Prosím o kontrolu logu HJT

[tabape]

Asi mám něčím zas.... PC protože mi neustále vyskakují okna s reklamama...potřebovala bych to odstranit.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:01:37, on 12.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\CT24\ct24crawl.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
F:\stažené\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebexpEnhancedV1alpha598 - {6237aa19-efc4-4722-bfa5-7ebc37e6eb85} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie\WebexpEnhancedV1alpha598.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VideoPlayerV3beta934 - {7f7b6e0b-66ce-4f12-a0c6-e9063b784e08} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ie\VideoPlayerV3beta934.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ct24crawl] C:\Program Files (x86)\CT24\ct24crawl.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Peťa\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update GreyGray - Unknown owner - C:\Program Files (x86)\GreyGray\updateGreyGray.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8886 bytes

[Reklama]

[Damned]

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only", zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebexpEnhancedV1alpha598 - {6237aa19-efc4-4722-bfa5-7ebc37e6eb85} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie\WebexpEnhancedV1alpha598.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [ct24crawl] C:\Program Files (x86)\CT24\ct24crawl.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [NextLive] C:\Windows\SysWOW64\rundll32.exe "C:\Users\Peťa\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
********************************************************************************************************************************************************************************
Stáhni si AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“

Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[tabape]

# AdwCleaner v3.017 - Report created 13/01/2014 at 09:28:57
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Peťa - PEŤA-PC
# Running from : C:\Users\Peťa\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\searchplugins\Babylon.xml
File Found : C:\Users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\searchplugins\bingp.xml
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\System32\Tasks\BrowserProtect
File Found : C:\Windows\Tasks\AmiUpdXp.job
Folder Found C:\Program Files (x86)\myfree codec
Folder Found C:\Program Files (x86)\SafeSaver
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found C:\ProgramData\StarApp
Folder Found C:\Users\Peťa\AppData\Local\genienext
Folder Found C:\Users\Peťa\AppData\Local\Mobogenie
Folder Found C:\Users\Peťa\AppData\Local\SwvUpdater
Folder Found C:\Users\Peťa\AppData\Roaming\newnext.me
Folder Found C:\Users\Peťa\AppData\Roaming\OpenCandy
Folder Found C:\Users\Peťa\Documents\Mobogenie

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\powerpack
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\powerpack
Key Found : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f5d3e0aa
Key Found : HKLM\Software\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Peťa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4493 octets] - [13/01/2014 09:26:37]
AdwCleaner[R1].txt - [4389 octets] - [13/01/2014 09:28:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [4449 octets] ##########

[Damned]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“).
Klikni na „ Delete“.
Program provede opravu, po automatickém restartu se ukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
*******************************************************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti: Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko Konec.
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje a poté kliknutím na OK spusť program
- nech vybranou možnost Rychlá kontrola a klikni na tlačítko Prohledat

Bude-li nalezen problém:
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost Uložit protokol a ulož si log na Plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
- výsledný log mi sem zkopíruj
(zatím nic nemaž!).

Nebude-li nalezen problém:
- Klikni na tlačítko "OK" a sděl mi to

[tabape]

# AdwCleaner v3.017 - Report created 13/01/2014 at 11:01:13
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Peťa - PEŤA-PC
# Running from : C:\Users\Peťa\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\SafeSaver
Folder Deleted : C:\Users\Peťa\AppData\Local\genienext
Folder Deleted : C:\Users\Peťa\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Peťa\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Peťa\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Peťa\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Peťa\Documents\Mobogenie
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\searchplugins\bingp.xml
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\System32\Tasks\BrowserProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f5d3e0aa
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Peťa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4493 octets] - [13/01/2014 09:26:37]
AdwCleaner[R1].txt - [4553 octets] - [13/01/2014 09:28:57]
AdwCleaner[S0].txt - [4485 octets] - [13/01/2014 11:01:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4545 octets] ##########




Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.13.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Peťa :: PEŤA-PC [administrátor]

