Prosím o kontrolu logu

[Cabaaa]

Dobrý den,

mám problém s vyskakujícími reklamami Express Find Ads.

Zde je můj log z ComboFix:

ComboFix 15-04-01.01 - Čupakabra 08.04.2015 13:37:05.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8053.5676 [GMT 2:00]
Spuštěný z: c:\users\Lupakabra\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_ctypes.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_elementtree.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_hashlib.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_multiprocessing.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_socket.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_ssl.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\_yappi.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\hashobjs_ext.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\pyexpat.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\pysqlite2._sqlite.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\python27.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\pythoncom27.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\PyWinTypes27.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\select.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\unicodedata.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32api.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32com.shell.shell.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32crypt.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32event.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32file.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32gui.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32inet.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32pdh.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32pipe.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32process.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32profile.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32security.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\win32ts.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\windows._lib_cacheinvalidation.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._animate.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._controls_.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._core_.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._gdi_.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._html2.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._misc_.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._windows_.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wx._wizard.pyd
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wxbase294u_net_vc90.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wxbase294u_vc90.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wxmsw294u_adv_vc90.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wxmsw294u_core_vc90.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wxmsw294u_html_vc90.dll
c:\users\Čupakabra\AppData\Local\Temp\_MEI21402\wxmsw294u_webview_vc90.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_ctypes.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_elementtree.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_hashlib.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_multiprocessing.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_socket.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_ssl.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\_yappi.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\hashobjs_ext.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\pyexpat.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\pysqlite2._sqlite.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\python27.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\pythoncom27.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\PyWinTypes27.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\select.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\unicodedata.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32api.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32com.shell.shell.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32crypt.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32event.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32file.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32gui.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32inet.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32pdh.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32pipe.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32process.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32profile.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32security.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\win32ts.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\windows._lib_cacheinvalidation.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._animate.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._controls_.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._core_.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._gdi_.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._html2.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._misc_.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._windows_.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wx._wizard.pyd
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wxbase294u_net_vc90.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wxbase294u_vc90.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wxmsw294u_adv_vc90.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wxmsw294u_core_vc90.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wxmsw294u_html_vc90.dll
c:\users\UPAKAB~1\AppData\Local\Temp\_MEI21402\wxmsw294u_webview_vc90.dll
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-08 do 2015-04-08 )))))))))))))))))))))))))))))))
.
.
2015-04-08 11:40 . 2015-04-08 11:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-08 11:30 . 2015-04-08 11:30 110080 ----a-r- c:\users\Čupakabra\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe
2015-04-08 11:30 . 2015-04-08 11:30 110080 ----a-r- c:\users\Čupakabra\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe
2015-04-08 11:30 . 2015-04-08 11:30 -------- d-----w- C:\sh4ldr
2015-04-08 11:27 . 2015-04-08 11:27 -------- d-----w- c:\program files (x86)\Enigma Software Group
2015-04-08 11:26 . 2015-04-08 11:30 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-04-08 11:26 . 2015-04-08 11:26 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2015-04-08 10:43 . 2015-04-08 11:28 -------- d-----w- c:\programdata\MFAData
2015-04-08 10:43 . 2015-04-08 10:43 -------- d--h--w- c:\programdata\Common Files
2015-04-08 10:43 . 2015-04-08 10:43 -------- d-----w- c:\users\Čupakabra\AppData\Local\MFAData
2015-04-08 10:43 . 2015-04-08 10:43 -------- d-----w- c:\users\Čupakabra\AppData\Local\Avg2015
