\rdpvideominiport.sys;C:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUVStor.sys;C:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys;C:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys;C:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;C:\windows\system32\Wat\WatAdminSvc.exe;C:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys;C:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;C:\windows\system32\drivers\fbfmon.sys;C:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;C:\windows\System32\DRIVERS\LhdX64.sys;C:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys;C:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys;C:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;C:\windows\system32\drivers\BPntDrv.sys;C:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 aswHwid;avast! HardwareID;C:\windows\system32\drivers\aswHwid.sys;C:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\windows\system32\drivers\aswMonFlt.sys;C:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe;C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\system32\mfevtps.exe;C:\windows\SYSNATIVE\mfevtps.exe [x]
S2 mfewfpk;McAfee Inc. mfewfpk;C:\windows\system32\drivers\mfewfpk.sys;C:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\system32\DRIVERS\AcpiVpc.sys;C:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;C:\windows\system32\DRIVERS\btwampfl.sys;C:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;C:\windows\system32\DRIVERS\btwl2cap.sys;C:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys;C:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys;C:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;C:\windows\system32\drivers\mfefirek.sys;C:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 vm331avs;Digital Camera 1;C:\windows\system32\Drivers\vm331avs.sys;C:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 vmuvcflt;Vimicro USB Camera Filter;C:\windows\system32\Drivers\vmuvcflt.sys;C:\windows\SYSNATIVE\Drivers\vmuvcflt.sys [x]

--- Other Services/Drivers In Memory ---

*Deregistered* - mfeavfk01

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 14:01:05 1104200 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe

Contents of the 'Scheduled Tasks' folder

2014-08-12 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 17:42:41 . 2014-07-09 18:33:37]

2014-08-14 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 17:11:29 . 2011-06-17 17:11:27]

2014-08-14 C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf30a97016586.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-17 17:11:29 . 2011-06-17 17:11:27]

--------- X64 Entries -----------

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-10 22:29:21 634872 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09:56 164016 ----a-w- C:\Users\Radoslav\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-06-27 12:20:04 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-06-27 12:20:04 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-06-27 12:20:04 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-06-27 12:20:04 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-06-27 12:20:04 777032 ----a-w- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-06-17 17:18:55 1508192 ----a-w- C:\Windows\System32\IcnOvrly.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Lenovo EE Boot Optimizer"="C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-06-17 17:28:17 114688]
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-06-17 17:30:46 9753024]
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe" [2011-06-17 17:30:47 5908928]
"IgfxTray"="C:\windows\system32\igfxtray.exe" [2014-01-29 21:02:42 171992]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2014-01-29 21:02:14 399832]
"Persistence"="C:\windows\system32\igfxpers.exe" [2014-01-29 21:02:38 442328]

------- Supplementary Scan -------

uStart Page = hxxp://www.google.com
uLocal Page = C:\windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.202.32.3 195.162.161.182

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Reklama

Příspěvekod **Orcus** » 14 srp 2014 18:43

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

File::
C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf30a97016586.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\Tasks\Adobe Flash Player Updater.job

Folder::
c:\program files (x86)\Google\Update\
c:\program files\Skype\Updater\

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 14:01:05 1104200 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe

Driver::
SkypeUpdate
McAWFwk
mfefire
mfevtp
mfewfpk
mcpltsvc

RegLock::

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="C:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