13.1.2014 11:08:54
MBAM-log-2014-01-13 (11-24-58).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210635
Uplynulý čas: 7 minut, 35 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 16
HKCR\CLSID\{6237aa19-efc4-4722-bfa5-7ebc37e6eb85} (Adware.BetterSurf) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{cc444bad-e0c6-41d0-af84-7303d4f7f0de} (Adware.BetterSurf) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{1ECC15F8-CCC1-48C8-B819-BA80A463A1A1} (Adware.BetterSurf) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6237AA19-EFC4-4722-BFA5-7EBC37E6EB85} (Adware.BetterSurf) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE60E6ED-49DD-4099-8B5E-386A4908D5D5} (PUP.Optional.GreyGray.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\Update GreyGray (PUP.Optional.Greygray.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{6237aa19-efc4-4722-bfa5-7ebc37e6eb85} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{cc444bad-e0c6-41d0-af84-7303d4f7f0de} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{1ECC15F8-CCC1-48C8-B819-BA80A463A1A1} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6237AA19-EFC4-4722-BFA5-7EBC37E6EB85} (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{7f7b6e0b-66ce-4f12-a0c6-e9063b784e08} (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{391ae5d4-6a77-45a8-b67f-ebfac4aea963} (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{73DD4908-4E99-453E-BAE1-B1A795F8FBFC} (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F7B6E0B-66CE-4F12-A0C6-E9063B784E08} (Adware.VPlayer) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 12
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598 (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ch (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934 (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ch (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons\default (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ie (Adware.VPlayer) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 16
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie\WebexpEnhancedV1alpha598.dll (Adware.BetterSurf) -> Nebyla provedena žádná instrukce.
C:\Users\Peťa\AppData\Local\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\114fdd.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\uninstall.exe (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ch\WebexpEnhancedV1alpha598.crx (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie\WebexpEnhancedV1alpha598.dll (PUP.Optional.Webexp) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\uninstall.exe (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ch\VideoPlayerV3beta934.crx (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome.manifest (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\install.rdf (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\ffVideoPlayerV3beta934.js (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\ffVideoPlayerV3beta934ffaction.js (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons\default\VideoPlayerV3beta934_32.png (Adware.VPlayer) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ie\VideoPlayerV3beta934.dll (Adware.VPlayer) -> Nebyla provedena žádná instrukce.

(konec)

[Damned]

Spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec
*******************************************************************************************************************************************************************************
Stáhni si Junkware Removal Tool na Plochu

Deaktivuj si svůj antivirový program.
Pravým tlačítkem myši klikni na JRT.exe a vyber „Spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem pak celý jeho obsah

[tabape]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.13.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Peťa :: PEŤA-PC [administrátor]

13.1.2014 12:14:37
mbam-log-2014-01-13 (12-14-37).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 210314
Uplynulý čas: 4 minut, 58 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 16
HKCR\CLSID\{6237aa19-efc4-4722-bfa5-7ebc37e6eb85} (Adware.BetterSurf) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{cc444bad-e0c6-41d0-af84-7303d4f7f0de} (Adware.BetterSurf) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{1ECC15F8-CCC1-48C8-B819-BA80A463A1A1} (Adware.BetterSurf) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6237AA19-EFC4-4722-BFA5-7EBC37E6EB85} (Adware.BetterSurf) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE60E6ED-49DD-4099-8B5E-386A4908D5D5} (PUP.Optional.GreyGray.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Webexp Enhanced (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
HKLM\SYSTEM\CurrentControlSet\Services\Update GreyGray (PUP.Optional.Greygray.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{6237aa19-efc4-4722-bfa5-7ebc37e6eb85} (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{cc444bad-e0c6-41d0-af84-7303d4f7f0de} (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{1ECC15F8-CCC1-48C8-B819-BA80A463A1A1} (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6237AA19-EFC4-4722-BFA5-7EBC37E6EB85} (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Player (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{7f7b6e0b-66ce-4f12-a0c6-e9063b784e08} (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{391ae5d4-6a77-45a8-b67f-ebfac4aea963} (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{73DD4908-4E99-453E-BAE1-B1A795F8FBFC} (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F7B6E0B-66CE-4F12-A0C6-E9063B784E08} (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 12
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598 (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ch (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934 (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ch (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons\default (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ie (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 16
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie\WebexpEnhancedV1alpha598.dll (Adware.BetterSurf) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Peťa\AppData\Local\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\Installer\114fdd.msi (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\uninstall.exe (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ch\WebexpEnhancedV1alpha598.crx (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha598\ie\WebexpEnhancedV1alpha598.dll (PUP.Optional.Webexp) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\uninstall.exe (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ch\VideoPlayerV3beta934.crx (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome.manifest (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\install.rdf (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\ffVideoPlayerV3beta934.js (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\ffVideoPlayerV3beta934ffaction.js (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\overlay.xul (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons\Thumbs.db (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ff\chrome\content\icons\default\VideoPlayerV3beta934_32.png (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta934\ie\VideoPlayerV3beta934.dll (Adware.VPlayer) -> Přesun do karantény a smazání se zdařilo.

