Packard Bell

[Márty84]

Mel jste kliknout na Opravit, ale vy jste kliknul na Prohledat a udelal tak novy sken

Musite jet presne podle navodu! Jinak si zborite system.

[JanHellsing]

omlouvam se tu je ten log: All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: pocky
->Temp folder emptied: 1199124461 bytes
->Temporary Internet Files folder emptied: 892137 bytes
->FireFox cache emptied: 319555177 bytes
->Flash cache emptied: 57443 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11832 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4827 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 195 bytes
RecycleBin emptied: 1294848 bytes

Total Files Cleaned = 1 451,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: pocky
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service MBAMSwissArmy stopped successfully!
Service MBAMSwissArmy deleted successfully!
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service BBUpdate stopped successfully!
Service BBUpdate deleted successfully!
Service NAUpdate stopped successfully!
Service NAUpdate deleted successfully!
Service LiveUpdateSvc stopped successfully!
Service LiveUpdateSvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\Update folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\Language folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\Database folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome\content folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com\chrome folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\iobitascsurfingprotection@iobit.com folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\images folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin\Img folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0\Plugin folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\1.0.0_0 folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect folder moved successfully.
C:\Program Files (x86)\IObit\Surfing Protection folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection\Database folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\update\Surfing Protection folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\update folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate\Language folder moved successfully.
C:\Program Files (x86)\IObit\LiveUpdate folder moved successfully.
C:\Program Files (x86)\IObit\IObit Uninstaller folder moved successfully.
C:\Program Files (x86)\IObit folder moved successfully.
C:\Windows\zoek-delete.exe moved successfully.
C:\zoek_backup\C_Windows_SysNative_config_systemprofile_Searches folder moved successfully.
C:\zoek_backup\C_Users_pocky_AppData_Roaming_Mozilla_Firefox_Profiles_redm0fjy.default_extensions_{62DD0A97-FDD4-421b-94A5-D1A9434450C7}\chrome\content folder moved successfully.
C:\zoek_backup\C_Users_pocky_AppData_Roaming_Mozilla_Firefox_Profiles_redm0fjy.default_extensions_{62DD0A97-FDD4-421b-94A5-D1A9434450C7}\chrome folder moved successfully.
C:\zoek_backup\C_Users_pocky_AppData_Roaming_Mozilla_Firefox_Profiles_redm0fjy.default_extensions_{62DD0A97-FDD4-421b-94A5-D1A9434450C7} folder moved successfully.
C:\zoek_backup\C_PROGRA~3_{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} folder moved successfully.
C:\zoek_backup\C_PROGRA~3_ProductData folder moved successfully.
C:\zoek_backup folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-348291997-2553807644-535356985-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: iobitascsurfingprotection%40iobit.com:1.0 removed from extensions.enabledAddons
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C}\chrome\content folder moved successfully.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C}\chrome folder moved successfully.
Folder move failed. C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} scheduled to be moved on reboot.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4}\chrome\content folder moved successfully.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4}\chrome folder moved successfully.
Folder move failed. C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} scheduled to be moved on reboot.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\iobitascsurfingprotection@iobit.com\chrome\content folder moved successfully.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\iobitascsurfingprotection@iobit.com\chrome folder moved successfully.
Folder move failed. C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\iobitascsurfingprotection@iobit.com scheduled to be moved on reboot.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\searchplugins\yahoo_ff.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ deleted successfully.
File C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-348291997-2553807644-535356985-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\pocky\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Registrycleaner\backup folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Registrycleaner folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\ProgramDeactivator folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Log folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Internet Booster folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Homepage Protection folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\EmptyFolder folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Boottime folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7\Backup folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit\Advanced SystemCare V7 folder moved successfully.
C:\Users\pocky\AppData\Roaming\IObit folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP112F.tmp\System.Speech.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP112F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6543.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6543.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP88BE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC49B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1821.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP4615.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE013.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSIE96A.tmp deleted successfully.
File C:\Users\pocky\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe not found.
File C:\Users\pocky\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe not found.
File C:\Users\pocky\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Codec Settings UAC Manager deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 11192014_203008

