Log Combofixu:
ComboFix 14-10-27.01 - Babi a deda 27.10.2014 21:38:13.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1691 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\emachines.ico
c:\users\Babi a deda\AppData\Roaming\.#
c:\windows\PFRO.log
c:\windows\usgwmt
c:\windows\usgwmt\BReWErS.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-09-27 to 2014-10-27 )))))))))))))))))))))))))))))))
.
.
2014-10-27 20:48 . 2014-10-27 20:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:38 . 2014-10-27 20:42 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\offreg.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 09:54 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-10-27 05:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-27 05:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-27 05:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-10-27 05:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-10-27 05:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-10-27 05:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-10-27 05:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-27 05:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-27 05:27 . 2014-10-27 16:35 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-26 08:26 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4086016476-1674983531-1512024179-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-10-27 21:50:57
ComboFix-quarantined-files.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 90 306 523 136
Post-Run: Volných bajtu: 89 983 488 000
.
- - End Of File - - D25DBB820AF0329A555A56EB41B653BC
A36C5E4F47E84449FF07ED3517B43A31
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Internet explorer nezobrazuje Seznam.cz
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Internet explorer nezobrazuje Seznam.cz
Obyčejný uživatel
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internet explorer nezobrazuje Seznam.cz
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spsutí a vykoná příkazy ze skriptu.RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Regnull::
[HKEY_USERS\S-1-5-21-4086016476-1674983531-1512024179-1000\Software\SecuROM\License information*]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Internet explorer nezobrazuje Seznam.cz
Provedl jsem pak combofix začal znova scanovat, já odešel a notebook se vybil tak nevím co proběhlo. seznam.cz stále nejde.
Obyčejný uživatel
Re: Internet explorer nezobrazuje Seznam.cz
Provést znova cfscript.txt si sám netroufám tak jsem alespoň zkusil nový scan combofixu. Na začátku mi hlásil že v minulém nebylo vše smazáno tak to asi opravdu nedošlo do konce. Tady je ten log:
ComboFix 14-10-27.01 - Babi a deda 27.10.2014 23:00:33.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1420 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-09-27 to 2014-10-27 )))))))))))))))))))))))))))))))
.
.
2014-10-27 22:11 . 2014-10-27 22:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 21:47 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-10-27 05:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-27 05:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-27 05:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-10-27 05:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-10-27 05:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-10-27 05:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-10-27 05:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-27 05:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-27 05:27 . 2014-10-27 16:35 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-26 08:26 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2014-10-27 23:14:30
ComboFix-quarantined-files.txt 2014-10-27 22:14
ComboFix2.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 89 830 178 816
Post-Run: Volných bajtu: 89 619 062 784
.
- - End Of File - - 9F0C7CC09FA9033DCC77CD8ECD8163C7
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-10-27.01 - Babi a deda 27.10.2014 23:00:33.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1420 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-09-27 to 2014-10-27 )))))))))))))))))))))))))))))))
.
.
2014-10-27 22:11 . 2014-10-27 22:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 21:47 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:31 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2014-10-27 05:31 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-27 05:31 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-27 05:31 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2014-10-27 05:31 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2014-10-27 05:31 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2014-10-27 05:31 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2014-10-27 05:31 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-27 05:31 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-27 05:27 . 2014-10-27 16:35 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-26 08:26 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2014-10-27 23:14:30
ComboFix-quarantined-files.txt 2014-10-27 22:14
ComboFix2.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 89 830 178 816
Post-Run: Volných bajtu: 89 619 062 784
.
- - End Of File - - 9F0C7CC09FA9033DCC77CD8ECD8163C7
A36C5E4F47E84449FF07ED3517B43A31
Obyčejný uživatel
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internet explorer nezobrazuje Seznam.cz
Při podobných operacích by měl být použit síť. adaptér.marpie píše:Provedl jsem pak combofix začal znova scanovat, já odešel a notebook se vybil tak nevím co proběhlo. seznam.cz stále nejde.
Otevřte poznámkový blok a zkopírujte do něj:
Regnull::
[HKEY_USERS\S-1-5-21-4086016476-1674983531-1512024179-1000\Software\SecuROM\License information*]
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Reboot::
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Internet explorer nezobrazuje Seznam.cz
Provedeno, ale seznam.cz stále nejde. Tady je log po čištění combofixem:
ComboFix 14-10-27.01 - Babi a deda 28.10.2014 17:28:21.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1295 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
Command switches used :: c:\users\Babi a deda\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-09-28 to 2014-10-28 )))))))))))))))))))))))))))))))
.