(konec)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x64
Ran by Peśa on po 13.01.2014 at 12:26:19,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1969778644-3039056464-2703952265-1000\Software\sweetim



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Peśa\AppData\Roaming\mozilla\firefox\profiles\qhtoxj7s.default\minidumps [67 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 13.01.2014 at 12:42:31,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Damned]

Stáhni si DelFix a uloži si ho na Plochu.

Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce).
V hlavním menu zaškrtni tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se otevře zpráva (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je uložena zde:
C: \ DelFix.txt

Potom:

Vypni rezidentní štít antiviru.
Stáhni si ComboFix (by sUBs) nebo ComboFix (subs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[tabape]

# DelFix v10.6 - Logfile created 13/01/2014 at 12:56:27
# Updated 11/11/2013 by Xplode
# Username : Peťa - PEŤA-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\JRT
Deleted : C:\AdwCleaner
Deleted : C:\Users\Peťa\Desktop\adwcleaner.exe
Deleted : C:\Users\Peťa\Desktop\JRT.txt
Deleted : C:\Users\Peťa\Desktop\hijackthis.log
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #271 [Instalováno Heroes of Might and Magic V Demo | 12/27/2013 18:31:56]
Deleted : RP #272 [Windows Update | 12/31/2013 08:22:34]
Deleted : RP #273 [Windows Update | 01/03/2014 12:40:45]
Deleted : RP #274 [avast! antivirus system restore point | 01/04/2014 10:04:22]
Deleted : RP #275 [Windows Update | 01/07/2014 09:16:14]
Deleted : RP #276 [Windows Update | 01/10/2014 09:41:19]

New restore point created !

