Zničené ovladače, pomalý PC Vyřešeno

[Orcus]

Hmm, jedna z možných příčin balastu + jsi v RogueKilleru nic neoznačil, takže znovu a lépe.

[Reklama]

[Scanner]

Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by Zkuýka on ne 04.01.2015 at 19:07:33,20.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ZKUKA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.1.2015 19:08:55 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\Program Files\PowerISO deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~2\Shopping Suggestion deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\ZKUKA~1\AppData\Local\LumaEmu" deleted

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)



==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=133 folders=88 161193616 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ZKUKA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 04.01.2015 at 19:24:51,37 ======================

[Scanner]

Co to je balast?

Nemůžu najít tu zprávu z čištění toho killeru. Potom čištění jsem musel restartovat počítač, protože mi nešel internet.

[jaro3]

Udělej sken RK ještě jednou.

[Scanner]

RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Zkuřka [Práva správce]
Mód : Prohledat -- Datum : 01/05/2015 12:20:45

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3EABD7CE-AD96-4532-AB18-A36DF5F187FA} | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3EABD7CE-AD96-4532-AB18-A36DF5F187FA} | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3EABD7CE-AD96-4532-AB18-A36DF5F187FA} | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA632 ATA Device +++++
--- User ---
[MBR] a82779b25e0cb5881934c1ca732a29fb
[BSP] c945ffedc6472dcf8bb589ce98e452b8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 149900 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 307202048 | Size: 803867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SAMSUNG HD753LJ ATA Device +++++
--- User ---
[MBR] 4de7d93eebd0bde0a49f043689127bfa
[BSP] 86aeddf56fdaf8bcb32c67f734b60a62 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive5: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_DEL_01042015_190337.log - RKreport_DEL_01042015_190402.log - RKreport_DEL_01042015_190403.log - RKreport_DEL_01042015_190405.log
RKreport_DEL_01042015_193901.log - RKreport_DEL_07022014_115529.log - RKreport_DEL_07092014_112847.log - RKreport_SCN_01032015_131600.log
RKreport_SCN_01042015_190331.log - RKreport_SCN_01042015_193808.log - RKreport_SCN_07012014_225714.log - RKreport_SCN_07022014_115518.log
RKreport_SCN_07052014_120649.log - RKreport_SCN_07082014_214842.log - RKreport_SCN_07092014_112753.log

[Scanner]

RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Zkuřka [Práva správce]
Mód : Smazat -- Datum : 01/05/2015 12:22:12

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3EABD7CE-AD96-4532-AB18-A36DF5F187FA} | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3EABD7CE-AD96-4532-AB18-A36DF5F187FA} | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{3EABD7CE-AD96-4532-AB18-A36DF5F187FA} | DhcpNameServer : 77.48.254.254 77.48.100.254 [(Unknown Country?) (XX)][(Unknown Country?) (XX)] -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-2669622944-699700961-1277766417-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA632 ATA Device +++++
--- User ---
[MBR] a82779b25e0cb5881934c1ca732a29fb
[BSP] c945ffedc6472dcf8bb589ce98e452b8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 149900 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 307202048 | Size: 803867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SAMSUNG HD753LJ ATA Device +++++
--- User ---
[MBR] 4de7d93eebd0bde0a49f043689127bfa
[BSP] 86aeddf56fdaf8bcb32c67f734b60a62 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 715402 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive5: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_DEL_01042015_190337.log - RKreport_DEL_01042015_190402.log - RKreport_DEL_01042015_190403.log - RKreport_DEL_01042015_190405.log
RKreport_DEL_01042015_193901.log - RKreport_DEL_07022014_115529.log - RKreport_DEL_07092014_112847.log - RKreport_SCN_01032015_131600.log
RKreport_SCN_01042015_190331.log - RKreport_SCN_01042015_193808.log - RKreport_SCN_07012014_225714.log - RKreport_SCN_07022014_115518.log
RKreport_SCN_07052014_120649.log - RKreport_SCN_07082014_214842.log - RKreport_SCN_07092014_112753.log - RKreport_SCN_01052015_122045.log

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Scanner]

Tak takle dlouhý jsem to snad ještě neměl.

