Chrome - sekanie prehliadača

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[wedders]

ComboFix 14-06-04.01 - Tomi . 06. 2014 9:07.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4010.2773 [GMT 2:00]
Running from: c:\users\Tomi\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tomi\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-05-05 to 2014-06-05 )))))))))))))))))))))))))))))))
.
.
2014-06-05 09:39 . 2014-06-05 09:39 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-05 09:39 . 2014-06-05 09:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-03 18:16 . 2014-06-03 18:16 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-05-31 22:51 . 2014-05-31 22:51 -------- d-----w- c:\programdata\IObit
2014-05-31 22:51 . 2014-05-31 22:51 -------- d-----w- c:\program files (x86)\IObit
2014-05-31 22:47 . 2014-05-31 22:50 -------- d-----w- c:\users\Tomi\AppData\Local\Razer
2014-05-31 22:47 . 2014-05-31 22:50 -------- d-----w- c:\program files (x86)\Razer
2014-05-31 22:47 . 2014-05-31 22:50 -------- d-----w- c:\programdata\Razer
2014-05-31 16:39 . 2014-05-31 16:39 -------- d-----w- c:\programdata\Martau
2014-05-31 16:39 . 2014-05-31 16:39 -------- d-----w- c:\program files\Total Uninstall 6
2014-05-30 18:16 . 2014-05-30 18:16 -------- d-----w- c:\program files (x86)\Google Chrome Backup
2014-05-30 17:57 . 2014-05-31 16:44 -------- d-----w- c:\users\Tomi\AppData\Roaming\Google Chrome Backup
2014-05-30 17:04 . 2014-05-30 17:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-29 22:35 . 2014-05-29 22:35 -------- d-----w- c:\users\Tomi\AppData\Local\ESN
2014-05-29 22:35 . 2014-05-29 22:35 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2014-05-29 22:32 . 2014-05-29 22:32 -------- d-----w- c:\programdata\EA Core
2014-05-29 13:26 . 2014-05-31 23:00 -------- d-----w- c:\program files (x86)\Origin
2014-05-27 21:09 . 2014-05-27 21:09 -------- d-----w- C:\adobeTemp
2014-05-22 21:15 . 2014-05-22 21:26 -------- d-----w- C:\FFOutput
2014-05-22 21:14 . 2014-05-22 21:14 -------- d-----w- c:\program files (x86)\FreeTime
2014-05-21 21:05 . 2014-05-21 21:08 -------- d-----w- c:\users\Tomi\AppData\Roaming\vlc
2014-05-21 21:04 . 2014-05-21 21:04 -------- d-----w- c:\program files (x86)\VideoLAN
2014-05-20 21:53 . 2014-05-20 21:53 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2014-05-20 21:53 . 2014-05-20 21:53 -------- d-----w- c:\users\Tomi\AppData\Roaming\Check Point Software Technologies LTD
2014-05-20 21:53 . 2014-05-20 21:54 -------- d-----w- c:\program files (x86)\CheckPoint
2014-05-20 21:52 . 2014-05-20 21:52 -------- d-----w- c:\programdata\CheckPoint
2014-05-20 21:43 . 2014-05-20 21:43 -------- d-----w- c:\users\Tomi\AppData\Roaming\Avira
2014-05-20 21:42 . 2014-05-09 09:16 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-05-20 21:42 . 2014-05-09 09:16 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-20 21:42 . 2014-05-09 09:16 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-05-20 21:41 . 2014-05-20 21:42 -------- d-----w- c:\program files (x86)\Avira
2014-05-20 21:41 . 2014-05-20 21:42 -------- d-----w- c:\programdata\Avira
2014-05-20 21:41 . 2014-05-20 21:41 -------- d-----w- c:\programdata\Package Cache
2014-05-20 17:07 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-19 16:00 . 2014-05-20 09:01 -------- d-----w- c:\users\Tomi\AppData\Roaming\TS3Client
2014-05-19 16:00 . 2014-05-19 16:00 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2014-05-19 15:57 . 2014-05-19 15:57 -------- d-----w- c:\programdata\boost_interprocess
2014-05-15 18:25 . 2008-07-31 08:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2014-05-15 18:11 . 2014-05-15 18:12 -------- d-----w- c:\users\Tomi\AppData\Roaming\Apple Computer
2014-05-15 18:11 . 2014-05-15 18:11 -------- d-----w- c:\users\Tomi\AppData\Local\Apple Computer
2014-05-15 18:11 . 2014-05-15 18:11 -------- dc----w- c:\windows\system32\DRVSTORE
2014-05-15 18:11 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-05-15 18:11 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2014-05-15 18:11 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2014-05-15 18:10 . 2014-05-15 18:10 -------- d-----w- c:\program files\iPod
2014-05-15 18:10 . 2014-05-15 18:11 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-05-15 18:10 . 2014-05-15 18:11 -------- d-----w- c:\program files\iTunes
2014-05-15 18:10 . 2014-05-15 18:11 -------- d-----w- c:\program files (x86)\iTunes
2014-05-15 18:10 . 2014-05-15 18:10 -------- d-----w- c:\programdata\Apple Computer
2014-05-15 18:09 . 2014-05-15 18:09 -------- d-----w- c:\users\Tomi\AppData\Local\Apple
2014-05-15 18:09 . 2014-05-15 18:09 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-05-15 18:09 . 2014-05-15 18:09 -------- d-----w- c:\program files\Common Files\Apple
2014-05-15 18:08 . 2014-05-15 18:08 -------- d-----w- c:\program files\Bonjour
2014-05-15 18:08 . 2014-05-15 18:08 -------- d-----w- c:\program files (x86)\Bonjour
2014-05-15 18:08 . 2014-05-15 18:10 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-05-15 18:08 . 2014-05-15 18:09 -------- d-----w- c:\programdata\Apple
2014-05-15 09:37 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-15 09:37 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-15 09:37 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-15 09:37 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 10:25 . 2014-05-14 11:21 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-14 09:59 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-05-14 09:59 . 2014-05-09 06:14 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-14 09:59 . 2014-05-09 06:11 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-12 04:56 . 2014-05-12 04:56 -------- d-sh--w- c:\users\Tomi\AppData\Local\EmieUserList
2014-05-12 04:56 . 2014-05-12 04:56 -------- d-sh--w- c:\users\Tomi\AppData\Local\EmieSiteList
2014-05-07 10:20 . 2014-05-15 09:50 -------- d-s---w- c:\windows\system32\CompatTel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-31 23:10 . 2014-04-25 16:31 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-05-31 23:09 . 2014-04-25 17:02 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-05-31 23:09 . 2014-04-25 16:31 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-05-31 23:05 . 2014-04-25 16:31 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-05-15 06:59 . 2014-04-18 21:41 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 11:22 . 2014-04-22 09:58 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 11:22 . 2014-04-22 09:58 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-03 19:44 . 2014-05-03 19:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-24 21:03 . 2014-04-24 21:03 450968 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2014-04-19 20:21 . 2014-04-19 20:21 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-04-19 20:21 . 2014-04-19 20:21 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-19 20:21 . 