Files\Folders moved on Reboot...
C:\Users\pocky\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\pocky\AppData\Local\Temp\MMDUtl.log moved successfully.
C:\Users\pocky\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\LMutilps32.log scheduled to be moved on reboot.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} folder moved successfully.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} folder moved successfully.
C:\Users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\extensions\iobitascsurfingprotection@iobit.com folder moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[JanHellsing]

pc rychlejsi trosku ale povod problemu stejny stale mi pada hra ted i pri dosazeni lvl1

[Márty84]

Pokud je problem jen s hrou, je to problem her samotnych. S tim asi nic nenadelam.


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[JanHellsing]

ComboFix 14-11-18.01 - pocky 21.11.2014 5:28.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3932.2102 [GMT 1:00]
Spuštěný z: c:\users\pocky\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\logs\scecomp.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-21 do 2014-11-21 )))))))))))))))))))))))))))))))
.
.
2014-11-21 04:32 . 2014-11-21 04:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-20 18:25 . 2014-11-20 18:25 -------- d-----w- c:\program files\Defraggler
2014-11-19 18:43 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 18:43 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 18:43 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 18:43 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-16 20:35 . 2014-11-16 20:35 -------- d-----w- c:\windows\ERUNT
2014-11-16 20:10 . 2014-11-18 17:17 -------- d-----w- c:\program files\trend micro
2014-11-16 19:47 . 2014-11-20 20:04 -------- d-----w- c:\program files (x86)\Ascaron Entertainment
2014-11-16 18:43 . 2014-11-16 18:43 -------- d-----w- c:\program files (x86)\3DO
2014-11-16 18:43 . 2014-11-16 18:43 -------- d-----w- c:\program files (x86)\Ubisoft
2014-11-16 18:00 . 2014-11-16 18:00 -------- d-----w- c:\program files\CCleaner
2014-11-16 16:46 . 2014-11-16 16:46 -------- d-----w- c:\program files (x86)\Cheat Engine 6.4
2014-11-13 19:51 . 2014-11-16 18:11 -------- d-----w- c:\windows\SysWow64\C2MP
2014-11-13 19:24 . 2009-07-05 20:33 50688 ----a-w- c:\windows\SysWow64\ff_acm.acm
2014-11-13 19:24 . 2014-11-13 19:24 -------- d-----w- c:\program files (x86)\ffdshow
2014-11-13 19:24 . 2009-07-05 20:33 60273 ----a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-11-12 15:49 . 2014-11-07 19:49 388272 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-12 15:48 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 15:47 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-12 15:47 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 15:47 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-12 15:47 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 15:47 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-09 02:04 . 2014-11-09 02:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-11-08 20:05 . 1998-05-11 19:01 240944 ----a-w- c:\windows\SysWow64\RICHED.DLL
2014-11-08 19:37 . 2014-11-20 20:03 -------- d-----w- c:\program files (x86)\Freebox V3
2014-11-08 19:33 . 2014-11-08 19:33 -------- d-----w- c:\users\Public\Foxit Software
2014-11-08 19:32 . 2014-11-08 19:32 -------- d-----w- c:\program files (x86)\Foxit Software
2014-11-08 15:00 . 2014-11-08 15:07 -------- d-----w- C:\Games
2014-11-08 10:46 . 2014-11-08 10:46 -------- d-----w- c:\program files\Microsoft Office
2014-11-08 10:46 . 2014-11-08 10:46 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-11-08 10:45 . 2014-11-13 05:07 -------- d-----w- c:\programdata\Microsoft Help
2014-11-08 10:45 . 2014-11-08 10:45 -------- d-----r- C:\MSOCache
2014-11-07 19:43 . 2014-11-16 16:29 -------- d-----w- c:\program files (x86)\Wings Over Europe
2014-11-07 19:40 . 2014-11-07 19:40 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-07 19:40 . 2014-11-07 19:40 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-11-07 19:38 . 2014-11-07 19:42 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-11-05 16:38 . 2014-11-05 16:45 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-11-05 16:38 . 2014-11-16 16:40 -------- d-----w- c:\program files (x86)\Steam
