ComboFix 15-05-25.01 - ADMIN 27.05.2015   5:35.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.420.1029.18.4055.2763 [GMT 2:00]
Sputn z: c:\users\ADMIN\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ADMIN\AppData\Local\MSGBOX.EXE
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_ctypes.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_elementtree.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_hashlib.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_multiprocessing.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_psutil_windows.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_socket.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_ssl.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\_yappi.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\common.time34.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\hashobjs_ext.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\pyexpat.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\pysqlite2._sqlite.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\python27.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\pythoncom27.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\PyWinTypes27.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\select.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\unicodedata.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\usb_ext.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32api.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32com.shell.shell.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32crypt.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32event.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32file.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32gui.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32inet.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32pdh.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32pipe.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32process.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32profile.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32security.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\win32ts.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\windows._lib_cacheinvalidation.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._animate.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._controls_.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._core_.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._gdi_.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._html2.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._misc_.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._windows_.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wx._wizard.pyd
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wxbase294u_net_vc90.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wxbase294u_vc90.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wxmsw294u_adv_vc90.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wxmsw294u_core_vc90.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wxmsw294u_html_vc90.dll
c:\users\ADMIN\AppData\Local\Temp\_MEI24722\wxmsw294u_webview_vc90.dll
c:\users\ADMIN\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\ADMIN\AppData\Roaming\DRPSu
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Ovladae/Sluby   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((((   Soubory vytvoen od 2015-04-27 do 2015-05-27  )))))))))))))))))))))))))))))))
.
.
2015-05-24 17:37 . 2015-05-27 04:06	--------	d-----w-	c:\users\ADMIN\AppData\Local\Temp
2015-05-22 18:14 . 2015-05-24 17:36	--------	d-----w-	C:\FRST
2015-05-22 15:22 . 2015-05-22 15:22	--------	d-----w-	c:\programdata\IObit
2015-05-22 15:22 . 2015-05-22 15:22	--------	d-----w-	c:\program files (x86)\IObit
2015-05-22 14:21 . 2015-05-22 14:21	--------	d-----w-	C:\TDSSKiller_Quarantine
2015-05-22 04:09 . 2015-05-22 19:09	--------	d-----w-	C:\AdwCleaner
2015-05-21 18:30 . 2013-09-20 08:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2015-05-21 18:30 . 2015-05-21 18:30	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy 2
2015-05-21 17:33 . 2015-05-21 17:33	--------	d-----w-	c:\users\ADMIN\AppData\Roaming\GlarySoft
2015-05-21 17:28 . 2015-05-21 17:28	--------	d-----w-	c:\users\ADMIN\AppData\Roaming\Malwarebytes
2015-05-21 17:28 . 2012-09-29 18:54	25928	----a-w-	c:\windows\SysWow64\drivers\mbam.sys
2015-05-21 17:27 . 2015-05-22 15:34	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2015-05-21 04:01 . 2015-05-21 04:02	--------	d-----w-	c:\program files\CCleaner
2015-05-20 16:05 . 2015-05-26 16:29	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-20 16:05 . 2015-05-24 17:31	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2015-05-20 16:05 . 2015-04-14 07:37	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-05-20 16:05 . 2015-04-14 07:37	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-05-20 16:05 . 2015-04-14 07:37	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-05-19 17:32 . 2015-05-03 03:16	12214312	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{11D490CD-47EC-4D2E-B79B-C67584EBBA23}\mpengine.dll
2015-05-13 21:32 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:32 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:56 . 2015-04-13 03:28	328704	----a-w-	c:\windows\system32\services.exe
2015-05-13 10:55 . 2015-04-08 03:29	1736192	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2015-05-04 18:13 . 2015-05-04 18:14	--------	d-----w-	c:\windows\SysWow64\)4EBD~1
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-13 21:38 . 2014-05-17 21:38	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-05-05 12:28 . 2014-05-16 16:11	152744	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-05-05 12:28 . 2014-05-16 16:11	132120	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-05-05 01:29 . 2015-05-13 10:57	342016	----a-w-	c:\windows\system32\schannel.dll
2015-05-05 01:12 . 2015-05-13 10:57	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2015-04-27 19:23 . 2015-05-13 10:56	113664	----a-w-	c:\windows\system32\sechost.dll
2015-04-27 19:05 . 2015-05-13 10:56	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-04-27 19:04 . 2015-05-13 10:56	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-15 11:42 . 2014-05-22 19:25	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 11:42 . 2014-05-22 19:25	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-25 03:24 . 2015-04-15 11:58	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 11:58	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 11:58	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 11:58	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 11:58	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 11:58	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 11:58	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 11:58	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 11:58	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 11:58	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 11:58	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 11:58	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 11:58	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 11:58	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 11:58	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 11:58	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 11:58	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 11:58	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 11:58	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 11:58	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 11:58	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 11:58	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 11:58	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 11:58	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-10 13:00 . 2014-05-16 16:11	44088	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-03-10 03:25 . 2015-04-15 11:58	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 11:58	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 11:58	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 11:58	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 11:58	404480	----a-w-	c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 11:58	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-15 11:56	367552	----a-w-	c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 11:56	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-13 10:55	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:41 . 2015-05-13 10:55	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:10 . 2015-04-15 11:56	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-13 10:55	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-13 10:55	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-13 10:55	2560	----a-w-	c:\windows\apppatch\AcRes.dll
.
.
((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-04-28 25700400]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-04-23 8204056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-05-05 728312]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-10-22 124208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater; [x]
R3 awUSB;awUSB;c:\windows\system32\DRIVERS\USBDrv_AMD64.sys;c:\windows\SYSNATIVE\DRIVERS\USBDrv_AMD64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys;c:\windows\SYSNATIVE\DRIVERS\accelern.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series  ovlada adaptru pro 64bitov systm Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-14 13:21	988488	----a-w-	c:\program files (x86)\Google\Chrome\Application\42.0.2311.152\Installer\chrmstp.exe
.
Obsah adrese 'Naplnovan lohy'
.
2015-05-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-22 11:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-04-28 09:34	774984	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-22 13530184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-17 163384]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-17 418360]
.
------- Doplkov sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrzek do zazen &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat strnku do zazen &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.10.10.1
.
- - - - NEPLATN POLOKY ODSTRANN Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-83226774.sys
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jin sputen procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkov as: 2015-05-27  06:11:47 - pota byl restartovn
ComboFix-quarantined-files.txt  2015-05-27 04:11
.
Ped sputnm: Volnch bajt: 10831036416
Po sputn: Volnch bajt: 10471800832
.
- - End Of File - - 2399C9A7249B7E828F931ADF04D1D2E3
A36C5E4F47E84449FF07ED3517B43A31