2014-04-19 20:21 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-04-19 20:21 . 2014-04-19 20:21 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-19 20:21 . 2014-04-19 20:21 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-04-19 20:21 . 2014-04-19 20:21 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-19 20:21 . 2014-04-19 20:21 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-04-19 20:21 . 2014-04-19 20:21 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-19 20:21 . 2014-04-19 20:21 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-19 20:21 . 2014-04-19 20:21 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-19 20:21 . 2014-04-19 20:21 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-04-19 20:21 . 2014-04-19 20:21 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-19 20:21 . 2014-04-19 20:21 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-04-19 20:21 . 2014-04-19 20:21 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-19 20:21 . 2014-04-19 20:21 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-19 20:21 . 2014-04-19 20:21 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-19 20:21 . 2014-04-19 20:21 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-19 20:21 . 2014-04-19 20:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-19 20:21 . 2014-04-19 20:21 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-19 20:21 . 2014-04-19 20:21 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-19 20:21 . 2014-04-19 20:21 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-19 20:21 . 2014-04-19 20:21 81408 ----a-w- c:\windows\system32\icardie.dll
2014-04-19 20:21 . 2014-04-19 20:21 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-04-19 20:21 . 2014-04-19 20:21 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-19 20:21 . 2014-04-19 20:21 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-19 20:21 . 2014-04-19 20:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-19 20:21 . 2014-04-19 20:21 413696 ----a-w- c:\windows\system32\html.iec
2014-04-19 20:21 . 2014-04-19 20:21 247808 ----a-w- c:\windows\system32\msls31.dll
2014-04-19 20:21 . 2014-04-19 20:21 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-19 20:21 . 2014-04-19 20:21 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-19 20:21 . 2014-04-19 20:21 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-19 20:21 . 2014-04-19 20:21 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-04-19 20:21 . 2014-04-19 20:21 774144 ----a-w- c:\windows\system32\jscript.dll
2014-04-19 20:21 . 2014-04-19 20:21 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-19 20:21 . 2014-04-19 20:21 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-04-19 20:21 . 2014-04-19 20:21 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-19 20:21 . 2014-04-19 20:21 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-19 20:21 . 2014-04-19 20:21 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-04-19 20:21 . 2014-04-19 20:21 235520 ----a-w- c:\windows\system32\url.dll
2014-04-19 20:21 . 2014-04-19 20:21 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-04-19 20:21 . 2014-04-19 20:21 147968 ----a-w- c:\windows\system32\occache.dll
2014-04-19 20:21 . 2014-04-19 20:21 143872 ----a-w- c:\windows\system32\wextract.exe
2014-04-19 20:21 . 2014-04-19 20:21 13824 ----a-w- c:\windows\system32\mshta.exe
2014-04-19 20:21 . 2014-04-19 20:21 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-04-19 20:21 . 2014-04-19 20:21 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-04-19 20:21 . 2014-04-19 20:21 101376 ----a-w- c:\windows\system32\inseng.dll
2014-04-19 14:30 . 2014-04-19 14:30 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-04-19 14:30 . 2014-04-19 14:30 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-04-19 14:30 . 2014-04-19 14:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-04-19 14:30 . 2014-04-19 14:30 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-04-19 14:30 . 2014-04-19 14:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-04-19 14:30 . 2014-04-19 14:30 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-04-19 14:30 . 2014-04-19 14:30 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-04-19 14:30 . 2014-04-19 14:30 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-04-19 14:30 . 2014-04-19 14:30 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-04-19 14:30 . 2014-04-19 14:30 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-04-19 14:30 . 2014-04-19 14:30 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-04-19 14:30 . 2014-04-19 14:30 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-04-19 14:30 . 2014-04-19 14:30 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-04-19 14:30 . 2014-04-19 14:30 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-04-19 14:30 . 2014-04-19 14:30 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-04-19 14:30 . 2014-04-19 14:30 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-04-19 14:30 . 2014-04-19 14:30 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-04-19 14:30 . 2014-04-19 14:30 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-04-19 14:30 . 2014-04-19 14:30 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-04-19 14:30 . 2014-04-19 14:30 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-04-19 14:30 . 2014-04-19 14:30 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-04-19 14:30 . 2014-04-19 14:30 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-04-19 14:30 . 2014-04-19 14:30 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-04-18 23:19 . 2010-06-24 02:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-18 21:32 . 2014-04-18 21:32 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-02-20 6161176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-05-14 183376]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-09 737872]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-04-24 137352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys;c:\windows\SYSNATIVE\DRIVERS\SGdrv64.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-31 18:32 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-22 11:22]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30 18:02]
.
2014-06-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30 18:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-12 12558440]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\0thxhtr4.default\
FF - prefs.js: browser.startup.homepage - google.sk
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
.
**************************************************************************
.
Completion time: 2014-06-05 11:47:49 - machine was rebooted
ComboFix-quarantined-files.txt 2014-06-05 09:47
.
Pre-Run: 173 564 899 328 bytes free
Post-Run: 173 357 391 872 bytes free
.
- - End Of File - - DE4FF862B06D2B96ABFB46911C36B5A1