.
2014-10-28 16:38 . 2014-10-28 16:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-28 16:22 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-10-28 16:22 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-28 16:22 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-28 16:22 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-10-28 16:21 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-10-28 16:21 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-10-28 16:21 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-10-28 16:21 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-10-28 16:21 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-10-28 16:21 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-10-28 16:21 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-28 16:21 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-10-28 16:21 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-28 16:21 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 21:47 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:27 . 2014-10-28 16:22 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-27 22:17 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2014-10-28 17:46:45 - machine was rebooted
ComboFix-quarantined-files.txt 2014-10-28 16:46
ComboFix2.txt 2014-10-27 22:14
ComboFix3.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 89 481 101 312
Post-Run: Volných bajtu: 89 231 245 312
.
- - End Of File - - 5C85DE10691E692AC14C690A7BE882AD
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 14-10-27.01 - Babi a deda 28.10.2014 17:28:21.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1029.18.3002.1295 [GMT 1:00]
Running from: c:\users\Babi a deda\Desktop\ComboFix.exe
Command switches used :: c:\users\Babi a deda\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-09-28 to 2014-10-28 )))))))))))))))))))))))))))))))
.
.
2014-10-28 16:38 . 2014-10-28 16:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-28 16:22 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-10-28 16:22 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-10-28 16:22 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-10-28 16:22 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-10-28 16:21 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-10-28 16:21 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-10-28 16:21 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-10-28 16:21 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-10-28 16:21 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-10-28 16:21 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-10-28 16:21 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-10-28 16:21 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-10-28 16:21 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-10-28 16:21 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-10-27 17:58 . 2013-02-17 00:40 28672 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-27 16:32 . 2014-10-27 16:32 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-10-27 16:30 . 2014-10-27 16:30 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-10-27 16:30 . 2014-10-27 16:30 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-10-27 16:30 . 2014-10-27 16:30 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-10-27 16:27 . 2014-10-27 16:27 1887232 ----a-w- c:\windows\system32\d3d11.dll
2014-10-27 16:27 . 2014-10-27 16:27 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2014-10-27 13:18 . 2014-10-27 13:18 -------- d-----w- c:\windows\system32\SPReview
2014-10-27 12:40 . 2010-11-20 04:32 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\rdpwd.sys.mui
2014-10-27 12:40 . 2010-11-20 04:26 3584 ----a-w- c:\windows\system32\drivers\cs-CZ\tsusbflt.sys.mui
2014-10-27 12:40 . 2010-11-20 04:32 3072 ----a-w- c:\windows\system32\drivers\cs-CZ\GAGP30KX.SYS.mui
2014-10-27 12:40 . 2010-11-20 04:32 4608 ----a-w- c:\windows\system32\drivers\cs-CZ\kbdclass.sys.mui
2014-10-27 12:37 . 2010-11-20 03:18 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2014-10-27 12:36 . 2010-11-20 04:27 18944 ----a-w- c:\windows\system32\spopk.dll
2014-10-27 12:35 . 2010-11-20 04:26 551936 ----a-w- c:\windows\system32\localsec.dll
2014-10-27 11:38 . 2011-08-30 05:25 14173184 ----a-w- c:\windows\system32\shell32.dll
2014-10-27 10:42 . 2014-10-27 10:42 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-27 10:41 . 2014-10-27 10:41 -------- d-----r- c:\program files (x86)\Skype
2014-10-27 09:53 . 2014-10-27 09:53 -------- d-----w- c:\windows\cs
2014-10-27 09:51 . 2010-09-22 23:36 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2014-10-27 09:51 . 2014-10-27 09:51 -------- d-----w- c:\program files\Windows Live