2014-11-03 01:43 . 2007-09-07 16:33 135168 ----a-w- c:\windows\SysWow64\EEBAPI.dll
2014-11-03 01:24 . 2007-04-10 00:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2014-11-03 01:24 . 2011-04-20 02:03 120320 ----a-w- c:\windows\system32\E_ILMILE.DLL
2014-11-03 01:24 . 2011-03-15 02:03 83968 ----a-w- c:\windows\system32\E_ID4BILE.DLL
2014-11-03 01:20 . 2014-11-03 01:20 -------- d-----w- c:\program files (x86)\EPSON Software
2014-11-03 01:15 . 2014-11-03 01:43 -------- d-----w- c:\programdata\EPSON
2014-11-03 01:14 . 2012-07-23 23:00 466432 ----a-w- c:\windows\system32\esxw2ud.dll
2014-11-03 01:14 . 2011-12-11 23:00 135824 ----a-w- c:\windows\system32\escsvc64.exe
2014-11-03 01:14 . 2014-11-03 01:14 -------- d-----w- c:\program files (x86)\epson
2014-11-02 10:14 . 2014-11-02 10:14 -------- d-----w- c:\programdata\O2 Internet
2014-11-02 10:14 . 2012-08-20 00:37 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2014-11-02 10:14 . 2012-08-20 00:37 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2014-11-02 10:13 . 2014-11-02 14:19 -------- d-----w- c:\programdata\DatacardService
2014-11-02 04:03 . 2014-08-29 02:07 44032 ----a-w- c:\windows\system32\tsgqec.dll
2014-11-02 04:03 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-11-02 04:03 . 2014-08-29 02:07 322560 ----a-w- c:\windows\system32\aaclient.dll
2014-11-02 04:03 . 2014-08-29 02:06 1125888 ----a-w- c:\windows\system32\mstsc.exe
2014-11-02 04:03 . 2014-08-29 01:44 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2014-11-02 04:03 . 2014-08-29 01:44 1050112 ----a-w- c:\windows\SysWow64\mstsc.exe
2014-11-02 04:03 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-11-02 04:03 . 2014-08-29 02:07 5780480 ----a-w- c:\windows\system32\mstscax.dll
2014-11-02 04:03 . 2014-08-29 01:44 4922368 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-11-02 04:03 . 2014-08-29 01:44 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-11-01 09:25 . 2014-11-01 09:25 -------- d-----w- c:\programdata\Acer
2014-10-31 02:01 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-10-31 02:01 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-10-30 13:37 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-10-30 13:37 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-10-30 13:30 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-10-30 13:30 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-10-30 13:30 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-10-30 13:30 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-10-30 10:52 . 2014-11-18 05:56 -------- d-----w- c:\windows\system32\drivers\NISx64\1309010.00E
2014-10-30 09:20 . 2014-10-30 20:25 -------- d-----w- c:\program files (x86)\Scorpions WinCheater
2014-10-30 08:47 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-10-30 08:47 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-10-30 08:47 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-30 08:47 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-10-30 08:47 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-10-30 08:38 . 2014-10-30 08:38 -------- d-----w- c:\windows\Migration
2014-10-30 08:27 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-30 08:15 . 2014-10-30 08:15 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-30 07:53 . 2014-11-13 05:23 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-30 07:53 . 2014-10-30 07:53 -------- d-----w- c:\windows\SysWow64\Wat
2014-10-30 07:53 . 2014-10-30 07:53 -------- d-----w- c:\windows\system32\Wat
2014-10-30 07:01 . 2014-10-30 07:01 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-30 07:01 . 2014-10-30 07:01 -------- d-----r- c:\program files (x86)\Skype
2014-10-30 04:03 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-10-30 02:52 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-10-30 02:52 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-10-30 02:52 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-10-30 02:52 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-10-30 02:52 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-10-30 02:52 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-10-30 02:52 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-10-30 02:38 . 2014-10-30 02:38 -------- d-----w- c:\program files\Microsoft Silverlight
