eshield.com zrušil internet

[bart.dedek]

Po jedné instalaci jsem natáhnul do manželčina počítače tenhle balast a zrušil si přístup na místní síť i internet.Po pár zaručených rad jsem odinstaloval a očistil PC,výsledek ovšem nula.Pomohlo až odinstalování a opětovném instalování ovladače síťové karty.Po restartu opět bez možnosti internetu.Jelikož moje žena pracuje přes VPN,jde mi opravdu o život .Prosím o pomoc.Log


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:16, on 14.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Rising\RSD\popwndexe.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\dinotify.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
C:\Program Files\Cisco Systems\VPN Client\ipseclog.exe
C:\Windows\system32\mstsc.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: QPMIEHelper - {50F4150A-48B2-417A-BE4C-C83F580FB904} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [adm_tray.exe] C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [RSDTRAY] "C:\Program Files\Rising\RSD\popwndexe.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Software Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: VPN Client.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED35E74C-AE3F-4D50-90F0-1F9389DFAF5D}: Domain = heunisch-guss.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED35E74C-AE3F-4D50-90F0-1F9389DFAF5D}: NameServer = 172.30.1.2,172.30.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = heunisch-guss.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = heunisch-guss.cz
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
O23 - Service: MonectServerService - Monect - C:\Program Files\MonectHost\MonectServerService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Rsd Service (RsMgrSvc) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\RSD\RsMgrSvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - C:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 6453 bytes

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner[C?].txt, ten sem vlozte

[bart.dedek]

zase mě zlobí net,tak tady je log z Adw

# AdwCleaner v5.013 - Logfile created 14/10/2015 at 19:49:11
# Updated 09/10/2015 by Xplode
# Database : 2015-10-13.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : Lenovo - LENOVO-PC
# Running from : C:\Users\Lenovo\Desktop\adwcleaner_5.013.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : RsMgrSvc

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Rising
[-] Folder Deleted : C:\Program Files\Catered to You
[-] Folder Deleted : C:\ProgramData\Rising
[-] Folder Deleted : C:\Users\Lenovo\AppData\Local\SysassistByHotWheel

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npWebPlayer
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@iqiyi.com/npclient
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPLICATIONS\GEEPLAYER.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FBB037E4-1CB2-406C-ACCC-925BD5BC7FD7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EC7C511-CD0F-42E6-830C-1BD9882F3458}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\QyGameClient
[-] Key Deleted : HKCU\Software\PPStream
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\QiYi
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Catered to You
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Key Not Deleted : HKU\S-1-5-21-984364764-1455854144-4088533069-1001\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[!] Key Not Deleted : HKU\S-1-5-21-984364764-1455854144-4088533069-1001\Software\AppDataLow\Software\QiYi
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

***** [ Web browsers ] *****

[-] [C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\wkpnurzl.default-1430477963322\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "eShield Safe Web");

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [3514 bytes] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[bart.dedek]

Bohužel mi program nejde spustit.Vyhazuje to chybu"C:\users\Lenovo\AppData\Local\Temp\zoek.hta není platná aplikace typu Win32.

[bart.dedek]

Prosím,má ještě někdo nějaký nápad?Už mi nejde ani wifi na routrech.

[vyosek]

Na routeru by melo byt male tlacitko reset, timto jej resetujete do tovarniho nastaveni. Je totiz mozne, ze havet napadla primo router.

[bart.dedek]

Resetoval jsem jak modem,tak i router a to opakovaně.Znovunastavení trvá nějakou chvilku a bádání ještě delší.Aby mi jakžtakž fungoval net,musel jsem přiřadit DNS ručně.Takhle jsem to nikdy neměl,vždy automaticky jak IP,tak DNS.Jak zprovoznit Zoek jsem nikde nenašel.Nějak mi ty win7 nesedí.Dneska jsem ženě odpřísáhnul,že to je podlední MS u nád doma.Děkuji za snahu a mějte se mnou trochu strpení.