2014-10-27 09:51 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2014-10-27 09:51 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2014-10-27 09:51 . 2009-09-04 16:29 453456 ----a-w- c:\windows\SysWow64\d3dx10_42.dll
2014-10-27 09:51 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2014-10-27 06:46 . 2014-10-27 06:46 469256 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\bb3bf8841cff1b12d\InstallManager_WLE_WLE.exe
2014-10-27 06:46 . 2014-10-27 06:46 15712 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\b16cacc31cff1b122\MeshBetaRemover.exe
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a5e9c52f1cff1b11a\dsetup32.dll
2014-10-27 06:45 . 2014-10-27 06:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DSETUP.dll
2014-10-27 06:45 . 2014-10-27 06:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\DXSETUP.exe
2014-10-27 06:45 . 2014-10-27 06:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\a4e3edd11cff1b119\dsetup32.dll
2014-10-27 06:44 . 2014-10-27 21:47 -------- d-----w- c:\users\Babi a deda\AppData\Local\Windows Live
2014-10-27 05:55 . 2014-10-27 06:39 -------- d-----w- c:\windows\system32\MRT
2014-10-27 05:46 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-27 05:46 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-27 05:45 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{410E0988-DCA5-43EA-AD60-40AF2C7EF2C1}\mpengine.dll
2014-10-27 05:44 . 2014-10-10 01:53 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-27 05:27 . 2014-10-28 16:22 -------- d-----w- c:\windows\system32\catroot2
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\webapprt
2014-10-26 19:47 . 2014-10-11 12:53 220784 ----a-w- c:\program files\sandboxbroker.dll
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\defaults
2014-10-26 19:47 . 2014-10-26 19:47 -------- d-----w- c:\program files\browser
2014-10-26 18:47 . 2014-10-26 19:05 -------- d-----w- C:\AdwCleaner
2014-10-26 12:56 . 2014-10-26 12:56 -------- d-----w- c:\windows\CheckSur
2014-10-26 12:31 . 2014-10-26 12:31 -------- d-----w- c:\windows\system32\EventProviders
2014-10-26 08:21 . 2014-10-26 08:21 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-10-26 08:21 . 2014-10-26 08:21 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-27 16:33 . 2014-10-27 16:33 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-27 16:33 . 2014-10-27 16:33 247296 ----a-w- c:\windows\system32\webcheck.dll
2014-10-27 16:31 . 2014-10-27 16:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-10-27 13:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-10-27 13:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-10-27 09:52 . 2010-06-24 10:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-11 12:54 . 2011-11-21 18:04 25400432 ----a-w- c:\program files\xul.dll
2014-10-11 12:53 . 2013-02-19 12:36 93808 ----a-w- c:\program files\webapprt-stub.exe
2014-10-11 12:53 . 2013-02-19 12:36 91032 ----a-w- c:\program files\webapp-uninstaller.exe
2014-10-11 12:53 . 2011-11-21 18:04 273008 ----a-w- c:\program files\updater.exe
2014-10-11 12:53 . 2011-11-21 18:04 150128 ----a-w- c:\program files\softokn3.dll
2014-10-11 12:53 . 2013-06-10 16:13 28272 ----a-w- c:\program files\plugin-hang-ui.exe
2014-10-11 12:53 . 2011-11-21 18:04 145520 ----a-w- c:\program files\plugin-container.exe
2014-10-11 12:53 . 2011-11-21 18:04 92784 ----a-w- c:\program files\nssdbm3.dll
2014-10-11 12:53 . 2011-11-21 18:04 413296 ----a-w- c:\program files\nssckbi.dll
2014-10-11 12:53 . 2011-11-21 18:04 1568880 ----a-w- c:\program files\nss3.dll
2014-10-11 12:53 . 2011-11-21 18:04 3649648 ----a-w- c:\program files\mozjs.dll
2014-10-11 12:53 . 2013-02-19 12:36 140400 ----a-w- c:\program files\mozglue.dll
2014-10-11 12:53 . 2011-11-21 18:04 19568 ----a-w- c:\program files\mozalloc.dll
2014-10-11 12:53 . 2013-02-19 12:36 185424 ----a-w- c:\program files\maintenanceservice_installer.exe
2014-10-11 12:53 . 2013-02-19 12:36 114288 ----a-w- c:\program files\maintenanceservice.exe
2014-10-11 12:53 . 2011-11-21 18:04 833136 ----a-w- c:\program files\libGLESv2.dll
2014-10-11 12:53 . 2011-11-21 18:04 39024 ----a-w- c:\program files\libEGL.dll
2014-10-11 12:53 . 2014-05-11 08:33 800368 ----a-w- c:\program files\icuuc52.dll
2014-10-11 12:53 . 2014-05-11 08:33 1023600 ----a-w- c:\program files\icuin52.dll
2014-10-11 12:52 . 2014-05-11 08:33 10397296 ----a-w- c:\program files\icudt52.dll
2014-10-11 12:52 . 2013-02-19 12:36 4952176 ----a-w- c:\program files\gkmedias.dll
2014-10-11 12:52 . 2011-11-21 18:04 331376 ----a-w- c:\program files\freebl3.dll
2014-10-11 12:52 . 2011-11-21 18:04 275568 ----a-w- c:\program files\firefox.exe
2014-10-11 12:52 . 2011-11-21 18:04 115312 ----a-w- c:\program files\crashreporter.exe
2014-10-11 12:52 . 2013-02-19 12:36 74864 ----a-w- c:\program files\breakpadinjector.dll
2014-10-11 12:52 . 2011-11-21 18:04 20080 ----a-w- c:\program files\AccessibleMarshal.dll