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job


RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CFse spustí a vykoná příkazy ze skriptu.

[wedders]

ComboFix 14-06-04.01 - Tomi . 06. 2014 19:53:36.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4010.2567 [GMT 2:00]
Running from: c:\users\Tomi\Desktop\ComboFix.exe
Command switches used :: c:\users\Tomi\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tomi\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Files Created from 2014-05-05 to 2014-06-05 )))))))))))))))))))))))))))))))
.
.
2014-06-05 18:18 . 2014-06-05 18:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-05 18:18 . 2014-06-05 18:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-03 18:16 . 2014-06-03 18:16 84720 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-05-31 22:51 . 2014-05-31 22:51 -------- d-----w- c:\programdata\IObit
2014-05-31 22:51 . 2014-05-31 22:51 -------- d-----w- c:\program files (x86)\IObit
2014-05-31 22:47 . 2014-05-31 22:50 -------- d-----w- c:\users\Tomi\AppData\Local\Razer
2014-05-31 22:47 . 2014-05-31 22:50 -------- d-----w- c:\program files (x86)\Razer
2014-05-31 22:47 . 2014-05-31 22:50 -------- d-----w- c:\programdata\Razer
2014-05-31 16:39 . 2014-05-31 16:39 -------- d-----w- c:\programdata\Martau
2014-05-31 16:39 . 2014-05-31 16:39 -------- d-----w- c:\program files\Total Uninstall 6
2014-05-30 18:16 . 2014-05-30 18:16 -------- d-----w- c:\program files (x86)\Google Chrome Backup
2014-05-30 17:57 . 2014-05-31 16:44 -------- d-----w- c:\users\Tomi\AppData\Roaming\Google Chrome Backup
2014-05-30 17:04 . 2014-05-30 17:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-05-29 22:35 . 2014-05-29 22:35 -------- d-----w- c:\users\Tomi\AppData\Local\ESN
2014-05-29 22:35 . 2014-05-29 22:35 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2014-05-29 22:32 . 2014-05-29 22:32 -------- d-----w- c:\programdata\EA Core
2014-05-29 13:26 . 2014-05-31 23:00 -------- d-----w- c:\program files (x86)\Origin
2014-05-27 21:09 . 2014-05-27 21:09 -------- d-----w- C:\adobeTemp
2014-05-22 21:15 . 2014-05-22 21:26 -------- d-----w- C:\FFOutput
2014-05-22 21:14 . 2014-05-22 21:14 -------- d-----w- c:\program files (x86)\FreeTime
2014-05-21 21:05 . 2014-05-21 21:08 -------- d-----w- c:\users\Tomi\AppData\Roaming\vlc
2014-05-21 21:04 . 2014-05-21 21:04 -------- d-----w- c:\program files (x86)\VideoLAN
2014-05-20 21:53 . 2014-05-20 21:53 -------- d-----w- c:\program files (x86)\Check Point Software Technologies LTD
2014-05-20 21:53 . 2014-05-20 21:53 -------- d-----w- c:\users\Tomi\AppData\Roaming\Check Point Software Technologies LTD
2014-05-20 21:53 . 2014-05-20 21:54 -------- d-----w- c:\program files (x86)\CheckPoint
2014-05-20 21:52 . 2014-05-20 21:52 -------- d-----w- c:\programdata\CheckPoint
2014-05-20 21:43 . 2014-05-20 21:43 -------- d-----w- c:\users\Tomi\AppData\Roaming\Avira
2014-05-20 21:42 . 2014-05-09 09:16 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-05-20 21:42 . 2014-05-09 09:16 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-20 21:42 . 2014-05-09 09:16 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-05-20 21:41 . 2014-05-20 21:42 -------- d-----w- c:\program files (x86)\Avira
2014-05-20 21:41 . 2014-05-20 21:42 -------- d-----w- c:\programdata\Avira
2014-05-20 21:41 . 2014-05-20 21:41 -------- d-----w- c:\programdata\Package Cache
2014-05-20 17:07 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-19 16:00 . 2014-05-20 09:01 -------- d-----w- c:\users\Tomi\AppData\Roaming\TS3Client
2014-05-19 16:00 . 2014-05-19 16:00 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2014-05-19 15:57 . 2014-05-19 15:57 -------- d-----w- c:\programdata\boost_interprocess
2014-05-15 18:25 . 2008-07-31 08:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2014-05-15 18:11 . 2014-05-15 18:12 -------- d-----w- c:\users\Tomi\AppData\Roaming\Apple Computer
2014-05-15 18:11 . 2014-05-15 18:11 -------- d-----w- c:\users\Tomi\AppData\Local\Apple Computer
2014-05-15 18:11 . 2014-05-15 18:11 -------- dc----w- c:\windows\system32\DRVSTORE
2014-05-15 18:11 . 2009-05-18 11:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-05-15 18:11 . 2008-04-17 10:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2014-05-15 18:11 . 2008-04-17 10:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2014-05-15 18:10 . 2014-05-15 18:10 -------- d-----w- c:\program files\iPod
2014-05-15 18:10 . 2014-05-15 18:11 -------- d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-05-15 18:10 . 2014-05-15 18:11 -------- d-----w- c:\program files\iTunes
2014-05-15 18:10 . 2014-05-15 18:11 -------- d-----w- c:\program files (x86)\iTunes
2014-05-15 18:10 . 2014-05-15 18:10 -------- d-----w- c:\programdata\Apple Computer