[vyosek]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[bart.dedek]

ComboFix 15-10-15.01 - Lenovo 19.10.2015 22:39:07.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2022.811 [GMT 2:00]
Spuštěný z: c:\users\Lenovo\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-09-19 do 2015-10-19 )))))))))))))))))))))))))))))))
.
.
2015-10-19 21:03 . 2015-10-19 21:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-19 16:04 . 2015-10-19 16:04 -------- d-----w- c:\windows\LastGood
2015-10-19 16:03 . 2015-10-19 16:03 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2015-10-19 16:03 . 2008-08-21 09:57 645120 ----a-w- c:\windows\system32\drivers\netr28u.sys
2015-10-19 16:03 . 2008-08-21 09:44 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2015-10-19 16:02 . 2015-10-19 16:02 -------- d-----w- c:\program files\Tenda
2015-10-16 13:23 . 2015-10-16 13:23 -------- d-----w- C:\zoek_backup
2015-10-15 17:19 . 2015-09-18 17:47 23384 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 17:19 . 2015-09-18 17:44 587776 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 17:19 . 2015-09-18 17:44 615936 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 17:19 . 2015-09-18 17:44 423936 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 17:19 . 2015-09-18 17:44 1120768 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 17:19 . 2015-09-18 17:44 62976 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 17:19 . 2015-09-18 17:35 999936 ----a-w- c:\windows\system32\aeinv.dll
2015-10-14 17:09 . 2015-09-25 17:59 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-10-14 13:04 . 2015-10-14 13:16 -------- d-----w- C:\rsit
2015-10-14 12:49 . 2015-10-14 13:21 -------- d-----w- c:\program files\Trend Micro
2015-10-14 12:49 . 2015-10-14 12:49 388096 ----a-r- c:\users\Lenovo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2015-10-14 10:55 . 2015-10-14 11:47 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-10-14 10:55 . 2015-10-14 10:55 -------- d-----w- c:\programdata\Malwarebytes
2015-10-08 12:23 . 1999-12-17 06:13 86016 ----a-w- c:\windows\unvise32.exe
2015-10-08 12:20 . 2015-10-08 12:23 -------- d-----w- c:\program files\Postal2
2015-10-08 12:00 . 2015-10-08 12:19 -------- d-----w- c:\program files\Running With Scissors
2015-10-08 11:34 . 2015-10-08 11:34 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys
2015-10-08 11:34 . 2015-10-08 11:58 -------- d-----w- c:\users\Lenovo\AppData\Roaming\DAEMON Tools Ultra
2015-10-08 11:33 . 2015-10-08 11:36 -------- d-----w- c:\program files\DAEMON Tools Ultra
2015-10-08 11:33 . 2015-10-08 11:33 -------- d-----w- c:\programdata\DAEMON Tools Ultra
2015-10-08 10:52 . 2015-10-08 11:57 -------- d-----w- c:\users\Lenovo\AppData\Local\Disc_Soft_Ltd
2015-10-08 10:14 . 2015-10-08 10:14 -------- d-----w- c:\program files\Disc Soft
2015-10-08 10:12 . 2015-10-08 10:12 25016 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-10-08 10:12 . 2015-10-12 16:01 -------- d-----w- c:\users\Lenovo\AppData\Roaming\DAEMON Tools Lite
2015-10-08 10:11 . 2015-10-08 11:23 -------- d-----w- c:\program files\DAEMON Tools Lite
2015-10-08 10:11 . 2015-10-08 10:11 -------- d-----w- c:\programdata\DAEMON Tools Lite
2015-09-26 23:19 . 2015-09-26 23:19 252648 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-15 17:36 . 2015-10-14 17:10 248832 ----a-w- c:\windows\system32\schannel.dll
2015-09-10 03:12 . 2015-04-22 16:29 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-09-10 03:12 . 2015-04-22 16:29 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-09-02 02:48 . 2015-09-09 09:04 26624 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 02:48 . 2015-09-09 09:04 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 02:48 . 2015-09-09 09:04 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 02:48 . 2015-09-09 09:04 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 01:36 . 2015-09-09 09:04 2384896 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:33 . 2015-09-09 09:04 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-08-29 10:32 . 2015-05-21 11:24 97888 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-08-27 17:58 . 2015-09-09 09:04 1391104 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 17:58 . 2015-09-09 09:04 1241088 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 17:51 . 2015-09-09 09:04 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 09:04 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-19 09:52 . 2015-08-19 09:52 250800 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-08-19 09:52 . 2015-08-19 09:52 222640 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2015-08-05 17:41 . 2015-09-09 09:04 751104 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-05 17:40 . 2015-09-09 09:04 22528 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
2015-08-05 17:40 . 2015-09-09 09:04 216064 ----a-w- c:\windows\system32\InkEd.dll
2015-08-05 17:40 . 2015-09-09 09:04 19968 ----a-w- c:\windows\system32\jnwmon.dll