ComboFix 15-01-05.01 - Zkuřka 05.01.2015 19:20:49.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4079.3332 [GMT 1:00]
Spuštěný z: c:\users\Zku°ka\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-05 do 2015-01-05 )))))))))))))))))))))))))))))))
.
.
2015-01-05 18:26 . 2015-01-05 18:26 -------- d-----w- c:\users\ZKUKA~2\AppData\Local\temp
2015-01-05 18:26 . 2015-01-05 18:26 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-05 18:26 . 2015-01-05 18:26 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-05 18:26 . 2015-01-05 18:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-04 18:22 . 2015-01-04 18:07 24064 ----a-w- c:\windows\zoek-delete.exe
2015-01-04 18:22 . 2015-01-05 18:29 -------- d-----w- c:\users\Zkuřka\AppData\Local\Temp
2015-01-04 18:07 . 2015-01-04 18:20 -------- d-----w- C:\zoek_backup
2015-01-02 09:33 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1DFC5110-3B91-41B5-990D-D613B83C8A0B}\mpengine.dll
2014-12-31 14:24 . 2015-01-05 17:20 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-31 14:24 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-31 14:24 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-31 14:24 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-31 14:08 . 2015-01-03 12:03 -------- d-----w- C:\AdwCleaner
2014-12-23 15:22 . 2014-12-23 15:22 942808 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-12-23 15:22 . 2014-12-23 15:22 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-12-23 15:20 . 2014-12-23 15:20 4263128 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-12-23 15:20 . 2014-12-23 15:20 2860760 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-12-23 15:20 . 2014-12-23 15:20 3186544 ----a-w- c:\windows\system32\RtkApi64.dll
2014-12-23 15:20 . 2014-12-23 15:20 629464 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-12-23 15:20 . 2014-12-23 15:20 1287384 ----a-w- c:\windows\system32\RTCOM64.dll
2014-12-23 15:20 . 2014-12-23 15:20 2827120 ----a-w- c:\windows\system32\RltkAPO64.dll
2014-12-23 15:20 . 2014-12-23 15:20 959704 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-12-23 15:20 . 2014-12-23 15:20 560328 ----a-w- c:\windows\system32\AERTAC64.dll
2014-12-23 08:30 . 2014-12-23 08:29 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-23 08:25 . 2014-12-23 08:25 -------- d-----w- c:\program files\Realtek
2014-12-23 08:25 . 2014-12-23 15:21 -------- d-----w- c:\windows\SysWow64\RTCOM
2014-12-23 08:23 . 2014-12-23 08:23 397592 ----a-w- c:\windows\system32\MBWrp64.dll
2014-12-23 08:23 . 2014-12-23 08:23 897152 ----a-w- c:\windows\system32\MBAPO64.dll
2014-12-23 08:23 . 2014-12-23 08:23 753280 ----a-w- c:\windows\SysWow64\MBAPO32.dll
2014-12-23 08:23 . 2014-12-23 08:23 65112 ----a-w- c:\windows\system32\MBppld64.dll
2014-12-23 08:23 . 2014-12-23 08:23 60504 ----a-w- c:\windows\system32\MBPPCn64.dll
2014-12-23 08:23 . 2014-12-23 08:23 2041432 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2014-12-23 08:23 . 2014-12-23 08:23 1063512 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2014-12-23 08:23 . 2014-12-23 08:23 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2014-12-23 08:23 . 2014-12-23 08:23 2770976 ----a-w- c:\windows\system32\FMAPO64.dll
2014-12-23 08:23 . 2014-12-23 08:23 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-12-23 08:23 . 2014-12-23 08:23 108640 ----a-w- c:\windows\system32\AERTAR64.dll
2014-12-23 08:15 . 2014-12-23 08:15 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2014-12-22 11:40 . 2014-12-22 11:40 -------- d-----w- c:\users\Zkuřka\AppData\Local\ali213GameLauncher
2014-12-20 10:57 . 2014-12-20 10:57 -------- d-----w- c:\users\Zkuřka
2014-12-18 15:01 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 15:01 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 18:50 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-16 18:50 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-10 14:31 . 2014-12-10 14:31 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 14:04 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 14:04 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 11:08 . 2014-11-27 01:43 389296 ----a-w- c:\windows\system32\iedkcs32.dll
2014-12-07 17:47 . 2014-12-07 17:47 -------- d-----w- c:\users\Zkuka
