Prosím o kontrolu logu Vyřešeno

[J_JERY]

Nechal jsem běžet zoek přes noc přesně podle návodu a ráno, když jsem si myslel že to bude tak nic ..... je možné že to na mém PC nefunguje nebo jsem jen počítačovej Bulbasaurus??

[Reklama]

[jerabina]

Na jakém řádku se to zaseklo?

Zoek prozatím přeskoč a udělej ten ComboFix

[J_JERY]

Nevím proč, ale i když postupupju podle návodu tak ten Zoek mi prostě nefunguje. Po zadání script a mačknutí run script .... na napíše jen pár vět o bodu obnovy atd ... a dál už to nic nedělá ... dělal jsem to takhle asi 5x, nechal jsem to i celou noc a ráno to samé okno bez logu. Nevíte kde může být problém ??

[jerabina]

Udělej printscreen obrazovky v tom momentě, kdy přestane Zoek fungovat a vlož ho sem.

+ pokračuj ComboFixem.

[J_JERY]

ComboFix 15-07-12.01 - Shaggy . 07. 2015 23:05:37.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3976.2701 [GMT 2:00]
Spuštěný z: c:\users\Shaggy\Desktop\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\SysWow64\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\combofix\HarddiskVolumeShadowCopy5_!Windows!SysWOW64!userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-14 do 2015-07-14 )))))))))))))))))))))))))))))))
.
.
2015-07-14 21:16 . 2015-07-14 21:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-14 19:02 . 2015-07-14 19:02 -------- d-----w- c:\users\Shaggy\AppData\Local\Intel
2015-07-14 19:02 . 2015-07-14 19:02 -------- d-----w- c:\program files (x86)\Intel Driver Update Utility
2015-07-14 19:02 . 2015-07-14 19:02 -------- d-----w- c:\programdata\Package Cache
2015-07-10 19:51 . 2015-07-10 19:51 -------- d-----w- C:\zoek_backup
2015-07-10 11:04 . 2015-07-10 19:37 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-07-10 11:04 . 2015-07-10 11:21 -------- d-----w- c:\programdata\RogueKiller
2015-07-09 23:30 . 2015-07-10 10:46 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-09 23:29 . 2015-07-09 23:29 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-07-09 23:29 . 2015-07-09 23:29 -------- d-----w- c:\programdata\Malwarebytes
2015-07-09 23:29 . 2015-06-18 06:42 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-09 23:29 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-09 23:29 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-09 23:25 . 2015-07-10 10:37 -------- d-----w- C:\AdwCleaner
2015-06-25 23:21 . 2015-06-25 23:30 -------- d-----w- C:\temp
2015-06-25 23:16 . 2015-06-25 23:26 -------- d-----w- c:\users\Shaggy\.yawcam
2015-06-25 23:16 . 2015-06-25 23:17 -------- d-----w- c:\program files (x86)\Yawcam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-11 10:09 . 2014-12-01 19:55 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-07-06 21:34 . 2014-11-16 18:16 792032 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-06 21:34 . 2014-11-16 18:16 177632 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 09:39 . 2013-01-27 06:21 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-05-28 02:04 . 2015-06-10 09:11 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2015-05-28 02:03 . 2015-06-10 09:11 2237440 ----a-w- c:\windows\system32\wininet.dll
2015-05-28 02:03 . 2015-06-10 09:11 601600 ----a-w- c:\windows\system32\vbscript.dll
2015-05-28 02:03 . 2015-06-10 09:11 915968 ----a-w- c:\windows\system32\uxtheme.dll
2015-05-28 02:03 . 2015-06-10 09:11 53760 ----a-w- c:\windows\system32\UXInit.dll
2015-05-28 02:03 . 2015-06-10 09:11 1409024 ----a-w- c:\windows\system32\urlmon.dll
2015-05-28 02:02 . 2015-06-10 09:11 197120 ----a-w- c:\windows\system32\msrating.dll
2015-05-28 02:02 . 2015-06-10 09:11 19291136 ----a-w- c:\windows\system32\mshtml.dll
2015-05-28 02:02 . 2015-06-10 09:11 97280 ----a-w- c:\windows\system32\mshtmled.dll
2015-05-28 02:02 . 2015-06-10 09:11 603136 ----a-w- c:\windows\system32\msfeeds.dll