rado104 · Příspěvekod **rado104** » 15 srp 2014 15:14

ComboFix 14-08-12.01 - Radoslav . 08. 2014 14:48:11.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3016.1417 [GMT 2:00]
Running from: c:\users\Radoslav\Desktop\ComboFix.exe
Command switches used :: c:\users\Radoslav\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf30a97016586.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.24.15\goopdate.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.24.15\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.24.15\psmachine.dll
c:\program files (x86)\Google\Update\1.3.24.15\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.24.15\psuser.dll
c:\program files (x86)\Google\Update\1.3.24.15\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\1.16.7009.9618\gsync.msi
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.125\36.0.1985.125_35.0.1916.153_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{5F934A97-A740-4971-900F-3251ADE945CD}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.5111.1712\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MFEWFPK
-------\Service_McAWFwk
-------\Service_mcpltsvc
-------\Service_mfefire
-------\Service_mfevtp
-------\Service_mfewfpk
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2014-07-15 to 2014-08-15 )))))))))))))))))))))))))))))))
.
.
2014-08-15 12:55 . 2014-08-15 12:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-15 12:44 . 2014-07-14 02:12 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A695A4A4-899A-444D-B657-2BC6A2F5C277}\mpengine.dll
2014-08-12 09:21 . 2014-08-12 16:29 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-12 09:21 . 2014-08-12 09:21 -------- d-----w- c:\programdata\RogueKiller
2014-08-12 08:35 . 2014-08-12 08:35 -------- d-----w- c:\windows\ERUNT
2014-08-11 19:04 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-08-11 19:04 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-08-11 19:04 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-08-11 19:04 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-08-11 18:33 . 2014-08-12 09:07 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-11 18:33 . 2014-08-11 18:33 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-11 18:33 . 2014-08-11 18:33 -------- d-----w- c:\programdata\Malwarebytes
2014-08-11 18:33 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-11 18:33 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-11 18:33 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-11 18:33 . 2014-08-11 18:33 -------- d-----w- c:\users\Radoslav\AppData\Local\Programs
2014-08-11 18:29 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-11 18:28 . 2014-08-12 08:28 -------- d-----w- C:\AdwCleaner
2014-08-11 18:28 . 2014-08-12 09:24 -------- d-sh--w- c:\users\Radoslav\AppData\Local\EmieUserList
2014-08-11 18:28 . 2014-08-12 09:24 -------- d-sh--w- c:\users\Radoslav\AppData\Local\EmieSiteList
2014-08-11 18:27 . 2014-08-11 18:27 -------- d-----w- c:\users\Radoslav\AppData\Local\Broadcom
2014-08-10 22:52 . 2014-08-10 22:52 -------- d-----w- c:\program files\CCleaner
2014-08-10 22:32 . 2014-08-10 22:32 -------- d-----w- c:\users\Radoslav\AppData\Roaming\Dropbox
2014-08-10 22:31 . 2014-08-10 22:31 -------- d-----w- c:\users\Radoslav\AppData\Roaming\AVAST Software
2014-08-10 22:29 . 2014-08-10 22:30 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-10 22:29 . 2014-08-10 22:29 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-10 22:29 . 2014-08-10 22:29 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-10 22:29 . 2014-08-10 22:29 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-10 22:29 . 2014-08-10 22:29 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-10 22:29 . 2014-08-10 22:29 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-10 22:29 . 2014-08-10 22:29 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-10 22:29 . 2014-08-10 22:29 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-10 22:29 . 2014-08-10 22:29 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-10 22:29 . 2014-08-10 22:29 43152 ----a-w- c:\windows\avastSS.scr
2014-08-10 22:28 . 2014-08-10 22:28 -------- d-----w- c:\program files\AVAST Software
2014-08-10 22:27 . 2014-08-10 22:28 -------- d-----w- c:\programdata\AVAST Software
2014-08-10 22:01 . 2014-08-10 22:01 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-10 22:01 . 2014-07-25 10:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-10 22:00 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-08-10 22:00 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-08-10 22:00 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-08-10 22:00 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-08-10 22:00 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-08-10 21:58 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-10 21:58 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-08-10 21:57 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-08-10 21:57 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-09 18:33 . 2013-12-13 17:42 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 18:33 . 2013-12-13 17:42 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-20 20:14 . 2014-07-09 08:31 266424 ----a-w- c:\windows\system32\iedkcs32.dll
2014-06-19 01:39 . 2014-07-09 08:31 23464448 ----a-w- c:\windows\system32\mshtml.dll
2014-06-19 01:06 . 2014-07-09 08:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-19 01:06 . 2014-07-09 08:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-06-19 00:48 . 2014-07-09 08:31 2768384 ----a-w- c:\windows\system32\iertutil.dll