2014-10-30 02:38 . 2014-10-30 02:38 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-10-30 02:01 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-10-30 02:01 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-10-30 02:01 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-10-30 02:01 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-10-30 02:01 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-10-30 02:01 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-10-30 02:01 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-10-30 02:01 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-10-29 09:19 . 2014-02-17 12:41 27456 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-10-29 09:08 . 2014-11-14 19:31 -------- d-----w- c:\programdata\IObit
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\SysWow64\cs
2014-10-29 05:24 . 2014-10-30 20:28 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\SysWow64\XPSViewer
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\system32\cs
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\cs-CZ
2014-10-29 05:24 . 2014-10-30 20:28 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2014-10-29 05:24 . 2014-10-30 07:53 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2014-10-29 05:23 . 2014-10-29 05:23 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui
2014-10-29 05:18 . 2014-10-29 05:18 -------- d-----w- c:\windows\NAPP_Dism_Log
2014-10-29 03:39 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-29 03:39 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-29 03:16 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-10-29 03:16 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-10-29 03:16 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-10-29 03:16 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-10-29 03:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-11 22:57 . 2012-06-07 17:52 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 22:57 . 2012-06-07 17:52 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-30 08:20 . 2014-10-30 08:20 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-30 08:20 . 2014-10-30 08:20 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-10-29 05:23 . 2014-10-29 05:23 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2014-10-29 05:23 . 2014-10-29 05:23 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2014-10-28 21:25 . 2011-03-29 01:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-09-28 02:12 . 2014-09-28 02:12 45400 ----a-w- c:\windows\SysWow64\DiscHandler.exe.new
2014-09-19 09:23 . 2014-11-12 15:48 248832 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE" [2012-02-29 283232]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-10-30 6501656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-23 1105488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2014-8-13 48720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20141118.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20141120.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20141120.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
S3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-23 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-23 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-23 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2014-10-28 7138816]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2012-02-07 1829768]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://packardbell.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{50F69834-5CD2-4370-BC7B-D23A62B76AB2}: NameServer = 160.218.167.5 160.218.161.60
TCP: Interfaces\{C74490FC-AC1E-4A7E-A2D7-B90FF9605EC5}: NameServer = 160.218.167.5 160.218.161.60
FF - ProfilePath - c:\users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_223.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\programdata\DatacardService\DCSHelper.exe
c:\program files (x86)\O2 Internet\O2 Internet.exe
c:\programdata\O2 Internet\OnlineUpdate\ouc.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2014-11-21 05:41:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-21 04:41
.
Před spuštěním: Volných bajtů: 171 554 062 336
Po spuštění: Volných bajtů: 171 374 047 232
.
- - End Of File - - 082EDE0E4749CC951D91696591794ED8