2014-05-15 18:09 . 2014-05-15 18:09 -------- d-----w- c:\users\Tomi\AppData\Local\Apple
2014-05-15 18:09 . 2014-05-15 18:09 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-05-15 18:09 . 2014-05-15 18:09 -------- d-----w- c:\program files\Common Files\Apple
2014-05-15 18:08 . 2014-05-15 18:08 -------- d-----w- c:\program files\Bonjour
2014-05-15 18:08 . 2014-05-15 18:08 -------- d-----w- c:\program files (x86)\Bonjour
2014-05-15 18:08 . 2014-05-15 18:10 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-05-15 18:08 . 2014-05-15 18:09 -------- d-----w- c:\programdata\Apple
2014-05-15 09:37 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-15 09:37 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-15 09:37 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-15 09:37 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 10:25 . 2014-05-14 11:21 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-14 09:59 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-05-14 09:59 . 2014-05-09 06:14 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-14 09:59 . 2014-05-09 06:11 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-12 04:56 . 2014-05-12 04:56 -------- d-sh--w- c:\users\Tomi\AppData\Local\EmieUserList
2014-05-12 04:56 . 2014-05-12 04:56 -------- d-sh--w- c:\users\Tomi\AppData\Local\EmieSiteList
2014-05-07 10:20 . 2014-05-15 09:50 -------- d-s---w- c:\windows\system32\CompatTel
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-31 23:10 . 2014-04-25 16:31 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-05-31 23:09 . 2014-04-25 17:02 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-05-31 23:09 . 2014-04-25 16:31 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-05-31 23:05 . 2014-04-25 16:31 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-05-15 06:59 . 2014-04-18 21:41 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 11:22 . 2014-04-22 09:58 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 11:22 . 2014-04-22 09:58 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-03 19:44 . 2014-05-03 19:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-24 21:03 . 2014-04-24 21:03 450968 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2014-04-19 20:21 . 2014-04-19 20:21 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-04-19 20:21 . 2014-04-19 20:21 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-19 20:21 . 2014-04-19 20:21 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-04-19 20:21 . 2014-04-19 20:21 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-19 20:21 . 2014-04-19 20:21 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-04-19 20:21 . 2014-04-19 20:21 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-19 20:21 . 2014-04-19 20:21 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-04-19 20:21 . 2014-04-19 20:21 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-19 20:21 . 2014-04-19 20:21 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-19 20:21 . 2014-04-19 20:21 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-19 20:21 . 2014-04-19 20:21 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-04-19 20:21 . 2014-04-19 20:21 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-19 20:21 . 2014-04-19 20:21 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-04-19 20:21 . 2014-04-19 20:21 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-19 20:21 . 2014-04-19 20:21 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-19 20:21 . 2014-04-19 20:21 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-19 20:21 . 2014-04-19 20:21 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-19 20:21 . 2014-04-19 20:21 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-19 20:21 . 2014-04-19 20:21 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-19 20:21 . 2014-04-19 20:21 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-19 20:21 . 2014-04-19 20:21 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-19 20:21 . 2014-04-19 20:21 81408 ----a-w- c:\windows\system32\icardie.dll
2014-04-19 20:21 . 2014-04-19 20:21 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-04-19 20:21 . 2014-04-19 20:21 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-19 20:21 . 2014-04-19 20:21 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-19 20:21 . 2014-04-19 20:21 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-19 20:21 . 2014-04-19 20:21 413696 ----a-w- c:\windows\system32\html.iec
2014-04-19 20:21 . 2014-04-19 20:21 247808 ----a-w- c:\windows\system32\msls31.dll