2014-12-06 23:26 . 2014-12-19 11:31 -------- d-----w- c:\users\Zkuřka\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-05 11:17 . 2014-07-08 19:44 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-23 15:22 . 2013-11-30 14:17 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-12-23 08:30 . 2014-03-28 11:29 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-23 08:30 . 2014-03-28 11:29 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 14:08 . 2013-11-30 14:41 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-24 13:04 . 2013-11-30 14:33 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-22 10:46 . 2014-04-10 11:01 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-18 19:47 . 2014-11-18 19:47 1691816 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 08:02 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 08:02 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 08:02 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 08:02 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 11:08 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 16:10 . 2014-10-25 16:10 30424 ----a-w- c:\windows\system32\drivers\ggsomc.sys
2014-10-25 16:10 . 2014-10-25 16:10 16088 ----a-w- c:\windows\system32\drivers\ggflt.sys
2014-10-25 01:57 . 2014-11-12 09:35 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 09:35 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 09:33 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 09:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 09:35 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 09:35 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 09:34 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 09:35 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 09:35 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 09:35 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 09:35 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 09:34 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 09:35 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 09:35 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 09:35 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 07:59 . 2014-10-10 07:59 63160 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2014-10-10 07:59 . 2014-10-10 07:59 44632 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2014-10-10 07:59 . 2014-10-10 07:59 243440 ----a-w- c:\windows\system32\drivers\eamonm.sys
2014-10-10 07:59 . 2014-10-10 07:59 241368 ----a-w- c:\windows\system32\drivers\edevmon.sys
2014-10-10 07:59 . 2014-10-10 07:59 222280 ----a-w- c:\windows\system32\drivers\epfw.sys
2014-10-10 07:59 . 2014-10-10 07:59 169280 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2014-10-10 00:57 . 2014-11-12 09:34 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-08 13:13 . 2014-08-13 16:02 127760 ----a-w- c:\windows\system32\drivers\scdemu.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:19 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:19 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:19 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30872168]
"CCleaner Monitoring"="e:\ccleaner\CCleaner64.exe" [2014-12-12 7394584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
"PWRISOVM.EXE"="e:\poweriso\PWRISOVM.EXE" [2014-10-08 408888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;e:\malwarebytes anti-malware\mbamservice.exe;e:\malwarebytes anti-malware\mbamservice.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 Origin Client Service;Origin Client Service;e:\origin\OriginClientService.exe;e:\origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - NVSTREAMKMS
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 08:49 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-28 08:30]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 15:54]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-30 15:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-09-06 09:05 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-10-01 5595336]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-12-23 13774040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar para o Microsoft Excel - e:\office~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,5f,61,81,e3,e6,ef,4a,8f,dc,ce,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,5f,61,81,e3,e6,ef,4a,8f,dc,ce,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
e:\malwarebytes anti-malware\mbamscheduler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\BlueStacks\HD-Service.exe
c:\program files (x86)\BlueStacks\HD-Network.exe
c:\program files (x86)\BlueStacks\HD-BlockDevice.exe
c:\program files (x86)\BlueStacks\HD-SharedFolder.exe
.
**************************************************************************
.
Celkový čas: 2015-01-05 19:33:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-05 18:33
.
Před spuštěním: Volných bajtů: 37 610 299 392
Po spuštění: Volných bajtů: 37 327 114 240
.
- - End Of File - - BA529E8CA3E7B258DFE96BAB865AA5A2
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update