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\IObit

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[JanHellsing]

ComboFix 14-11-18.01 - pocky 21.11.2014 18:24:20.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3932.2417 [GMT 1:00]
Spuštěný z: c:\users\pocky\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pocky\Desktop\CFScript.txt
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\IObit
c:\programdata\IObit\Advanced SystemCare V7\AntivirusConfig.ini
c:\programdata\IObit\Advanced SystemCare V7\App.bk
c:\programdata\IObit\Advanced SystemCare V7\AscService.ini
c:\programdata\IObit\Advanced SystemCare V7\EApp.bk
c:\programdata\IObit\Advanced SystemCare V7\Ext.dat
c:\programdata\IObit\Advanced SystemCare V7\HealthLevel.ini
c:\programdata\IObit\Advanced SystemCare V7\Homepage Protection\ASCService.log
c:\programdata\IObit\Advanced SystemCare V7\Homepage Protection\homepage.log
c:\programdata\IObit\Advanced SystemCare V7\License.dat
c:\programdata\IObit\Advanced SystemCare V7\ReinforceData.ini
c:\programdata\IObit\Advanced SystemCare V7\temp.ini
c:\programdata\IObit\Advanced SystemCare V7\temp.iniCopy
c:\programdata\IObit\Advanced SystemCare V7\User_UndeleteReg.dat
c:\programdata\IObit\ASCDownloader\ASC7_UserConfig.ini
c:\programdata\IObit\ASCDownloader\ASCSetup.exe
c:\programdata\IObit\ASCDownloader\ASCSetup.exe.dat
c:\programdata\IObit\ASCDownloader\Country.dat
c:\programdata\IObit\ASCDownloader\Downloader.log
c:\programdata\IObit\ASCDownloader\Update.upt
c:\programdata\IObit\ASCDownloader\Update.upt.dat
c:\programdata\IObit\Install.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-21 do 2014-11-21 )))))))))))))))))))))))))))))))
.
.
2014-11-21 17:28 . 2014-11-21 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-20 18:25 . 2014-11-20 18:25 -------- d-----w- c:\program files\Defraggler
2014-11-19 18:43 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 18:43 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 18:43 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 18:43 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-16 20:35 . 2014-11-16 20:35 -------- d-----w- c:\windows\ERUNT
2014-11-16 20:10 . 2014-11-18 17:17 -------- d-----w- c:\program files\trend micro
2014-11-16 19:47 . 2014-11-20 20:04 -------- d-----w- c:\program files (x86)\Ascaron Entertainment
2014-11-16 18:43 . 2014-11-16 18:43 -------- d-----w- c:\program files (x86)\3DO
2014-11-16 18:43 . 2014-11-16 18:43 -------- d-----w- c:\program files (x86)\Ubisoft
2014-11-16 18:00 . 2014-11-16 18:00 -------- d-----w- c:\program files\CCleaner
2014-11-16 16:46 . 2014-11-16 16:46 -------- d-----w- c:\program files (x86)\Cheat Engine 6.4
2014-11-13 19:51 . 2014-11-16 18:11 -------- d-----w- c:\windows\SysWow64\C2MP
2014-11-13 19:24 . 2009-07-05 20:33 50688 ----a-w- c:\windows\SysWow64\ff_acm.acm
2014-11-13 19:24 . 2014-11-13 19:24 -------- d-----w- c:\program files (x86)\ffdshow
2014-11-13 19:24 . 2009-07-05 20:33 60273 ----a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-11-12 15:49 . 2014-11-07 19:49 388272 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-12 15:48 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 15:47 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-12 15:47 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 15:47 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-12 15:47 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 15:47 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-09 02:04 . 2014-11-09 02:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-11-08 20:05 . 1998-05-11 19:01 240944 ----a-w- c:\windows\SysWow64\RICHED.DLL
2014-11-08 19:37 . 2014-11-20 20:03 -------- d-----w- c:\program files (x86)\Freebox V3
2014-11-08 19:33 . 2014-11-08 19:33 -------- d-----w- c:\users\Public\Foxit Software
2014-11-08 19:32 . 2014-11-08 19:32 -------- d-----w- c:\program files (x86)\Foxit Software
2014-11-08 15:00 . 2014-11-08 15:07 -------- d-----w- C:\Games
2014-11-08 10:46 . 2014-11-08 10:46 -------- d-----w- c:\program files\Microsoft Office
2014-11-08 10:46 . 2014-11-08 10:46 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-11-08 10:45 . 2014-11-13 05:07 -------- d-----w- c:\programdata\Microsoft Help
2014-11-08 10:45 . 2014-11-08 10:45 -------- d-----r- C:\MSOCache
2014-11-07 19:43 . 2014-11-16 16:29 -------- d-----w- c:\program files (x86)\Wings Over Europe
2014-11-07 19:40 . 2014-11-07 19:40 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-11-07 19:40 . 2014-11-07 19:40 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-11-07 19:38 . 2014-11-07 19:42 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-11-05 16:38 . 2014-11-05 16:45 -------- d-----w- c:\program files (x86)\Common Files\Steam
2014-11-05 16:38 . 2014-11-16 16:40 -------- d-----w- c:\program files (x86)\Steam
2014-11-03 01:43 . 2007-09-07 16:33 135168 ----a-w- c:\windows\SysWow64\EEBAPI.dll
2014-11-03 01:24 . 2007-04-10 00:06 10752 ----a-w- c:\windows\system32\E_GCINST.DLL