2014-10-03 09:02 . 2010-04-15 14:03 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-02 14:53 . 2010-03-12 14:25 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 12:45 . 2012-09-29 09:23 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 12:45 . 2011-11-21 18:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 73728 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
2014-09-05 15:25 . 2012-06-26 12:35 53248 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\ARPPRODUCTICON.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
2014-09-05 15:25 . 2012-06-26 12:35 49152 ----a-r- c:\users\Babi a deda\AppData\Roaming\Microsoft\Installer\{7130468A-F53F-4698-8C09-A339EA3B05E6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
2014-08-15 08:46 . 2009-12-27 20:28 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 08:45 . 2014-04-14 16:45 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-15 08:45 . 2014-04-14 16:40 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 08:45 . 2014-08-15 08:45 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 08:45 . 2014-04-14 16:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 08:45 . 2011-08-28 16:01 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 08:45 . 2011-08-28 16:01 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 08:45 . 2009-12-27 20:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 08:45 . 2012-12-01 13:13 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 08:45 . 2014-08-15 08:45 43152 ----a-w- c:\windows\avastSS.scr
2013-08-03 05:55 . 2014-09-16 15:19 3231832 ----a-w- c:\program files\d3dcompiler_46.dll
2010-05-26 18:41 . 2011-11-21 18:04 2106216 ----a-w- c:\program files\D3DCompiler_43.dll
2010-03-18 16:15 . 2013-02-19 12:36 770384 ----a-w- c:\program files\msvcr100.dll
2010-03-18 16:15 . 2013-02-19 12:36 421200 ----a-w- c:\program files\msvcp100.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ICQ"="c:\program files (x86)\ICQ7.5\ICQ.exe" [2011-08-01 124480]
"uTorrent"="c:\users\Babi a deda\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-27 1385808]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-07-27 1157128]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-08-15 4085896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1cac1ea40ea4bef;Služba Google Update (gupdate1cac1ea40ea4bef);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe;c:\program files\eMachines\eMachines Power Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\eMachines\Registration\GregHSRW.exe;c:\program files (x86)\eMachines\Registration\GregHSRW.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
S2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-27 22:17 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 12:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 08:45 634872 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Acer ePower Management"="c:\program files\eMachines\eMachines Power Management\ePowerTray.exe" [2009-08-06 828960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Babi a deda\AppData\Roaming\Mozilla\Firefox\Profiles\yx0upoor.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{707DB484-2428-402D-AFB5-D85B387544C7} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
.
**************************************************************************
.
Completion time: 2014-10-28 17:46:45 - machine was rebooted
ComboFix-quarantined-files.txt 2014-10-28 16:46
ComboFix2.txt 2014-10-27 22:14
ComboFix3.txt 2014-10-27 20:50
.
Pre-Run: Volných bajtu: 89 481 101 312
Post-Run: Volných bajtu: 89 231 245 312
.
- - End Of File - - 5C85DE10691E692AC14C690A7BE882AD
A36C5E4F47E84449FF07ED3517B43A31
Obyčejný uživatel
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internet explorer nezobrazuje Seznam.cz
CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Jaký máte prohlížeč?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Internet explorer nezobrazuje Seznam.cz
tak řešení problému je velice snadné. stačí v IE obnovit výchozí nastavení ( nastavení - možnosti internetu - záložka "upřesnit" - obnovit ).
bohužel nevím, co je tam přesně špatně, ale už to pomohlo více lidem s tímto problémem
bohužel nevím, co je tam přesně špatně, ale už to pomohlo více lidem s tímto problémem
Re: Internet explorer nezobrazuje Seznam.cz
Prohlížeč byl původně IE8, pak jak jsem psal jsem jej přeinstaloval na IE10. V noťasu je i Mozzila i Chrome a v obou seznam.cz fungoval. Návod od achilese pomohl takže děkuji za tchýni jak jemu tak i Rudymu za důkladné vyčištění notebooku. Takže dvakrát velký dík. 
Obyčejný uživatel
-
Rudy
- Site Admin
- Příspěvky: 119547
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internet explorer nezobrazuje Seznam.cz
Za oba: Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?