2014-06-19 00:42 . 2014-07-09 08:31 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-06-19 00:42 . 2014-07-09 08:31 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-06-19 00:41 . 2014-07-09 08:31 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-06-19 00:41 . 2014-07-09 08:31 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-06-19 00:32 . 2014-07-09 08:31 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-06-19 00:31 . 2014-07-09 08:31 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-06-19 00:26 . 2014-07-09 08:31 598016 ----a-w- c:\windows\system32\ieui.dll
2014-06-19 00:24 . 2014-07-09 08:31 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-06-19 00:24 . 2014-07-09 08:31 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-06-19 00:23 . 2014-07-09 08:31 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-06-19 00:14 . 2014-07-09 08:31 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-19 00:09 . 2014-07-09 08:31 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2014-06-18 23:59 . 2014-07-09 08:31 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 23:56 . 2014-07-09 08:31 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-06-18 23:53 . 2014-07-09 08:31 195584 ----a-w- c:\windows\system32\msrating.dll
2014-06-18 23:51 . 2014-07-09 08:31 5721088 ----a-w- c:\windows\system32\jscript9.dll
2014-06-18 23:50 . 2014-07-09 08:31 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-06-18 23:48 . 2014-07-09 08:31 292864 ----a-w- c:\windows\system32\dxtrans.dll
2014-06-18 23:39 . 2014-07-09 08:31 608768 ----a-w- c:\windows\system32\ie4uinit.exe
2014-06-18 23:38 . 2014-07-09 08:31 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-06-18 23:37 . 2014-07-09 08:31 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-06-18 23:36 . 2014-07-09 08:31 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35 . 2014-07-09 08:31 62464 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-06-18 23:33 . 2014-07-09 08:31 631808 ----a-w- c:\windows\system32\msfeeds.dll
2014-06-18 23:27 . 2014-07-09 08:31 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-06-18 23:27 . 2014-07-09 08:31 2040832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-06-18 23:23 . 2014-07-09 08:31 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-06-18 23:22 . 2014-07-09 08:31 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-06-18 23:06 . 2014-07-09 08:31 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58 . 2014-07-09 08:31 2266112 ----a-w- c:\windows\system32\wininet.dll
2014-06-18 22:52 . 2014-07-09 08:31 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-06-18 22:51 . 2014-07-09 08:31 13527040 ----a-w- c:\windows\system32\ieframe.dll
2014-06-18 22:46 . 2014-07-09 08:31 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45 . 2014-07-09 08:31 1964544 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-06-18 22:34 . 2014-07-09 08:31 1393664 ----a-w- c:\windows\system32\urlmon.dll
2014-06-18 22:15 . 2014-07-09 08:31 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-06-18 22:13 . 2014-07-09 08:31 1791488 ----a-w- c:\windows\SysWow64\wininet.dll
2014-06-18 02:18 . 2014-07-09 08:32 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 08:32 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-18 01:10 . 2014-07-09 08:32 3157504 ----a-w- c:\windows\system32\win32k.sys
2014-06-06 10:10 . 2014-07-09 08:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 08:32 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 08:30 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 08:30 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 08:30 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 08:32 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 08:32 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 08:32 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 08:32 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 08:32 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 08:32 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 08:32 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 08:32 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 08:32 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 08:32 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 08:32 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 08:32 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 08:32 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 08:32 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 08:32 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-06-17 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-06-17 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-10 4085896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 vmuvcflt;Vimicro USB Camera Filter;c:\windows\system32\Drivers\vmuvcflt.sys;c:\windows\SYSNATIVE\Drivers\vmuvcflt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 14:01 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 18:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-10 22:29 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Radoslav\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-06-17 17:18 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-06-17 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-06-17 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-06-17 5908928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.202.32.3 195.162.161.182
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-08-15 15:01:19 - machine was rebooted
ComboFix-quarantined-files.txt 2014-08-15 13:01
ComboFix2.txt 2014-08-13 13:09
.
Pre-Run: 331 319 042 048 bytes free
Post-Run: 330 819 100 672 bytes free
.
- - End Of File - - 63170062941A4F63FDB6A7BF97D4E7FC