2014-11-03 01:24 . 2011-04-20 02:03 120320 ----a-w- c:\windows\system32\E_ILMILE.DLL
2014-11-03 01:24 . 2011-03-15 02:03 83968 ----a-w- c:\windows\system32\E_ID4BILE.DLL
2014-11-03 01:20 . 2014-11-03 01:20 -------- d-----w- c:\program files (x86)\EPSON Software
2014-11-03 01:15 . 2014-11-03 01:43 -------- d-----w- c:\programdata\EPSON
2014-11-03 01:14 . 2012-07-23 23:00 466432 ----a-w- c:\windows\system32\esxw2ud.dll
2014-11-03 01:14 . 2011-12-11 23:00 135824 ----a-w- c:\windows\system32\escsvc64.exe
2014-11-03 01:14 . 2014-11-03 01:14 -------- d-----w- c:\program files (x86)\epson
2014-11-02 10:14 . 2014-11-02 10:14 -------- d-----w- c:\programdata\O2 Internet
2014-11-02 10:14 . 2012-08-20 00:37 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2014-11-02 10:14 . 2012-08-20 00:37 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2014-11-02 10:13 . 2014-11-02 14:19 -------- d-----w- c:\programdata\DatacardService
2014-11-02 04:03 . 2014-08-29 02:07 44032 ----a-w- c:\windows\system32\tsgqec.dll
2014-11-02 04:03 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-11-02 04:03 . 2014-08-29 02:07 322560 ----a-w- c:\windows\system32\aaclient.dll
2014-11-02 04:03 . 2014-08-29 02:06 1125888 ----a-w- c:\windows\system32\mstsc.exe
2014-11-02 04:03 . 2014-08-29 01:44 37376 ----a-w- c:\windows\SysWow64\tsgqec.dll
2014-11-02 04:03 . 2014-08-29 01:44 1050112 ----a-w- c:\windows\SysWow64\mstsc.exe
2014-11-02 04:03 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-11-02 04:03 . 2014-08-29 02:07 5780480 ----a-w- c:\windows\system32\mstscax.dll
2014-11-02 04:03 . 2014-08-29 01:44 4922368 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-11-02 04:03 . 2014-08-29 01:44 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-11-01 09:25 . 2014-11-01 09:25 -------- d-----w- c:\programdata\Acer
2014-10-31 02:01 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-10-31 02:01 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-10-30 13:37 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2014-10-30 13:37 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2014-10-30 13:30 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-10-30 13:30 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-10-30 13:30 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-10-30 13:30 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-10-30 10:52 . 2014-11-18 05:56 -------- d-----w- c:\windows\system32\drivers\NISx64\1309010.00E
2014-10-30 09:20 . 2014-10-30 20:25 -------- d-----w- c:\program files (x86)\Scorpions WinCheater
2014-10-30 08:47 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-10-30 08:47 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-10-30 08:47 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-30 08:47 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-10-30 08:47 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-10-30 08:38 . 2014-10-30 08:38 -------- d-----w- c:\windows\Migration
2014-10-30 08:27 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-30 08:15 . 2014-10-30 08:15 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-30 07:53 . 2014-11-13 05:23 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-30 07:53 . 2014-10-30 07:53 -------- d-----w- c:\windows\SysWow64\Wat
2014-10-30 07:53 . 2014-10-30 07:53 -------- d-----w- c:\windows\system32\Wat
2014-10-30 07:01 . 2014-10-30 07:01 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-30 07:01 . 2014-10-30 07:01 -------- d-----r- c:\program files (x86)\Skype
2014-10-30 04:03 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-10-30 02:52 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-10-30 02:52 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-10-30 02:52 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-10-30 02:52 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-10-30 02:52 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-10-30 02:52 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-10-30 02:52 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-10-30 02:38 . 2014-10-30 02:38 -------- d-----w- c:\program files\Microsoft Silverlight
2014-10-30 02:38 . 2014-10-30 02:38 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-10-30 02:01 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-10-30 02:01 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-10-30 02:01 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-10-30 02:01 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-10-30 02:01 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-10-30 02:01 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-10-30 02:01 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-10-30 02:01 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-10-29 09:19 . 2014-02-17 12:41 27456 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\SysWow64\cs
2014-10-29 05:24 . 2014-10-30 20:28 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\SysWow64\XPSViewer
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\system32\cs