########## - EOF - ##########



ComboFix 14-01-13.01 - Peťa 13.01.2014 13:30:56.1.1 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4026.2869 [GMT 1:00]
Spuštěný z: f:\sta×enú\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-13 do 2014-01-13 )))))))))))))))))))))))))))))))
.
.
2014-01-13 12:39 . 2014-01-13 12:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 16:42 . 2014-01-13 11:21 -------- d-----w- c:\program files (x86)\VideoPlayerV3
2014-01-10 09:43 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE8A4A8-4F56-4A41-AB24-A4296C002399}\mpengine.dll
2014-01-04 10:06 . 2014-01-04 10:07 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2013-12-27 18:34 . 2013-12-27 18:34 -------- d-----w- c:\program files (x86)\Ubisoft
2013-12-27 18:05 . 2013-12-27 18:05 -------- d-----w- c:\users\Peťa\.android
2013-12-27 18:05 . 2013-12-27 18:05 -------- d-----w- c:\users\Peťa\AppData\Local\cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-04 10:06 . 2013-03-30 17:05 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-04 10:06 . 2011-12-04 13:26 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-04 10:06 . 2011-12-04 13:26 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-04 10:06 . 2011-12-04 13:26 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-04 10:06 . 2011-12-04 13:26 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-04 10:06 . 2011-12-04 13:25 43152 ----a-w- c:\windows\avastSS.scr
2013-12-19 09:57 . 2012-04-19 09:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-19 09:57 . 2011-12-06 21:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-16 09:11 . 2011-12-04 14:05 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-30 18:19 . 2013-03-30 17:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-30 18:19 . 2012-04-02 16:35 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-26 11:54 . 2013-12-12 08:36 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 08:36 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 08:36 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 08:36 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 08:36 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 08:36 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 08:36 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 08:36 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 08:36 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 08:36 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 08:36 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 08:36 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 08:36 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 08:36 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 08:35 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 08:36 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 08:35 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 08:35 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 08:35 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 08:35 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 08:35 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 08:35 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 08:36 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 08:35 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 07:56 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 07:56 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-21 18:58 . 2013-11-21 18:58 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-11-20 10:23 . 2013-11-20 10:23 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 10:23 . 2013-11-20 10:23 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-20 10:23 . 2013-11-20 10:23 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-20 10:23 . 2013-11-20 10:23 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-20 10:23 . 2013-11-20 10:23 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-20 10:23 . 2013-11-20 10:23 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-20 10:23 . 2013-11-20 10:23 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-20 10:23 . 2013-11-20 10:23 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-20 10:23 . 2013-11-20 10:23 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-20 10:23 . 2013-11-20 10:23 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-20 10:23 . 2013-11-20 10:23 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-20 10:23 . 2013-11-20 10:23 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-20 10:23 . 2013-11-20 10:23 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-20 10:23 . 2013-11-20 10:23 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-20 10:23 . 2013-11-20 10:23 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-20 10:23 . 2013-11-20 10:23 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-20 10:23 . 2013-11-20 10:23 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-20 10:23 . 2013-11-20 10:23 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-20 10:23 . 2013-11-20 10:23 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-20 10:23 . 2013-11-20 10:23 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-20 10:23 . 2013-11-20 10:23 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-20 10:23 . 2013-11-20 10:23 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-20 10:23 . 2013-11-20 10:23 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-20 10:23 . 2013-11-20 10:23 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-20 10:23 . 2013-11-20 10:23 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-20 10:23 . 2013-11-20 10:23 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 10:23 . 2013-11-20 10:23 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 10:23 . 2013-11-20 10:23 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-20 10:23 . 2013-11-20 10:23 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-20 10:23 . 2013-11-20 10:23 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-20 10:23 . 2013-11-20 10:23 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-20 10:23 . 2013-11-20 10:23 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-20 10:23 . 2013-11-20 10:23 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-20 10:23 . 2013-11-20 10:23 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-20 10:23 . 2013-11-20 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-20 10:23 . 2013-11-20 10:23 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-20 10:23 . 2013-11-20 10:23 413696 ----a-w- c:\windows\system32\html.iec
2013-11-20 10:23 . 2013-11-20 10:23 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 10:23 . 2013-11-20 10:23 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-20 10:23 . 2013-11-20 10:23 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-20 10:23 . 2013-11-20 10:23 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-20 10:23 . 2013-11-20 10:23 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-20 10:23 . 2013-11-20 10:23 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-20 10:23 . 2013-11-20 10:23 235520 ----a-w- c:\windows\system32\url.dll
2013-11-20 10:23 . 2013-11-20 10:23 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-20 10:23 . 2013-11-20 10:23 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-20 10:23 . 2013-11-20 10:23 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-20 10:23 . 2013-11-20 10:23 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-20 10:23 . 2013-11-20 10:23 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-20 10:23 . 2013-11-20 10:23 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-20 10:23 . 2013-11-20 10:23 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-20 10:23 . 2013-11-20 10:23 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-20 10:23 . 2013-11-20 10:23 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-20 10:23 . 2013-11-20 10:23 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-20 10:23 . 2013-11-20 10:23 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-20 10:23 . 2013-11-20 10:23 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-20 10:23 . 2013-11-20 10:23 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-20 10:23 . 2013-11-20 10:23 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-20 10:23 . 2013-11-20 10:23 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-19 02:33 . 2011-12-04 13:36 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-12 02:23 . 2013-12-11 07:55 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 07:55 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime Alternative\QTTask.exe" [2013-05-01 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-04 3764024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-05 09:51 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 09:57]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05 09:50]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05 09:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-04 10:06 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.1
FF - ProfilePath - c:\users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.serialycz.cz/
FF - prefs.js: keyword.URL - hxxps://www.google.com/search
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-14 12:59; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-{9E39F566-76A6-0B3C-8FDF-7D503D341940} - c:\progra~3\INSTAL~1\{0578F~1\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-13 13:44:36
ComboFix-quarantined-files.txt 2014-01-13 12:44
.
Před spuštěním: Volných bajtů: 55 353 659 392
Po spuštění: Volných bajtů: 55 056 723 968
.
- - End Of File - - CC9DBFA00AE3A2ABC14853E0E6A5342E
A36C5E4F47E84449FF07ED3517B43A31