2015-08-04 09:33 . 2015-08-04 09:33 230832 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2015-08-04 09:32 . 2015-08-04 09:32 189872 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2015-07-30 17:57 . 2015-08-12 23:10 909824 ----a-w- c:\windows\system32\FntCache.dll
2015-07-30 17:57 . 2015-08-12 23:10 1251328 ----a-w- c:\windows\system32\DWrite.dll
2015-07-30 17:57 . 2015-08-12 23:10 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2015-07-30 13:13 . 2015-08-13 01:01 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-23 14:44 . 2015-07-23 14:44 31664 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2015-07-22 17:53 . 2015-09-09 09:04 937984 ----a-w- c:\windows\system32\diagtrack.dll
2015-07-22 17:53 . 2015-09-09 09:04 635392 ----a-w- c:\windows\system32\tdh.dll
2015-07-22 17:53 . 2015-09-09 09:04 641536 ----a-w- c:\windows\system32\advapi32.dll
2015-07-22 16:38 . 2015-09-09 09:04 41984 ----a-w- c:\windows\system32\UtcResources.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
"Dropbox Update"="c:\users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-27 134512]
"DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2013-11-14 3192056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"adm_tray.exe"="c:\program files\Acronis\DriveMonitor\adm_tray.exe" [2010-06-04 530768]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-10-27 365560]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-08-24 3775912]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2015-04-20 280576]
.
c:\users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-10-3 36711472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Software Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe -hx [2011-2-23 323584]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico -user_logon [2015-4-22 6144]
W311U.lnk - c:\program files\Tenda\W311U\UI.exe [2015-10-19 2273280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2015-08-24 3637160]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [2015-01-26 24576]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [2015-01-26 29696]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis.sys [2015-01-21 74752]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-08 25016]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-09-24 10976]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-09-16 102912]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2008-08-21 645120]
R3 Rockusb;Driver for Rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys [2013-09-09 46096]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2015-08-19 222640]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-08-19 250800]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-07-23 31664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2015-06-16 207328]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2015-08-04 230832]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2015-08-24 335656]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 MonectServerService;MonectServerService;c:\program files\MonectHost\MonectServerService.exe [2014-10-29 72192]
S2 rsdsys;rsd protect;c:\windows\system32\drivers\protreg.sys [2014-05-28 24120]
S2 WtuSystemSupport;WtuSystemSupport;c:\program files\AVG Web TuneUp\WtuSystemSupport.exe [2015-05-01 620056]
S3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-11-14 723192]
S3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtscsibus.sys [2015-10-08 24704]
S3 monectdevices;Monect Hid Device;c:\windows\system32\DRIVERS\monectdevices.sys [2013-12-03 14104]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - AEGISP
*NewlyCreated* - NATIVEWIFIP
*NewlyCreated* - NDISUIO
*NewlyCreated* - VWIFIFLT
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2015-10-17 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-31 19:53]
.
2015-10-19 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-984364764-1455854144-4088533069-1001Core.job
- c:\users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27 21:57]
.
2015-10-19 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-984364764-1455854144-4088533069-1001UA.job
- c:\users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27 21:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 10.0.0.2
TCP: Interfaces\{C20B71A2-F6C4-4931-85B2-1BAF971AB5E5}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{ED35E74C-AE3F-4D50-90F0-1F9389DFAF5D}: NameServer = 172.30.1.2,172.30.1.1
FF - ProfilePath - c:\users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\wkpnurzl.default-1430477963322\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-RSDTRAY - c:\program files\Rising\RSD\popwndexe.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TFsFlt]
"ImagePath"=multi:"system32\Drivers\TFsFlt.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TFsFlt]
"ImagePath"=multi:"system32\Drivers\TFsFlt.sys\00"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-10-19 23:06:09
ComboFix-quarantined-files.txt 2015-10-19 21:06
.
Před spuštěním: Volných bajtů: 22 373 822 464
Po spuštění: Volných bajtů: 22 275 264 512
.
- - End Of File - - DD2C4203C963BDE3050E0A0B5FE9C241
A36C5E4F47E84449FF07ED3517B43A31

