ComboFix 13-12-13.01 - Slpkovi 13.12.2013  20:33:07.3.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1250.420.1029.18.3835.2515 [GMT 1:00]
Sputn z: C:\ComboFix.exe
Pouit ovldac pepnae :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"



(((((((((((((((((((((((((((((((((((((((   Ostatn vmazy   )))))))))))))))))))))))))))))))))))))))))))))))))


c:\program files (x86)\Google\GoogleToolbarNotifier
c:\program files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\gth.dll
c:\program files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\gtn.dll
c:\program files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\Readme.url
c:\program files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\programdata\0lqfrlf8z.reg
c:\programdata\0lqfrlf8z.zvv
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job


(((((((((((((((((((((((((   Soubory vytvoen od 2013-11-13 do 2013-12-13  )))))))))))))))))))))))))))))))


2013-12-13 19:38:58 . 2013-12-13 19:38:58	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2013-12-13 19:38:58 . 2013-12-13 19:38:58	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2013-12-13 07:41:37 . 2013-12-13 07:42:34	--------	d-----w-	C:\rsit
2013-12-05 23:30:10 . 2013-10-14 17:00:00	28368	----a-w-	C:\Windows\system32\IEUDINIT.EXE
2013-11-14 05:22:14 . 2013-10-05 20:25:35	1474048	----a-w-	C:\Windows\system32\crypt32.dll
2013-11-14 05:22:13 . 2013-10-05 19:57:25	1168384	----a-w-	C:\Windows\SysWow64\crypt32.dll
2013-11-14 05:16:42 . 2013-09-28 01:09:10	497152	----a-w-	C:\Windows\system32\drivers\afd.sys
2013-11-14 05:16:32 . 2013-10-04 02:24:49	1930752	----a-w-	C:\Windows\system32\authui.dll
2013-11-14 05:16:31 . 2013-10-04 01:56:00	1796096	----a-w-	C:\Windows\SysWow64\authui.dll
2013-11-14 05:16:30 . 2013-10-04 02:28:31	190464	----a-w-	C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 05:16:29 . 2013-10-04 02:25:17	197120	----a-w-	C:\Windows\system32\credui.dll
2013-11-14 05:16:28 . 2013-10-04 01:58:50	152576	----a-w-	C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-14 05:16:28 . 2013-10-04 01:56:25	168960	----a-w-	C:\Windows\SysWow64\credui.dll
.


((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-12-13 17:39:19 . 2013-05-06 22:08:51	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 17:39:19 . 2013-05-06 22:08:51	692616	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-14 05:19:07 . 2013-04-04 08:21:19	82896128	----a-w-	C:\Windows\system32\MRT.exe
2013-11-05 13:18:18 . 2013-11-05 13:31:28	566480	------w-	C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-10-03 01:33:02 . 2013-10-03 01:33:02	829264	----a-w-	C:\Windows\system32\msvcr100.dll
2013-10-03 01:33:02 . 2013-10-03 01:33:02	608080	----a-w-	C:\Windows\system32\msvcp100.dll
2013-09-25 02:22:59 . 2013-11-14 05:15:55	340992	----a-w-	C:\Windows\system32\schannel.dll
2013-09-25 01:57:24 . 2013-11-14 05:15:54	247808	----a-w-	C:\Windows\SysWow64\schannel.dll


((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))


*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-04 10:27:58 336384]
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 13:20:36 586296]
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2010-12-13 10:48:18 318520]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2013-03-06 22:32:44 4767304]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 21:06:36 958576]
"20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\e70ee916-ed77-4ae4-a02a-bc71a7230f56.exe" [2013-11-27 08:28:47 180184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0aswBoot.exe /M:31d58122 /wow /dir:C:\Program

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe;C:\Program Files (x86)\Xobni\XobniService.exe [x]
R3 aswVmm;aswVmm; [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\system32\DRIVERS\ewusbnet.sys;C:\Windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hwusbfake;Huawei DataCard USB Fake;C:\Windows\system32\DRIVERS\ewusbfake.sys;C:\Windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS;C:\Windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS;C:\Windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS;C:\Windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XICTAMDM;CELOT-W USB MODEM Driver;C:\Windows\system32\DRIVERS\XICTAMDM.sys;C:\Windows\SYSNATIVE\DRIVERS\XICTAMDM.sys [x]
R3 XICTANmea;CELOT-W NMEA Device Driver(WDM);C:\Windows\system32\DRIVERS\XICTANmea.sys;C:\Windows\SYSNATIVE\DRIVERS\XICTANmea.sys [x]
R3 XICTAVSP;CELOT-W DM Interface Driver(WDM);C:\Windows\system32\DRIVERS\XICTAVSP.sys;C:\Windows\SYSNATIVE\DRIVERS\XICTAVSP.sys [x]
S0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys;C:\Windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys;C:\Windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe;C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [x]
S3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys;C:\Windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys;C:\Windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys;C:\Windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys;C:\Windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys;C:\Windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 07:27:12	1210320	----a-w-	C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe

Obsah adrese 'Naplnovan lohy'

2013-12-13 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-06 22:08:52 . 2013-12-13 17:39:20]

2013-12-06 C:\Windows\Tasks\HPCeeScheduleForSlpkovi.job
- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15:40 . 2010-09-13 20:15:40]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32:20	133840	----a-w-	C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-01-11 22:10:58 6602856]
"SynTPEnh"="C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-13 11:55:30 627360]
"AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-13 11:55:28 379552]
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 12:33:00 8192]

------- Doplkov sken -------

uStart Page = hxxp://www.seznam.cz/
uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = 
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 141.170.136.3 141.170.136.2


[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="C:\Program Files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

--------------------- ZAMKNUT KLE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

------------------------ Jin sputen procesy ------------------------

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

**************************************************************************

Celkov as: 2013-12-13  20:45:09 - pota byl restartovn
ComboFix-quarantined-files.txt  2013-12-13 19:45:09
ComboFix2.txt  2013-12-13 18:00:45

Ped sputnm: Volnch bajt: 422903353344
Po sputn: Volnch bajt: 422825156608

- - End Of File - - DD242DBB574AAC96CE2B8AF2E5FAB007
A36C5E4F47E84449FF07ED3517B43A31