rado104 · Příspěvekod **rado104** » 15 srp 2014 15:30

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-15 15:15:57
-----------------------------
15:15:57.106 OS Version: Windows x64 6.1.7601 Service Pack 1
15:15:57.106 Number of processors: 2 586 0x2A07
15:15:57.106 ComputerName: RADOSLAV-PC UserName: Radoslav
15:15:58.526 Initialize success
15:15:58.526 VM: initialized successfully
15:15:58.572 VM: Intel CPU virtualization not supported
15:16:04.266 AVAST engine defs: 14081500
15:16:05.967 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
15:16:05.982 Disk 0 Vendor: WDC_WD50 02.0 Size: 476940MB BusType: 3
15:16:06.123 Disk 0 MBR read successfully
15:16:06.123 Disk 0 MBR scan
15:16:06.138 Disk 0 Windows 7 default MBR code
15:16:06.138 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
15:16:06.154 Disk 0 default boot code
15:16:06.185 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
15:16:06.185 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
15:16:06.216 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
15:16:06.248 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
15:16:06.310 Disk 0 scanning C:\windows\system32\drivers
15:16:15.998 Service scanning
15:16:40.786 Modules scanning
15:16:40.786 Disk 0 trace - called modules:
15:16:40.817 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:16:40.817 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80058bc060]
15:16:40.833 3 CLASSPNP.SYS[fffff88000dcc43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8003ba9050]
15:16:41.925 AVAST engine scan C:\windows
15:16:44.936 AVAST engine scan C:\windows\system32
15:19:27.051 AVAST engine scan C:\windows\system32\drivers
15:19:38.502 AVAST engine scan C:\Users\Radoslav
15:28:04.957 AVAST engine scan C:\ProgramData
15:29:02.255 Scan finished successfully
15:30:21.940 Disk 0 MBR has been saved successfully to "C:\Users\Radoslav\Desktop\MBR.dat"
15:30:21.940 The log file has been saved successfully to "C:\Users\Radoslav\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 16 srp 2014 11:23

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-

Jeden antivir odinstaluj , dva mít nemůžeš.

Pak nový Combofix.

rado104 · Příspěvekod **rado104** » 16 srp 2014 14:21

Chcem odinstalovať McAfee ale neviem ako lebo ho neviem nikde nájsť!!! s programov som ho už vymazal! ale ako ho vymažem úplne???

Příspěvekod **jaro3** » 17 srp 2014 09:36

Zkus tohle:
http://download.mcafee.com/products/lic ... s/MCPR.exe

rado104 · Příspěvekod **rado104** » 17 srp 2014 15:50

Vymezané!!!! Dúfam že tentokrát už na komplet!!!!!!!!!!!!!!!!!!