Driver::

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,5f,61,81,e3,e6,ef,4a,8f,dc,ce,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
 d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a5,5f,61,81,e3,e6,ef,4a,8f,dc,ce,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Scanner]

ComboFix 15-01-05.01 - Zkuřka 06.01.2015 19:24:52.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4079.3099 [GMT 1:00]
Spuštěný z: c:\users\Zkuřka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Zkuřka\Desktop\CFScript.txt
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.25.11\goopdate.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.25.11\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine.dll
c:\program files (x86)\Google\Update\1.3.25.11\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser.dll
c:\program files (x86)\Google\Update\1.3.25.11\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.95\39.0.2171.95_39.0.2171.71_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-06 do 2015-01-06 )))))))))))))))))))))))))))))))
.
.
2015-01-06 18:30 . 2015-01-06 18:30 -------- d-----w- c:\users\ZKUKA~2\AppData\Local\temp
2015-01-06 18:30 . 2015-01-06 18:30 -------- d-----w- c:\users\Zkuka\AppData\Local\temp
2015-01-06 18:30 . 2015-01-06 18:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-01-06 18:30 . 2015-01-06 18:30 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-01-06 18:30 . 2015-01-06 18:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-06 12:54 . 2014-12-02 10:26 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A7FAE61-F45E-4A73-8B85-815BBAA1DB9C}\mpengine.dll
2015-01-04 18:22 . 2015-01-04 18:07 24064 ----a-w- c:\windows\zoek-delete.exe
2015-01-04 18:22 . 2015-01-06 18:33 -------- d-----w- c:\users\Zkuřka\AppData\Local\Temp
2015-01-04 18:07 . 2015-01-04 18:20 -------- d-----w- C:\zoek_backup
2014-12-31 14:24 . 2015-01-06 17:19 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-31 14:24 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-31 14:24 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-31 14:24 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-31 14:08 . 2015-01-03 12:03 -------- d-----w- C:\AdwCleaner
2014-12-23 15:22 . 2014-12-23 15:22 942808 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-12-23 15:22 . 2014-12-23 15:22 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-12-23 15:20 . 2014-12-23 15:20 4263128 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2014-12-23 15:20 . 2014-12-23 15:20 2860760 ----a-w- c:\windows\system32\RtPgEx64.dll
2014-12-23 15:20 . 2014-12-23 15:20 3186544 ----a-w- c:\windows\system32\RtkApi64.dll
2014-12-23 15:20 . 2014-12-23 15:20 629464 ----a-w- c:\windows\system32\RtDataProc64.dll
2014-12-23 15:20 . 2014-12-23 15:20 1287384 ----a-w- c:\windows\system32\RTCOM64.dll
2014-12-23 15:20 . 2014-12-23 15:20 2827120 ----a-w- c:\windows\system32\RltkAPO64.dll
2014-12-23 15:20 . 2014-12-23 15:20 959704 ----a-w- c:\windows\system32\RCoInstII64.dll
2014-12-23 15:20 . 2014-12-23 15:20 560328 ----a-w- c:\windows\system32\AERTAC64.dll
2014-12-23 08:30 . 2014-12-23 08:29 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-23 08:25 . 2014-12-23 08:25 -------- d-----w- c:\program files\Realtek
2014-12-23 08:25 . 2014-12-23 15:21 -------- d-----w- c:\windows\SysWow64\RTCOM
2014-12-23 08:23 . 2014-12-23 08:23 397592 ----a-w- c:\windows\system32\MBWrp64.dll
2014-12-23 08:23 . 2014-12-23 08:23 897152 ----a-w- c:\windows\system32\MBAPO64.dll
2014-12-23 08:23 . 2014-12-23 08:23 753280 ----a-w- c:\windows\SysWow64\MBAPO32.dll
2014-12-23 08:23 . 2014-12-23 08:23 65112 ----a-w- c:\windows\system32\MBppld64.dll
2014-12-23 08:23 . 2014-12-23 08:23 60504 ----a-w- c:\windows\system32\MBPPCn64.dll
2014-12-23 08:23 . 2014-12-23 08:23 2041432 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2014-12-23 08:23 . 2014-12-23 08:23 1063512 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2014-12-23 08:23 . 2014-12-23 08:23 318808 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2014-12-23 08:23 . 2014-12-23 08:23 2770976 ----a-w- c:\windows\system32\FMAPO64.dll
2014-12-23 08:23 . 2014-12-23 08:23 113576 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-12-23 08:23 . 2014-12-23 08:23 108640 ----a-w- c:\windows\system32\AERTAR64.dll
2014-12-23 08:15 . 2014-12-23 08:15 26528 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2014-12-22 11:40 . 2014-12-22 11:40 -------- d-----w- c:\users\Zkuřka\AppData\Local\ali213GameLauncher
2014-12-20 10:57 . 2015-01-05 18:33 -------- d-----w- c:\users\Zkuřka
2014-12-18 15:01 . 2014-12-13 05:09 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-12-18 15:01 . 2014-12-13 03:33 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-12-16 18:50 . 2014-11-22 10:46 38032 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-12-16 18:50 . 2014-11-22 10:46 32400 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-12-10 14:31 . 2014-12-10 14:31 -------- d-----w- c:\windows\system32\appraiser