2015-05-28 02:01 . 2015-06-10 09:11 3959296 ----a-w- c:\windows\system32\jscript9.dll
2015-05-28 02:01 . 2015-06-10 09:11 53760 ----a-w- c:\windows\system32\jsproxy.dll
2015-05-28 02:01 . 2015-06-10 09:11 856064 ----a-w- c:\windows\system32\jscript.dll
2015-05-28 02:01 . 2015-06-10 09:11 949760 ----a-w- c:\windows\system32\inetcomm.dll
2015-05-28 02:01 . 2015-06-10 09:11 67072 ----a-w- c:\windows\system32\iesetup.dll
2015-05-28 02:01 . 2015-06-10 09:11 2656768 ----a-w- c:\windows\system32\iertutil.dll
2015-05-28 02:01 . 2015-06-10 09:11 136704 ----a-w- c:\windows\system32\iesysprep.dll
2015-05-28 02:01 . 2015-06-10 09:11 15415808 ----a-w- c:\windows\system32\ieframe.dll
2015-05-28 02:01 . 2015-06-10 09:11 39936 ----a-w- c:\windows\system32\iernonce.dll
2015-05-28 02:01 . 2015-06-10 09:11 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2015-05-28 02:01 . 2015-06-10 09:11 281600 ----a-w- c:\windows\system32\dxtrans.dll
2015-05-28 02:01 . 2015-06-10 09:11 451584 ----a-w- c:\windows\system32\dxtmsft.dll
2015-05-28 02:00 . 2015-06-10 09:11 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2015-05-28 00:45 . 2015-06-10 09:11 1763328 ----a-w- c:\windows\SysWow64\wininet.dll
2015-05-28 00:45 . 2015-06-10 09:11 524288 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-05-28 00:45 . 2015-06-10 09:11 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2015-05-28 00:43 . 2015-06-10 09:11 2865152 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-05-28 00:43 . 2015-06-10 09:11 737280 ----a-w- c:\windows\SysWow64\inetcomm.dll
2015-05-28 00:43 . 2015-06-10 09:11 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-05-28 00:43 . 2015-06-10 09:11 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-05-28 00:43 . 2015-06-10 09:11 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-05-28 00:24 . 2015-06-10 09:11 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2015-05-28 00:23 . 2015-06-10 09:11 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-05-28 00:22 . 2015-06-10 09:11 84480 ----a-w- c:\windows\system32\INETRES.dll
2015-05-28 00:20 . 2015-06-10 09:11 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2015-05-28 00:00 . 2015-06-10 09:11 441856 ----a-w- c:\windows\system32\html.iec
2015-05-27 23:55 . 2015-06-10 09:11 361984 ----a-w- c:\windows\SysWow64\html.iec
2015-05-27 22:14 . 2015-06-10 09:11 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll
2015-05-22 20:46 . 2015-06-10 09:31 700416 ----a-w- c:\windows\system32\generaltel.dll
2015-05-22 20:44 . 2015-06-10 09:31 756736 ----a-w- c:\windows\system32\invagent.dll
2015-05-22 20:44 . 2015-06-10 09:31 422912 ----a-w- c:\windows\system32\devinv.dll
2015-05-22 20:44 . 2015-06-10 09:31 1020928 ----a-w- c:\windows\system32\appraiser.dll
2015-05-22 20:44 . 2015-06-10 09:31 193536 ----a-w- c:\windows\system32\aepic.dll
2015-05-22 20:44 . 2015-06-10 09:31 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-05-22 20:44 . 2015-06-10 09:31 45568 ----a-w- c:\windows\system32\acmigration.dll
2015-05-21 18:07 . 2015-06-10 09:09 4067840 ----a-w- c:\windows\system32\win32k.sys
2015-05-21 13:08 . 2015-06-10 09:31 1119232 ----a-w- c:\windows\system32\aeinv.dll
2015-05-08 23:39 . 2015-06-10 09:12 981504 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-08 20:05 . 2015-06-10 09:12 668160 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-02 06:28 . 2015-05-12 19:07 100184 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-05-02 03:59 . 2015-05-12 19:07 318976 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 03:36 . 2015-05-12 19:07 413696 ----a-w- c:\windows\system32\schannel.dll