ComboFix 14-08-15.01 - Radoslav . 08. 2014 15:31:28.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3016.1624 [GMT 2:00]
Running from: c:\users\Radoslav\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2014-07-17 to 2014-08-17 )))))))))))))))))))))))))))))))
.
.
2014-08-17 13:37 . 2014-08-17 13:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-15 13:34 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-15 13:34 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-15 13:34 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-15 13:34 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-15 13:34 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-15 13:34 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-15 13:33 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-15 13:33 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 13:07 . 2014-06-16 02:10 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-15 13:05 . 2014-07-25 13:42 48128 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-08-15 13:03 . 2014-07-14 02:12 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4EF1740E-6C47-4D00-B306-3A17B6DAA3FF}\mpengine.dll
2014-08-12 09:21 . 2014-08-12 16:29 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-12 09:21 . 2014-08-12 09:21 -------- d-----w- c:\programdata\RogueKiller
2014-08-12 08:35 . 2014-08-12 08:35 -------- d-----w- c:\windows\ERUNT
2014-08-11 19:04 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-08-11 19:04 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-08-11 19:04 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-08-11 19:04 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-08-11 18:33 . 2014-08-12 09:07 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-11 18:33 . 2014-08-11 18:33 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-11 18:33 . 2014-08-11 18:33 -------- d-----w- c:\programdata\Malwarebytes
2014-08-11 18:33 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-11 18:33 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-11 18:33 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-11 18:33 . 2014-08-11 18:33 -------- d-----w- c:\users\Radoslav\AppData\Local\Programs
2014-08-11 18:29 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-11 18:28 . 2014-08-12 08:28 -------- d-----w- C:\AdwCleaner
2014-08-11 18:28 . 2014-08-12 09:24 -------- d-sh--w- c:\users\Radoslav\AppData\Local\EmieUserList
2014-08-11 18:28 . 2014-08-12 09:24 -------- d-sh--w- c:\users\Radoslav\AppData\Local\EmieSiteList
2014-08-11 18:27 . 2014-08-11 18:27 -------- d-----w- c:\users\Radoslav\AppData\Local\Broadcom
2014-08-10 22:52 . 2014-08-10 22:52 -------- d-----w- c:\program files\CCleaner
2014-08-10 22:32 . 2014-08-10 22:32 -------- d-----w- c:\users\Radoslav\AppData\Roaming\Dropbox
2014-08-10 22:31 . 2014-08-10 22:31 -------- d-----w- c:\users\Radoslav\AppData\Roaming\AVAST Software
2014-08-10 22:29 . 2014-08-10 22:30 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-10 22:29 . 2014-08-10 22:29 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-10 22:29 . 2014-08-10 22:29 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-10 22:29 . 2014-08-10 22:29 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-10 22:29 . 2014-08-10 22:29 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-10 22:29 . 2014-08-10 22:29 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-10 22:29 . 2014-08-10 22:29 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-10 22:29 . 2014-08-10 22:29 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-10 22:29 . 2014-08-10 22:29 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-10 22:29 . 2014-08-10 22:29 43152 ----a-w- c:\windows\avastSS.scr
2014-08-10 22:28 . 2014-08-10 22:28 -------- d-----w- c:\program files\AVAST Software
2014-08-10 22:27 . 2014-08-10 22:28 -------- d-----w- c:\programdata\AVAST Software
2014-08-10 22:01 . 2014-08-15 13:41 -------- d-----w- c:\windows\system32\MRT
2014-08-10 22:01 . 2014-08-10 22:01 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-10 22:01 . 2014-07-25 10:55 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-10 22:00 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-08-10 22:00 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2014-08-10 22:00 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2014-08-10 22:00 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2014-08-10 22:00 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-08-10 21:58 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-10 21:58 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-08-10 21:57 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-08-10 21:57 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-09 18:33 . 2013-12-13 17:42 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 18:33 . 2013-12-13 17:42 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-18 02:18 . 2014-07-09 08:32 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 08:32 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-09 08:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 08:32 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 08:30 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 08:30 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 08:30 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 08:32 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 08:32 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 08:32 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 08:32 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 08:32 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 08:32 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 08:32 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 08:32 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 08:32 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 08:32 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 08:32 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 08:32 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 08:32 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 08:32 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 08:32 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-06-17 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"331BigDog"="c:\program files (x86)\USB Camera\VM331_STI.EXE" [2010-01-15 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2011-06-17 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-10 4085896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 vm331avs;Digital Camera 1;c:\windows\system32\Drivers\vm331avs.sys;c:\windows\SYSNATIVE\Drivers\vm331avs.sys [x]
S3 vmuvcflt;Vimicro USB Camera Filter;c:\windows\system32\Drivers\vmuvcflt.sys;c:\windows\SYSNATIVE\Drivers\vmuvcflt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-19 14:01 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 18:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-10 22:29 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Radoslav\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-06-27 12:20 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-06-17 17:18 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-06-17 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-06-17 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-06-17 5908928]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 213.202.32.3 195.162.161.182
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2014-08-17 15:40:33
ComboFix-quarantined-files.txt 2014-08-17 13:40
ComboFix2.txt 2014-08-15 13:01
ComboFix3.txt 2014-08-13 13:09
.
Pre-Run: 332 548 620 288 bytes free
Post-Run: 332 125 708 288 bytes free
.
- - End Of File - - 4344ABB30338E77C4F72C4089CADA79D

Příspěvekod **jaro3** » 17 srp 2014 19:11

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT + info o problémech.

rado104 · Příspěvekod **rado104** » 17 srp 2014 23:06

No neviem ale nezdá sa mi to ešte lebo teraz ide super ale ešte pred 10 minútami sa NB zapínal asi 5min. neviem prečo ale teraz keď som dal reštart po OTC tak za zapol hneď!!! Podľa mňa tam ešte niečo nebude v poriadku
LOG::::::::::::::::::::::::::::::::
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:03:59, on 17. 8. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera\VM331_STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Radoslav\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9901 bytes

Příspěvekod **jaro3** » 18 srp 2014 09:26

Stáhni si na svojí plochu StartupLite .exe by MalwareBytes

Tento program identifikuje a dává volbu k odstranění nepotřebných položek k vyprázdnění paměti.
Poklepej na ikonu StartupLite.exe (by MalwareBytes ) ke spuštění programu. Ve vistě a windows 7 spusť jako správce (pravým klik na ikonu a vyber-spustit jako správce).Vytvoří se list nepotřebných vstupů po spuštění. Nech všechny položky jako deaktivované a klikni na Continue . Restartuj PC.

Pak napiš , co problémy.

rado104 · Příspěvekod **rado104** » 18 srp 2014 15:59

Spravené... skúsil som vypnúť - zapnúť NB a zapol sa celkom rýchlo...takže asi to bude OK...keby niečo ozvem sa!!!
Ďakujem za pomoc

Prosím o kontrolu LOGU Vyřešeno

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Kdo je online