2014-04-19 20:21 . 2014-04-19 20:21 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-19 20:21 . 2014-04-19 20:21 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-19 20:21 . 2014-04-19 20:21 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-19 20:21 . 2014-04-19 20:21 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-04-19 20:21 . 2014-04-19 20:21 774144 ----a-w- c:\windows\system32\jscript.dll
2014-04-19 20:21 . 2014-04-19 20:21 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-19 20:21 . 2014-04-19 20:21 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-04-19 20:21 . 2014-04-19 20:21 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-19 20:21 . 2014-04-19 20:21 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-19 20:21 . 2014-04-19 20:21 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-04-19 20:21 . 2014-04-19 20:21 235520 ----a-w- c:\windows\system32\url.dll
2014-04-19 20:21 . 2014-04-19 20:21 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-04-19 20:21 . 2014-04-19 20:21 147968 ----a-w- c:\windows\system32\occache.dll
2014-04-19 20:21 . 2014-04-19 20:21 143872 ----a-w- c:\windows\system32\wextract.exe
2014-04-19 20:21 . 2014-04-19 20:21 13824 ----a-w- c:\windows\system32\mshta.exe
2014-04-19 20:21 . 2014-04-19 20:21 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-04-19 20:21 . 2014-04-19 20:21 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-04-19 20:21 . 2014-04-19 20:21 101376 ----a-w- c:\windows\system32\inseng.dll
2014-04-19 14:30 . 2014-04-19 14:30 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-04-19 14:30 . 2014-04-19 14:30 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-04-19 14:30 . 2014-04-19 14:30 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-04-19 14:30 . 2014-04-19 14:30 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-04-19 14:30 . 2014-04-19 14:30 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-04-19 14:30 . 2014-04-19 14:30 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-04-19 14:30 . 2014-04-19 14:30 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-04-19 14:30 . 2014-04-19 14:30 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-04-19 14:30 . 2014-04-19 14:30 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-04-19 14:30 . 2014-04-19 14:30 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-04-19 14:30 . 2014-04-19 14:30 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-04-19 14:30 . 2014-04-19 14:30 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-04-19 14:30 . 2014-04-19 14:30 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-04-19 14:30 . 2014-04-19 14:30 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-04-19 14:30 . 2014-04-19 14:30 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-04-19 14:30 . 2014-04-19 14:30 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-04-19 14:30 . 2014-04-19 14:30 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-04-19 14:30 . 2014-04-19 14:30 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-04-19 14:30 . 2014-04-19 14:30 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-04-19 14:30 . 2014-04-19 14:30 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-04-19 14:30 . 2014-04-19 14:30 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-04-19 14:30 . 2014-04-19 14:30 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-19 14:30 . 2014-04-19 14:30 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-04-19 14:30 . 2014-04-19 14:30 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-04-18 23:19 . 2010-06-24 02:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-04-18 21:32 . 2014-04-18 21:32 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-02-20 6161176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-05-14 183376]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-09 737872]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2014-04-24 137352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 SGDrv;SGDrv;c:\windows\system32\DRIVERS\SGdrv64.sys;c:\windows\SYSNATIVE\DRIVERS\SGdrv64.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-31 18:32 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-22 11:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Tomi\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-12 12558440]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
FF - ProfilePath - c:\users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\0thxhtr4.default\
FF - prefs.js: browser.startup.homepage - google.sk
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
.
**************************************************************************
.
Completion time: 2014-06-05 21:20:05 - machine was rebooted
ComboFix-quarantined-files.txt 2014-06-05 19:19
ComboFix2.txt 2014-06-05 09:47
.
Pre-Run: 172 232 351 744 bytes free
Post-Run: 172 161 994 752 bytes free
.
- - End Of File - - 2009E4AC2EABA5883B0C024F35474E8E