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\cs-CZ
2014-10-29 05:24 . 2014-10-30 20:28 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2014-10-29 05:24 . 2014-10-30 07:53 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2014-10-29 05:24 . 2014-10-29 05:24 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2014-10-29 05:23 . 2014-10-29 05:23 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui
2014-10-29 05:18 . 2014-10-29 05:18 -------- d-----w- c:\windows\NAPP_Dism_Log
2014-10-29 03:39 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-29 03:39 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-29 03:16 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-10-29 03:16 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-10-29 03:16 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-10-29 03:16 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-10-29 03:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-10-29 03:16 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-11 22:57 . 2012-06-07 17:52 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 22:57 . 2012-06-07 17:52 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-10-30 08:20 . 2014-10-30 08:20 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-30 08:20 . 2014-10-30 08:20 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-10-29 05:23 . 2014-10-29 05:23 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2014-10-29 05:23 . 2014-10-29 05:23 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2014-10-29 05:23 . 2014-10-29 05:23 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2014-10-28 21:25 . 2011-03-29 01:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-09-28 02:12 . 2014-09-28 02:12 45400 ----a-w- c:\windows\SysWow64\DiscHandler.exe.new
2014-09-19 09:23 . 2014-11-12 15:48 248832 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE" [2012-02-29 283232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-23 1105488]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2014-8-13 48720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20141118.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20141118.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20141120.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20141120.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdbd.sys [x]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys;c:\windows\SYSNATIVE\DRIVERS\b57xdmp.sys [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiMSa.sys [x]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys;c:\windows\SYSNATIVE\DRIVERS\bScsiSDa.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
S3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-23 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-23 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-23 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2014-10-28 7138816]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2012-02-07 1829768]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://packardbell.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{50F69834-5CD2-4370-BC7B-D23A62B76AB2}: NameServer = 160.218.167.5 160.218.161.60
TCP: Interfaces\{C74490FC-AC1E-4A7E-A2D7-B90FF9605EC5}: NameServer = 160.218.167.5 160.218.161.60
FF - ProfilePath - c:\users\pocky\AppData\Roaming\Mozilla\Firefox\Profiles\redm0fjy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_223_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_223_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\programdata\DatacardService\DCSHelper.exe
c:\program files (x86)\O2 Internet\O2 Internet.exe
c:\programdata\O2 Internet\OnlineUpdate\ouc.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2014-11-21 18:34:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-21 17:34
ComboFix2.txt 2014-11-21 04:41
.
Před spuštěním: Volných bajtů: 171 435 380 736
Po spuštění: Volných bajtů: 171 370 856 448
.
- - End Of File - - 147B27D1DE9502D490CFCD16355F684A

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Nastala nejaka zmena?

[JanHellsing]

mno zmeny jako takove sem si nejak extra nevsiml

[Márty84]

PC je cisty. Havet nikde nevidno. Cili pokud problem stale trva, bude to problem s necim legitimnim. A to se hleda obtizne.

Co tedy konkretne nejde?

[JanHellsing]

konkretne nejdou nektere hry at uz instalovane v pc nebo online.. a tyto hry mi do nedavna slapaly v pohode mam dojem ze je poskodilo neco co jsem instaloval ale nevim to jiste... samozrejme sem zkousel viz u Port Royale 2 reinstal z jineho media ale taktez problem pretrvava... ovsem pokud zde hry neresite uvital bych alespon odkaz na forum kde by mi z tim mohli pomoci diky

[Márty84]

mam dojem ze je poskodilo neco co jsem instaloval ale nevim to jiste

Tak to zkuste odinstalovat. Pripadne je tu jeste moznost pouzit bod obnovy s datem, nez problemy zacly.


http://forum.viry.cz/viewtopic.php?f=5&t=64194

[JanHellsing]

jo supr dik za odkazy

[Márty84]

Neni zac

Pak treba napiste, co poradili