2015-04-08 10:36 . 2015-04-08 10:36 12872 ----a-w- c:\windows\system32\bootdelete.exe
2015-04-08 10:33 . 2015-04-08 10:36 -------- d-----w- c:\programdata\HitmanPro
2015-04-08 10:23 . 2015-04-08 10:23 -------- d-----w- C:\RegBackup
2015-04-08 10:20 . 2015-04-08 11:00 -------- d-----w- C:\AdwCleaner
2015-04-08 10:06 . 2015-04-08 10:48 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-08 10:05 . 2015-04-08 10:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-08 10:05 . 2015-04-08 10:05 -------- d-----w- c:\programdata\Malwarebytes
2015-04-08 10:05 . 2015-03-17 04:15 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-08 10:05 . 2015-03-17 04:15 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-08 10:05 . 2015-03-17 04:15 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-08 09:32 . 2015-04-08 09:32 -------- d-----w- c:\users\Čupakabra\AppData\Local\Norman Malware Cleaner
2015-04-07 12:13 . 2015-03-14 10:02 12002392 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FF718267-F19D-45E8-B0CA-D131DC8BB1EB}\mpengine.dll
2015-04-07 11:56 . 2015-04-07 11:56 -------- d-----w- c:\program files (x86)\Disc Soft
2015-04-07 11:54 . 2015-04-07 11:54 30352 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-04-07 11:54 . 2015-04-07 11:56 -------- d-----w- c:\program files\DAEMON Tools Lite
2015-04-05 01:00 . 2015-04-05 01:00 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-05 01:00 . 2015-04-05 01:00 -------- d-s---w- c:\windows\system32\GWX
2015-03-25 00:26 . 2015-03-11 04:06 677888 ----a-w- c:\windows\system32\generaltel.dll
2015-03-25 00:26 . 2015-03-11 04:06 760832 ----a-w- c:\windows\system32\invagent.dll
2015-03-25 00:26 . 2015-03-11 04:06 414720 ----a-w- c:\windows\system32\devinv.dll
2015-03-25 00:26 . 2015-03-11 04:06 943616 ----a-w- c:\windows\system32\appraiser.dll
2015-03-25 00:26 . 2015-03-11 04:05 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-03-25 00:26 . 2015-03-11 04:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-03-25 00:26 . 2015-03-11 04:05 192000 ----a-w- c:\windows\system32\aepic.dll
2015-03-25 00:26 . 2015-03-11 04:02 1107456 ----a-w- c:\windows\system32\aeinv.dll
2015-03-23 10:27 . 2015-03-23 10:27 -------- d-----w- c:\programdata\AltrixSoft
2015-03-23 10:25 . 2015-03-23 14:18 -------- d-----w- c:\program files (x86)\Common Files\AltrixSoft
2015-03-19 10:52 . 2015-03-19 10:52 -------- d-----w- c:\users\Čupakabra\AppData\Roaming\TeamViewer
2015-03-19 10:44 . 2015-03-19 10:44 -------- d-----w- c:\program files (x86)\TeamViewer
2015-03-18 14:14 . 2015-03-18 14:14 -------- d-----w- c:\users\Čupakabra\AppData\Roaming\OpenOffice
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-14 02:00 . 2015-01-07 08:56 122905848 ----a-w- c:\windows\system32\MRT.exe
2015-03-06 05:42 . 2015-03-13 11:06 341504 ----a-w- c:\windows\system32\schannel.dll
2015-03-06 05:10 . 2015-03-13 11:06 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-02-24 03:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-01-27 23:36 . 2015-02-11 14:25 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-01-09 03:14 . 2015-02-25 19:17 91136 ----a-w- c:\windows\system32\wdi.dll
2015-01-09 03:14 . 2015-02-25 19:17 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-01-09 03:14 . 2015-02-25 19:17 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-01-09 02:48 . 2015-02-25 19:17 76800 ----a-w- c:\windows\SysWow64\wdi.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2015-02-19 26232152]
"Eye-Fi"="c:\program files (x86)\Eye-Fi\EyeFiReceiver.exe" [2014-12-03 3260528]
"Spotify Web Helper"="c:\users\Čupakabra\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-03-13 1959992]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-01-20 7404312]
"Spotify"="c:\users\Čupakabra\AppData\Roaming\Spotify\Spotify.exe" [2015-03-13 6611512]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2015-02-27 5583120]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848]
"WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2014-11-14 5562736]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2014-12-03 41360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2014-12-03 840592]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
i1Profiler Tray.lnk - c:\program files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe [2014-11-19 2519552]
XRGamma.lnk - c:\program files (x86)\X-Rite\i1Profiler\XRGamma.exe [2014-11-19 802816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 EyeOne;EyeOne;c:\windows\system32\Drivers\i1_x64.sys;c:\windows\SYSNATIVE\Drivers\i1_x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 cnnctfy3;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy3.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy3.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files (x86)\Cobian Backup 11\cbService.exe;c:\program files (x86)\Cobian Backup 11\cbService.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe;c:\programdata\HandSetService\HuaweiHiSuiteService64.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\AirLive\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\AirLive\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE;c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
S2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
S2 xrdd.exe;X-Rite Device Services Manager;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe;c:\program files (x86)\X-Rite\Devices\Services\xrdd.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-03 18:28 1061704 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-19 16:11]
.
2015-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-19 16:11]
.
2015-04-08 c:\windows\Tasks\X-Rite Device Services Software Updater.job
- c:\program files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2014-06-23 16:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24 774472 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-03-14 13671792]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-04-11 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-03-28 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-03-28 1225920]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"MITSUBISHI CP70D Series(USB)"="c:\windows\system32\spool\DRIVERS\x64\3\CPD70NM.EXE" [2010-08-17 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-01-27 169768]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{CE808FDF-4B4A-4C96-8987-61B37AC948CE}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\AirLive\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
.
**************************************************************************
.
Celkový čas: 2015-04-08 13:41:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-04-08 11:41
ComboFix2.txt 2015-04-08 09:59
.
Před spuštěním: Volných bajtů: 116 328 685 568
Po spuštění: Volných bajtů: 116 094 951 424
.
- - End Of File - - C6D61E934DA064C5A260D2E1BB003260
A36C5E4F47E84449FF07ED3517B43A31