2014-12-10 14:04 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2014-12-10 14:04 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2014-12-10 11:08 . 2014-11-27 01:43 389296 ----a-w- c:\windows\system32\iedkcs32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-05 11:17 . 2014-07-08 19:44 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-23 15:22 . 2013-11-30 14:17 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-12-23 08:30 . 2014-03-28 11:29 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-23 08:30 . 2014-03-28 11:29 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 14:08 . 2013-11-30 14:41 112710672 ----a-w- c:\windows\system32\MRT.exe
2014-11-24 13:04 . 2013-11-30 14:33 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-22 10:46 . 2014-04-10 11:01 35472 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-11-18 19:47 . 2014-11-18 19:47 1691816 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 03:08 . 2014-11-19 08:02 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 08:02 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 08:02 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 08:02 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-10-30 02:03 . 2014-12-10 11:08 165888 ----a-w- c:\windows\system32\charmap.exe
2014-10-25 16:10 . 2014-10-25 16:10 30424 ----a-w- c:\windows\system32\drivers\ggsomc.sys
2014-10-25 16:10 . 2014-10-25 16:10 16088 ----a-w- c:\windows\system32\drivers\ggflt.sys
2014-10-25 01:57 . 2014-11-12 09:35 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 09:35 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 09:33 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 09:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 09:35 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 09:35 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 09:34 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 09:35 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 09:35 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 09:35 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 09:35 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 09:34 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 09:35 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 09:35 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 09:35 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-10-10 07:59 . 2014-10-10 07:59 63160 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2014-10-10 07:59 . 2014-10-10 07:59 44632 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2014-10-10 07:59 . 2014-10-10 07:59 243440 ----a-w- c:\windows\system32\drivers\eamonm.sys
2014-10-10 07:59 . 2014-10-10 07:59 241368 ----a-w- c:\windows\system32\drivers\edevmon.sys
2014-10-10 07:59 . 2014-10-10 07:59 222280 ----a-w- c:\windows\system32\drivers\epfw.sys
2014-10-10 07:59 . 2014-10-10 07:59 169280 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2014-10-10 00:57 . 2014-11-12 09:34 3198976 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-11-12 16:19 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-11-12 16:19 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-11-12 16:19 1729744 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\daemon tools lite\DTLite.exe" [2014-03-04 3696912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30872168]
"CCleaner Monitoring"="e:\ccleaner\CCleaner64.exe" [2014-12-12 7394584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPUsageTrackingLEDM"="c:\program files (x86)\HP\HP UT LEDM\bin\hppusg.exe" [2009-10-15 30264]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-08-13 835288]
"PWRISOVM.EXE"="e:\poweriso\PWRISOVM.EXE" [2014-10-08 408888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;e:\malwarebytes anti-malware\mbamservice.exe;e:\malwarebytes anti-malware\mbamservice.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 Origin Client Service;Origin Client Service;e:\origin\OriginClientService.exe;e:\origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-12 08:49 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-28 08:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-09-06 09:05 2471744 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-09-17 2799784]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-10-01 5595336]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-12-23 13774040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar para o Microsoft Excel - e:\office~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 77.48.254.254 77.48.100.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
e:\malwarebytes anti-malware\mbamscheduler.exe
c:\program files (x86)\BlueStacks\HD-Service.exe
c:\program files (x86)\BlueStacks\HD-Network.exe
c:\program files (x86)\BlueStacks\HD-BlockDevice.exe
c:\program files (x86)\BlueStacks\HD-SharedFolder.exe
.
**************************************************************************
.
Celkový čas: 2015-01-06 19:38:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-06 18:37
ComboFix2.txt 2015-01-05 18:33
.
Před spuštěním: Volných bajtů: 38 761 234 432
Po spuštění: Volných bajtů: 38 513 491 968
.
- - End Of File - - AAFE12FD5AC01B86FF187910BA68A9E3
A36C5E4F47E84449FF07ED3517B43A31