[bart.dedek]

Nemohl by se na prosím někdo podívat.Už jsem z toho opravdu nešťastný.Velice mi chybí wifi na telefonech a neustálé opravování připojení u PC je fakt otravné.

[Rudy]

Omluva za vstup. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[bart.dedek]

Po dokončení CF opět nešel net a některé programy na pozadí se nespouští.Po restartu a přenastavení DNS na Google Public zatím funguje.Prosím o poslední kontrolu logu z CF a pak již opravdu přestanu otravovat


ComboFix 15-10-15.01 - Lenovo 08.11.2015 11:20:56.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2022.1211 [GMT 1:00]
Spuštěný z: c:\users\Lenovo\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Lenovo\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-10-08 do 2015-11-08 )))))))))))))))))))))))))))))))
.
.
2015-10-19 16:03 . 2015-10-19 16:03 21419 ----a-w- c:\windows\system32\drivers\AegisP.sys
2015-10-19 16:03 . 2008-08-21 09:57 645120 ----a-w- c:\windows\system32\drivers\netr28u.sys
2015-10-19 16:03 . 2008-08-21 09:44 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2015-10-19 16:02 . 2015-10-19 16:02 -------- d-----w- c:\program files\Tenda
2015-10-16 13:23 . 2015-10-16 13:23 -------- d-----w- C:\zoek_backup
2015-10-15 17:19 . 2015-09-18 17:47 23384 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-10-15 17:19 . 2015-09-18 17:44 587776 ----a-w- c:\windows\system32\invagent.dll
2015-10-15 17:19 . 2015-09-18 17:44 615936 ----a-w- c:\windows\system32\generaltel.dll
2015-10-15 17:19 . 2015-09-18 17:44 423936 ----a-w- c:\windows\system32\devinv.dll
2015-10-15 17:19 . 2015-09-18 17:44 1120768 ----a-w- c:\windows\system32\appraiser.dll
2015-10-15 17:19 . 2015-09-18 17:44 62976 ----a-w- c:\windows\system32\acmigration.dll
2015-10-15 17:19 . 2015-09-18 17:35 999936 ----a-w- c:\windows\system32\aeinv.dll
2015-10-14 17:09 . 2015-09-25 17:59 93696 ----a-w- c:\windows\system32\wudriver.dll
2015-10-14 13:04 . 2015-10-14 13:16 -------- d-----w- C:\rsit
2015-10-14 12:49 . 2015-10-14 13:21 -------- d-----w- c:\program files\Trend Micro
2015-10-14 12:49 . 2015-10-14 12:49 388096 ----a-r- c:\users\Lenovo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2015-10-14 10:55 . 2015-10-14 11:47 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-10-14 10:55 . 2015-10-14 10:55 -------- d-----w- c:\programdata\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-08 11:34 . 2015-10-08 11:34 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys
2015-10-08 10:12 . 2015-10-08 10:12 25016 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2015-09-15 17:36 . 2015-10-14 17:10 248832 ----a-w- c:\windows\system32\schannel.dll
2015-09-10 03:12 . 2015-04-22 16:29 778440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-09-10 03:12 . 2015-04-22 16:29 142536 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-09-02 02:48 . 2015-09-09 09:04 26624 ----a-w- c:\windows\system32\lpk.dll
2015-09-02 02:48 . 2015-09-09 09:04 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-09-02 02:48 . 2015-09-09 09:04 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-09-02 02:48 . 2015-09-09 09:04 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-09-02 01:36 . 2015-09-09 09:04 2384896 ----a-w- c:\windows\system32\win32k.sys
2015-09-02 01:33 . 2015-09-09 09:04 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-08-29 10:32 . 2015-05-21 11:24 97888 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2015-08-27 17:58 . 2015-09-09 09:04 1391104 ----a-w- c:\windows\system32\msxml6.dll
2015-08-27 17:58 . 2015-09-09 09:04 1241088 ----a-w- c:\windows\system32\msxml3.dll
2015-08-27 17:51 . 2015-09-09 09:04 2048 ----a-w- c:\windows\system32\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 09:04 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-08-19 09:52 . 2015-08-19 09:52 250800 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2015-08-19 09:52 . 2015-08-19 09:52 222640 ----a-w- c:\windows\system32\drivers\avgidshx.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt3]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt4]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt5]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt6]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt7]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ DropboxExt8]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-10-12 23:34 194824 ----a-w- c:\users\Lenovo\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