Moc děkuji,
Jakub

[Rudy]

Zdravím!
Log vám kontrolován nebude, protože jste se opakovaně dopustil spuštění CF, aniž by vám to doporučil rádce. CF je profesionální utilita, kterou si laik můž poškodit systém, nebo některou aplikaci a my tu njsm od toho, abychm navíc opravovali váš případně poškozený systém. Je to uvedno v pravidlech fóra: http://forum.viry.cz/viewtopic.php?f=12&t=5601 (bod 3.). Pro příště: Budete-li chtít poradit, řiďte se pokyny v oranžovém rámečku v záhlaví.
Uděluji vám varování 2. st, pro opakované porušení pravidel.

[Cabaaa]

Dobrý den,

za porušení pravidel se omlouvám, moc se tady v tom nevyznám. Samozřejmě to nebylo záměrně. A čím jsem pravidla porušil opakovaně? Přihlásil jsem se na toto fórum po letech a nejsem si vědom žádných dalších postů z mé strany.

Přeji pěkný zbytek dne,
Jakub

[Rudy]

On si vás poznamenal i kolega, který rovněž odmítl váš problém řešit. Bylo to asi hodinu před mnou. Faktem ale zůstává, že vás pravidla fóra nezajímají.

[Cabaaa]

Nejde o nezájem o pravidla, to bych chtěl upřesnit. Když vám padá prohlížeč a vyskakují nová a nová okna, jste rád, že vůbec vložíte log a doufáte v pomoc. Neříkám, že se z mé strany nejedná o hloupost, nicméně bych čekal trochu pochopení. Naštěstí existují i lidé, kteří toto chápou a díky nimž můj počítač opět funguje jak má.

[Rudy]

Pak není, co řešit. My se pouze chráníme vůči samoléčitelům ComboFixem, kteří neví, co ta utilta dokáže. Bez předchozí kontroly RSIT, nebo FRST (utility samy nemaží) si ho ani my nedovolíme spustit. Opravdu už nechci zažít různé opravy systému po svévolném použití CF. Z toho právě vzniklo toto pravidlo. Není to šikana, měříme každému stejně.