2015-04-30 13:07 . 2015-05-12 20:37 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-30 13:07 . 2015-05-12 20:37 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-25 03:41 . 2015-06-10 09:10 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-04-24 23:13 . 2015-06-10 09:10 652288 ----a-w- c:\windows\system32\comctl32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-07-18 578560]
"Steam"="c:\hry\Steam\Steam.exe" [2015-05-15 2888384]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"HP HD Webcam Driver_Monitor"="c:\program files (x86)\HP HD Webcam Driver\monitor.exe" [2012-07-26 303480]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-24 491120]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2012-09-19 371976]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-29 73832]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-06-05 683656]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2013-10-16 337184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-08-01 21:56 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\System32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 Bulk;HDJBulk;c:\windows\System32\Drivers\HDJBulk.sys;c:\windows\SYSNATIVE\Drivers\HDJBulk.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNe64.sys;c:\windows\SYSNATIVE\DRIVERS\NETwNe64.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 SmbDrvI;SmbDrvI;c:\windows\System32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\System32\drivers\ssadbus.sys;c:\windows\SYSNATIVE\drivers\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys;c:\windows\SYSNATIVE\DRIVERS\ssudobex.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 awqpfakidihyhj;awqpfakidihyhj;c:\windows\SysWOW64\joqfgxzc.exe;c:\windows\SysWOW64\joqfgxzc.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SensorsServiceDriver;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\System32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\System32\drivers\WUDFRd.sys;c:\windows\SYSNATIVE\drivers\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 17:13 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-27 17:41]
.
2015-07-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1312245101-2466051487-2751029402-1002Core.job
- c:\users\Shaggy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-01 21:33]
.
2015-07-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1312245101-2466051487-2751029402-1002UA.job
- c:\users\Shaggy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-01 21:33]
.
2015-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23 12:09]
.
2015-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-23 12:09]
.
2015-07-11 c:\windows\Tasks\HPCeeScheduleForShaggy.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-23 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-23 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-23 441152]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-14 1664000]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - c:\program files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\program files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-ISW - (no file)
AddRemove-{28F19F09-F228-49cb-8B90-F97DA7180DD4} - c:\programdata\{F73ECF31-9B8F-41B0-8DFB-7FD290528417}\Traktor Kontrol S4 Driver Setup PC.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dng]
@DACL=(02 0000)
@SACL=(02 0000)
"PerceivedType"="image"
"Content Type"="image/DNG"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
c:\program files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\syswow64\wwahost.exe
.
**************************************************************************
.
Celkový čas: 2015-07-14 23:39:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-07-14 21:39
.
Před spuštěním: 430 732 386 304 bytes free
Po spuštění: 427 375 824 896 bytes free
.
- - End Of File - - AD8520DFCEA4BADD04266DE098CBBA36