[Scanner]

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-06 19:40:06
-----------------------------
19:40:06.650 OS Version: Windows x64 6.1.7601 Service Pack 1
19:40:06.650 Number of processors: 4 586 0x2A07
19:40:06.650 ComputerName: GANJA UserName:
19:40:25.930 Initialize success
19:40:26.010 VM: initialized successfully
19:40:26.020 VM: Intel CPU supported
19:40:42.810 VM: supported disk I/O ataport.SYS
19:40:48.610 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:40:48.620 Disk 0 Vendor: Hitachi_HDS721010CLA632 JP4OA41A Size: 953869MB BusType: 3
19:40:48.620 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-5
19:40:48.620 Disk 1 Vendor: SAMSUNG_HD753LJ 1AA01113 Size: 715404MB BusType: 3
19:40:48.800 Disk 0 MBR read successfully
19:40:48.800 Disk 0 MBR scan
19:40:48.810 Disk 0 Windows 7 default MBR code
19:40:48.820 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:40:48.840 Disk 0 Boot: NTFS code=2
19:40:48.840 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 149900 MB offset 206848
19:40:48.860 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 803867 MB offset 307202048
19:40:48.910 Disk 0 scanning C:\Windows\system32\drivers
19:41:02.800 Service scanning
19:41:06.690 Service ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
19:41:06.910 Service epfw C:\Windows\system32\DRIVERS\epfw.sys **LOCKED** 5
19:41:06.940 Service EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys **LOCKED** 5
19:41:06.960 Service epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
19:41:15.660 Modules scanning
19:41:15.660 Disk 0 trace - called modules:
19:41:15.710 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:41:15.710 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049e9060]
19:41:15.710 3 CLASSPNP.SYS[fffff880018d843f] -> nt!IofCallDriver -> [0xfffffa80047fb520]
19:41:15.720 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80047e4060]
19:41:15.720 Disk 0 statistics 94306/0/0 @ 3,79 MB/s
19:41:15.730 Scan finished successfully
19:41:54.111 Disk 0 MBR has been saved successfully to "C:\Users\Zkuřka\Desktop\MBR.dat"
19:41:54.111 The log file has been saved successfully to "C:\Users\Zkuřka\Desktop\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Vlož nový log z HJT + info o problémech.