[Damned]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\VideoPlayerV3
c:\program files\Google\Update
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate
gupdate
gupdatem

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"APSDaemon"=-
"QuickTime Task"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[tabape]

ComboFix 14-01-13.01 - Peťa 13.01.2014 14:18:03.2.1 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4026.2688 [GMT 1:00]
Spuštěný z: c:\ŕiütýný\ComboFix.exe
Použité ovládací přepínače :: c:\users\PeŁa\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-13 do 2014-01-13 )))))))))))))))))))))))))))))))
.
.
2014-01-13 13:25 . 2014-01-13 13:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-10 16:42 . 2014-01-13 11:21 -------- d-----w- c:\program files (x86)\VideoPlayerV3
2014-01-10 09:43 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE8A4A8-4F56-4A41-AB24-A4296C002399}\mpengine.dll
2014-01-04 10:06 . 2014-01-04 10:07 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2013-12-27 18:34 . 2013-12-27 18:34 -------- d-----w- c:\program files (x86)\Ubisoft
2013-12-27 18:05 . 2013-12-27 18:05 -------- d-----w- c:\users\Peťa\.android
2013-12-27 18:05 . 2013-12-27 18:05 -------- d-----w- c:\users\Peťa\AppData\Local\cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-04 10:06 . 2013-03-30 17:05 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-04 10:06 . 2011-12-04 13:26 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-04 10:06 . 2011-12-04 13:26 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-04 10:06 . 2011-12-04 13:26 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-04 10:06 . 2011-12-04 13:26 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-04 10:06 . 2011-12-04 13:25 43152 ----a-w- c:\windows\avastSS.scr
2013-12-19 09:57 . 2012-04-19 09:05 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-19 09:57 . 2011-12-06 21:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-16 09:11 . 2011-12-04 14:05 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-11-30 18:19 . 2013-03-30 17:05 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-30 18:19 . 2012-04-02 16:35 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-26 11:54 . 2013-12-12 08:36 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 08:36 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 08:36 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 08:36 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 08:36 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 08:36 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 08:36 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 08:36 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 08:36 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 08:36 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 08:36 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 08:36 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 08:36 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 08:36 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 08:35 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 08:36 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 08:35 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 08:35 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 08:35 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 08:35 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 08:35 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 08:35 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 08:36 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 08:35 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 07:56 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 07:56 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-21 18:58 . 2013-11-21 18:58 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-11-20 10:23 . 2013-11-20 10:23 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 10:23 . 2013-11-20 10:23 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-20 10:23 . 2013-11-20 10:23 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-20 10:23 . 2013-11-20 10:23 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-20 10:23 . 2013-11-20 10:23 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-20 10:23 . 2013-11-20 10:23 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-20 10:23 . 2013-11-20 10:23 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-20 10:23 . 2013-11-20 10:23 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-20 10:23 . 2013-11-20 10:23 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-20 10:23 . 2013-11-20 10:23 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-20 10:23 . 2013-11-20 10:23 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-20 10:23 . 2013-11-20 10:23 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-20 10:23 . 2013-11-20 10:23 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-20 10:23 . 2013-11-20 10:23 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-20 10:23 . 2013-11-20 10:23 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-20 10:23 . 