[jerabina]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::

Collect::
c:\Windows\SysWOW64\joqfgxzc.exe

Driver::
awqpfakidihyhj

Folder::
c:\programdata\RogueKiller
c:\users\Shaggy\AppData\Local\Facebook\Update
c:\program files (x86)\Google\Update

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1312245101-2466051487-2751029402-1002Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1312245101-2466051487-2751029402-1002UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleForShaggy.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"DAEMON Tools Lite"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dng]
@DACL=(02 0000)
@SACL=(02 0000)
"PerceivedType"="image"
"Content Type"="image/DNG"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[J_JERY]

ComboFix 15-07-18.01 - Shaggy . 07. 2015 18:03:41.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3976.1261 [GMT 2:00]
Spuštěný z: c:\users\Shaggy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Shaggy\Desktop\CFScript.txt
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: ZoneAlarm Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1312245101-2466051487-2751029402-1002Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1312245101-2466051487-2751029402-1002UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\HPCeeScheduleForShaggy.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.28.1\goopdate.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.28.1\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.28.1\psmachine.dll
c:\program files (x86)\Google\Update\1.3.28.1\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.28.1\psuser.dll
c:\program files (x86)\Google\Update\1.3.28.1\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.134\43.0.2357.134_43.0.2357.132_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{0BCD79CF-8125-4C62-93AA-CB1F168C9A23}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{1114C979-21B2-4B72-BC1A-A1E666F19C42}\42.0.2311.90_41.0.2272.118_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{157A64E4-AE81-4EAB-8E54-85936704F58F}\40.0.2214.115_40.0.2214.111_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{3D7EDEB2-15E3-4DF8-9CF4-9A4E6991AABC}\43.0.2357.124_43.0.2357.81_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{4CAD9D8D-F2FE-44F5-9B20-A7BABBB52DEB}\43.0.2357.134_43.0.2357.132_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{52BDA51B-3590-484A-B94B-AE1F145392B4}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{63943E25-F402-436A-B180-A2ABD6474426}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{7ED3A71A-A685-4407-9B8A-C985BDD6B5A4}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{8396D988-5E75-4E24-B6BE-D3F24972BECE}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{8892BBAC-8D61-4097-9773-20DE3352CC6F}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{983C8B64-2E51-417B-A2C2-3AE9B5CF548F}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{AFC87B24-C1E4-4604-91C9-C3BFB335716A}\41.0.2272.101_41.0.2272.89_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{C321DF1E-405C-4A04-9AAF-E1624BB2F339}\43.0.2357.65_42.0.2311.152_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{D2A3A91D-8704-49E6-812D-18AA2724C25B}\43.0.2357.130_43.0.2357.124_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{DC7D6614-7977-455C-BD35-24726A282068}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Install\{DF28F52D-BA91-4704-BAC7-7FA41D3A078F}\43.0.2357.132_43.0.2357.130_chrome_updater.exe
c:\program files (x86)\Google\Update\Install\{FB7CDCB5-6DA3-4F76-B752-3994248649CB}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
c:\programdata\RogueKiller
c:\programdata\RogueKiller\config.ini
c:\programdata\RogueKiller\Debug\physicaldrive0_LL1_mbr
c:\programdata\RogueKiller\Debug\physicaldrive0_LL2_mbr
c:\programdata\RogueKiller\Debug\physicaldrive0_user_mbr
c:\programdata\RogueKiller\Logs\RKreport_DEL_07102015_214928.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_07102015_132107.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_07102015_214830.json
c:\programdata\RogueKiller\vt.cache
c:\users\Shaggy\AppData\Local\Facebook\Update
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Shaggy\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_awqpfakidihyhj
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-06-18 do 2015-07-18 )))))))))))))))))))))))))))))))
.
.
2015-07-18 16:15 . 2015-07-18 16:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-16 21:18 . 2015-07-16 21:18 -------- d-----w- c:\program files (x86)\MetaGeek
2015-07-16 20:11 . 2015-07-16 20:13 -------- d-----w- c:\users\Shaggy\AppData\Roaming\Seznam.cz
2015-07-16 20:11 . 2015-07-16 20:11 -------- d-----w- c:\users\Shaggy\AppData\Roaming\LizardSystems
2015-07-16 20:11 . 2015-07-16 20:11 -------- d-----w- c:\program files (x86)\LizardSystems
2015-07-16 20:08 . 2015-07-16 20:08 -------- d-sh--w- c:\users\Shaggy\AppData\Local\icsxml
2015-07-16 20:01 . 2015-07-16 20:01 -------- d-sh--w- c:\users\Shaggy\AppData\Local\ms-drivers
2015-07-16 20:01 . 2015-07-16 21:28 -------- d-----w- c:\users\Shaggy\AppData\Local\MetaGeek,_LLC