[Rudy]

Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

[wedders]

Zatiaľ sa tvári, že pomohlo aj pri zaťažení funguje normálne. Ale neviem ak je to možné nechajte ešte odomknuté, lebo aj minule sa chvíľu tváril a o dva dni mu zas prišlo zle. Ale tak zatiaľ Ďakujem

[Rudy]

Zatím není zač!

[wedders]

nechápem síce prečo, ale problém pretrváva...

[Rudy]

Pak se Chrome musí s něčím hádat. IE tento problém nemá?

[wedders]

momentálne sa mi na IE nedá ani prehliadať neotvorí mi ani google ani žiadnu inú stránku keď som zadal google vyhodilo mi hlášku "Navigácia na túto stránku bola zrušená" (Chrome, Mozilla aj Opera - fungujú - v ramci normy)
Všimol som si ale ďalšiu vec, že pri všetkých prehliadačoch mám nastavenú domovskú google
a otvára mi to všade (aj v IE) v takomto odkaze

Kód: Vybrat vše

https://www.google.sk/?gws_rd=ssl[code]
je to normálne?

[Rudy]

Spusťte ještě JunkwareRemovalTool:

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

[wedders]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tomi on so 07. 06. 2014 at 21:20:37,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 07. 06. 2014 at 21:31:27,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[wedders]

IE už síce pracuje, ale akonáhle som ho chcel vyskúšať stačilo mi spustiť len YouTube a keď som chcel rozkliknúť ďalšie komentáre pod videom neskutočné lagy prehrávaného videa v prehliadači (otovrené iba jedno okno)

[Rudy]

Klikněte do obrazu videa pravým myšítkem>nastavení a vypněte hardwarovou akceleraci.

[wedders]

to som spravil hneď už keď som skušal IE... nepomohlo