2013-11-20 10:23 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-20 10:23 . 2013-11-20 10:23 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-20 10:23 . 2013-11-20 10:23 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-20 10:23 . 2013-11-20 10:23 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-20 10:23 . 2013-11-20 10:23 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-20 10:23 . 2013-11-20 10:23 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-20 10:23 . 2013-11-20 10:23 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-20 10:23 . 2013-11-20 10:23 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-20 10:23 . 2013-11-20 10:23 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-20 10:23 . 2013-11-20 10:23 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-20 10:23 . 2013-11-20 10:23 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 10:23 . 2013-11-20 10:23 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 10:23 . 2013-11-20 10:23 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-20 10:23 . 2013-11-20 10:23 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-20 10:23 . 2013-11-20 10:23 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-20 10:23 . 2013-11-20 10:23 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-20 10:23 . 2013-11-20 10:23 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-20 10:23 . 2013-11-20 10:23 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-20 10:23 . 2013-11-20 10:23 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-20 10:23 . 2013-11-20 10:23 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-20 10:23 . 2013-11-20 10:23 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-20 10:23 . 2013-11-20 10:23 413696 ----a-w- c:\windows\system32\html.iec
2013-11-20 10:23 . 2013-11-20 10:23 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 10:23 . 2013-11-20 10:23 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-20 10:23 . 2013-11-20 10:23 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-20 10:23 . 2013-11-20 10:23 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-20 10:23 . 2013-11-20 10:23 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-20 10:23 . 2013-11-20 10:23 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-20 10:23 . 2013-11-20 10:23 235520 ----a-w- c:\windows\system32\url.dll
2013-11-20 10:23 . 2013-11-20 10:23 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-20 10:23 . 2013-11-20 10:23 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-20 10:23 . 2013-11-20 10:23 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-20 10:23 . 2013-11-20 10:23 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-20 10:23 . 2013-11-20 10:23 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-20 10:23 . 2013-11-20 10:23 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-20 10:23 . 2013-11-20 10:23 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-20 10:23 . 2013-11-20 10:23 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-20 10:23 . 2013-11-20 10:23 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-20 10:23 . 2013-11-20 10:23 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-20 10:23 . 2013-11-20 10:23 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-20 10:23 . 2013-11-20 10:23 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-20 10:23 . 2013-11-20 10:23 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-20 10:23 . 2013-11-20 10:23 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-20 10:23 . 2013-11-20 10:23 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-19 02:33 . 2011-12-04 13:36 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-12 02:23 . 2013-12-11 07:55 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 07:55 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime Alternative\QTTask.exe" [2013-05-01 421888]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-04 3764024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-05 09:51 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-12 09:57]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05 09:50]
.
2014-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-05 09:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-04 10:06 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 172.16.0.1
FF - ProfilePath - c:\users\Peťa\AppData\Roaming\Mozilla\Firefox\Profiles\qhtoxj7s.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.serialycz.cz/
FF - prefs.js: keyword.URL - hxxps://www.google.com/search
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-12-14 12:59; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{9E39F566-76A6-0B3C-8FDF-7D503D341940} - c:\progra~3\INSTAL~1\{0578F~1\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-01-13 14:28:40
ComboFix-quarantined-files.txt 2014-01-13 13:28
ComboFix2.txt 2014-01-13 12:44
.
Před spuštěním: Volných bajtů: 55 115 763 712
Po spuštění: Volných bajtů: 55 044 808 704
.
- - End Of File - - 4802B22526CE862F8B6764DADE46DF8E
A36C5E4F47E84449FF07ED3517B43A31

[tabape]

pořád mi ty okna vyskakují :(