2015-07-14 21:39 . 2015-07-18 16:15 -------- d-----w- c:\users\Shaggy\AppData\Local\temp
2015-07-14 19:02 . 2015-07-14 19:02 -------- d-----w- c:\users\Shaggy\AppData\Local\Intel
2015-07-14 19:02 . 2015-07-14 19:02 -------- d-----w- c:\program files (x86)\Intel Driver Update Utility
2015-07-14 19:02 . 2015-07-14 19:02 -------- d-----w- c:\programdata\Package Cache
2015-07-10 19:51 . 2015-07-10 19:51 -------- d-----w- C:\zoek_backup
2015-07-10 11:04 . 2015-07-10 19:37 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-07-09 23:30 . 2015-07-10 10:46 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-09 23:29 . 2015-07-09 23:29 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-07-09 23:29 . 2015-07-09 23:29 -------- d-----w- c:\programdata\Malwarebytes
2015-07-09 23:29 . 2015-06-18 06:42 64216 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-09 23:29 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-09 23:29 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-09 23:25 . 2015-07-10 10:37 -------- d-----w- C:\AdwCleaner
2015-06-25 23:21 . 2015-06-25 23:30 -------- d-----w- C:\temp
2015-06-25 23:16 . 2015-06-25 23:26 -------- d-----w- c:\users\Shaggy\.yawcam
2015-06-25 23:16 . 2015-06-25 23:17 -------- d-----w- c:\program files (x86)\Yawcam
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-11 10:09 . 2014-12-01 19:55 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-07-06 21:34 . 2014-11-16 18:16 792032 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-06 21:34 . 2014-11-16 18:16 177632 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2013-01-27 06:21 130333168 ----a-w- c:\windows\system32\MRT.exe
2015-05-28 02:04 . 2015-06-10 09:11 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2015-05-28 02:03 . 2015-06-10 09:11 2237440 ----a-w- c:\windows\system32\wininet.dll
2015-05-28 02:03 . 2015-06-10 09:11 601600 ----a-w- c:\windows\system32\vbscript.dll
2015-05-28 02:03 . 2015-06-10 09:11 915968 ----a-w- c:\windows\system32\uxtheme.dll
2015-05-28 02:03 . 2015-06-10 09:11 53760 ----a-w- c:\windows\system32\UXInit.dll
2015-05-28 02:03 . 2015-06-10 09:11 1409024 ----a-w- c:\windows\system32\urlmon.dll
2015-05-28 02:02 . 2015-06-10 09:11 197120 ----a-w- c:\windows\system32\msrating.dll
2015-05-28 02:02 . 2015-06-10 09:11 19291136 ----a-w- c:\windows\system32\mshtml.dll
2015-05-28 02:02 . 2015-06-10 09:11 97280 ----a-w- c:\windows\system32\mshtmled.dll
2015-05-28 02:02 . 2015-06-10 09:11 603136 ----a-w- c:\windows\system32\msfeeds.dll
2015-05-28 02:01 . 2015-06-10 09:11 3959296 ----a-w- c:\windows\system32\jscript9.dll
2015-05-28 02:01 . 2015-06-10 09:11 53760 ----a-w- c:\windows\system32\jsproxy.dll
2015-05-28 02:01 . 2015-06-10 09:11 856064 ----a-w- c:\windows\system32\jscript.dll
2015-05-28 02:01 . 2015-06-10 09:11 949760 ----a-w- c:\windows\system32\inetcomm.dll
2015-05-28 02:01 . 2015-06-10 09:11 67072 ----a-w- c:\windows\system32\iesetup.dll
2015-05-28 02:01 . 2015-06-10 09:11 2656768 ----a-w- c:\windows\system32\iertutil.dll
2015-05-28 02:01 . 2015-06-10 09:11 136704 ----a-w- c:\windows\system32\iesysprep.dll
2015-05-28 02:01 . 2015-06-10 09:11 15415808 ----a-w- c:\windows\system32\ieframe.dll
2015-05-28 02:01 . 2015-06-10 09:11 39936 ----a-w- c:\windows\system32\iernonce.dll
2015-05-28 02:01 . 2015-06-10 09:11 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2015-05-28 02:01 . 2015-06-10 09:11 281600 ----a-w- c:\windows\system32\dxtrans.dll
2015-05-28 02:01 . 2015-06-10 09:11 451584 ----a-w- c:\windows\system32\dxtmsft.dll
2015-05-28 02:00 . 2015-06-10 09:11 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2015-05-28 00:45 . 2015-06-10 09:11 1763328 ----a-w- c:\windows\SysWow64\wininet.dll
2015-05-28 00:45 . 2015-06-10 09:11 524288 ----a-w- c:\windows\SysWow64\vbscript.dll
2015-05-28 00:45 . 2015-06-10 09:11 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2015-05-28 00:43 . 2015-06-10 09:11 2865152 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-05-28 00:43 . 2015-06-10 09:11 737280 ----a-w- c:\windows\SysWow64\inetcomm.dll
2015-05-28 00:43 . 2015-06-10 09:11 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2015-05-28 00:43 . 2015-06-10 09:11 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-05-28 00:43 . 2015-06-10 09:11 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2015-05-28 00:24 . 2015-06-10 09:11 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2015-05-28 00:23 . 2015-06-10 09:11 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-05-28 00:22 . 2015-06-10 09:11 84480 ----a-w- c:\windows\system32\INETRES.dll
2015-05-28 00:20 . 2015-06-10 09:11 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2015-05-28 00:00 . 2015-06-10 09:11 441856 ----a-w- c:\windows\system32\html.iec
2015-05-27 23:55 . 2015-06-10 09:11 361984 ----a-w- c:\windows\SysWow64\html.iec
2015-05-27 22:14 . 2015-06-10 09:11 534528 ----a-w- c:\windows\SysWow64\uxtheme.dll
2015-05-22 20:46 . 2015-06-10 09:31 700416 ----a-w- c:\windows\system32\generaltel.dll
2015-05-22 20:44 . 2015-06-10 09:31 756736 ----a-w- c:\windows\system32\invagent.dll