"Dropbox Update"="c:\users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-27 134512]
"DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2013-11-14 3192056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"adm_tray.exe"="c:\program files\Acronis\DriveMonitor\adm_tray.exe" [2010-06-04 530768]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-10-27 365560]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2015-08-24 3775912]
"TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2015-04-20 280576]
.
c:\users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-10-3 36711472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Software Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe -hx [2011-2-23 323584]
VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico -user_logon [2015-4-22 6144]
W311U.lnk - c:\program files\Tenda\W311U\UI.exe [2015-10-19 2273280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2015-08-24 3637160]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [2015-01-26 24576]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [2015-01-26 29696]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis.sys [2015-01-21 74752]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-08 25016]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2008-09-24 10976]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-09-16 102912]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2008-08-21 645120]
R3 Rockusb;Driver for Rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys [2013-09-09 46096]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2015-08-19 222640]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2015-08-19 250800]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-07-23 31664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2015-06-16 207328]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2015-08-04 230832]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2015-08-24 335656]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 MonectServerService;MonectServerService;c:\program files\MonectHost\MonectServerService.exe [2014-10-29 72192]
S2 rsdsys;rsd protect;c:\windows\system32\drivers\protreg.sys [2014-05-28 24120]
S2 WtuSystemSupport;WtuSystemSupport;c:\program files\AVG Web TuneUp\WtuSystemSupport.exe [2015-05-01 620056]
S3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [2013-11-14 723192]
S3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtscsibus.sys [2015-10-08 24704]
S3 monectdevices;Monect Hid Device;c:\windows\system32\DRIVERS\monectdevices.sys [2013-12-03 14104]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Obsah adresáře 'Naplánované úlohy'
.
2015-11-08 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\system32\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-31 19:53]
.
2015-11-08 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-984364764-1455854144-4088533069-1001Core.job
- c:\users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27 21:57]
.
2015-11-08 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-984364764-1455854144-4088533069-1001UA.job
- c:\users\Lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-27 21:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C20B71A2-F6C4-4931-85B2-1BAF971AB5E5}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\wkpnurzl.default-1430477963322\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TFsFlt]
"ImagePath"=multi:"system32\Drivers\TFsFlt.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TFsFlt]
"ImagePath"=multi:"system32\Drivers\TFsFlt.sys\00"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\MonectHost\MonectHost.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe
c:\windows\system32\taskhost.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\windows\system32\GWX\GWX.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
c:\users\Lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2015-11-08 11:56:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-11-08 10:56
ComboFix2.txt 2015-10-19 21:06
.
Před spuštěním: Volných bajtů: 22 935 162 880
Po spuštění: Volných bajtů: 22 808 440 832
.
- - End Of File - - 4F441858FBF72A43E298B8F57ED04DCC
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Log je v pořádku.

[bart.dedek]

Mockráte díky za pomoc vám všem.Hezký den