2015-05-22 20:44 . 2015-06-10 09:31 422912 ----a-w- c:\windows\system32\devinv.dll
2015-05-22 20:44 . 2015-06-10 09:31 1020928 ----a-w- c:\windows\system32\appraiser.dll
2015-05-22 20:44 . 2015-06-10 09:31 193536 ----a-w- c:\windows\system32\aepic.dll
2015-05-22 20:44 . 2015-06-10 09:31 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-05-22 20:44 . 2015-06-10 09:31 45568 ----a-w- c:\windows\system32\acmigration.dll
2015-05-21 18:07 . 2015-06-10 09:09 4067840 ----a-w- c:\windows\system32\win32k.sys
2015-05-21 13:08 . 2015-06-10 09:31 1119232 ----a-w- c:\windows\system32\aeinv.dll
2015-05-08 23:39 . 2015-06-10 09:12 981504 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-08 20:05 . 2015-06-10 09:12 668160 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-02 06:28 . 2015-05-12 19:07 100184 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-05-02 03:59 . 2015-05-12 19:07 318976 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-02 03:36 . 2015-05-12 19:07 413696 ----a-w- c:\windows\system32\schannel.dll
2015-04-30 13:07 . 2015-05-12 20:37 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-04-30 13:07 . 2015-05-12 20:37 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-25 03:41 . 2015-06-10 09:10 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-04-24 23:13 . 2015-06-10 09:10 652288 ----a-w- c:\windows\system32\comctl32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-07-18 578560]
"cz.seznam.software.autoupdate"="c:\users\Shaggy\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Shaggy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2015-05-26 103080]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"HP HD Webcam Driver_Monitor"="c:\program files (x86)\HP HD Webcam Driver\monitor.exe" [2012-07-26 303480]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-24 491120]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-29 91432]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2012-09-19 371976]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-29 73832]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-06-05 683656]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2013-10-16 337184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2012-08-01 21:56 75680 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\System32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 Bulk;HDJBulk;c:\windows\System32\Drivers\HDJBulk.sys;c:\windows\SYSNATIVE\Drivers\HDJBulk.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys;c:\windows\SYSNATIVE\drivers\jmcr.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 NETwNe64;@netwne64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNe64.sys;c:\windows\SYSNATIVE\DRIVERS\NETwNe64.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
R3 SmbDrvI;SmbDrvI;c:\windows\System32\drivers\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_Intel.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\System32\drivers\ssadbus.sys;c:\windows\SYSNATIVE\drivers\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys;c:\windows\SYSNATIVE\DRIVERS\ssudobex.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WSDScan;Podpora skenování WSD;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\System32\drivers\amdkmpfd.sys;c:\windows\SYSNATIVE\drivers\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\System32\drivers\rtbth.sys;c:\windows\SYSNATIVE\drivers\rtbth.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SensorsServiceDriver;Služba Reflektor UMDF pro knihovnu SensorsServiceDriver;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\System32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\System32\drivers\WUDFRd.sys;c:\windows\SYSNATIVE\drivers\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 17:13 991048 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-27 17:41]
.
2015-07-18 c:\windows\Tasks\HPCeeScheduleForShaggy.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-23 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-23 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-23 441152]
"ISW"="" [BU]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-14 1664000]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=12454
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - c:\program files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\program files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{28F19F09-F228-49cb-8B90-F97DA7180DD4} - c:\programdata\{F73ECF31-9B8F-41B0-8DFB-7FD290528417}\Traktor Kontrol S4 Driver Setup PC.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.dng\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}]
@DACL=(02 0000)
@SACL=(02 0000)
@="{C7657C4A-9F68-40fa-A4DF-96BC08EB3551}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
c:\program files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-07-18 18:28:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-07-18 16:28
ComboFix2.txt 2015-07-14 21:39
.
Před spuštěním: 427 873 308 672 bytes free
Po spuštění: 427 669 815 296 bytes free
.
- - End Of File - - BC4F9A9CC42C64309CE21FA270250C6A

[jerabina]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy? + nový log z HJT

[J_JERY]

Vypadá to, že počítač šlape lépe než předtím .... zato nově zapojenej internet od stárnetu blbne .... Někde jsem četl že stačí dát jinej kanál na wifi, ten který neni tolik používaný sousedama .... a to když jsem udělal tak to bylo spíš horší než lepší .... s tim mi asi neporadíte co ??


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:54, on 19. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Users\Shaggy\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Users\Shaggy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Shaggy\Downloads\hijackthis (1).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Shaggy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Shaggy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem7.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSSQL$SONY_MEDIAMGR - Unknown owner - C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SQLAgent$SONY_MEDIAMGR - Unknown owner - C:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13078 bytes

[Orcus]

Na Wifi ideálně smartphone - Wifi Analyzer z GP a projít byt. Uvidíš, který kanál je nejmíň zarušen. Případně založit téma v patřičné sekci našeho fóra.

V HJT fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Shaggy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Shaggy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.

[J_JERY]

# DelFix v1.010 - Logfile created 21/07/2015 at 20:08:00
# Updated 26/04/2015 by Xplode
# Username : Shaggy - HENKELEN
# Operating System : Windows 8 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-07-10-195315.log
Deleted : C:\zoek-results2015-07-11-071709.log
Deleted : C:\zoek-results2015-07-11-185123.log
Deleted : C:\zoek-results2015-07-14-222901.log
Deleted : C:\Users\Shaggy\Desktop\zoek.exe
Deleted : C:\Users\Shaggy\Downloads\adwcleaner_4.208.exe
Deleted : C:\Users\Shaggy\Downloads\ComboFix.exe
Deleted : C:\Users\Shaggy\Downloads\JRT.exe
Deleted : C:\Users\Shaggy\Downloads\hijackthis (1).exe
Deleted : C:\Users\Shaggy\Downloads\hijackthis.exe
Deleted : C:\Users\Shaggy\Downloads\hijackthis.log
Deleted : C:\Users\Shaggy\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Shaggy\Downloads\TFC.exe
Deleted : C:\Users\Shaggy\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #210 [ComboFix created restore point | 07/19/2015 18:56:39]

New restore point created !

########## - EOF - ##########