VIRY.CZ

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
C:\Windows\Inf\msdksfb.vbe
C:\Windows\Inf\msloegh.vbe

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"msloeghSrv"=-
"msdksfbSrv"=-

Regnull::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příakzy ze skriptu.

Vypadá to dobře, oba soubory jsou ve Správci úloh (Po spuštění) pryč.

ComboFix 13-09-24.02 - Jiri . 09. 2013 19:19:50.8.8 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.8132.5491 [GMT 2:00]
Spuštěný z: c:\users\Jiri\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jiri\Desktop\CFScript.txt..txt
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Inf\msdksfb.vbe
c:\windows\Inf\msloegh.vbe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-26 do 2013-09-26 )))))))))))))))))))))))))))))))
.
.
2013-09-26 17:22 . 2013-09-26 17:26 -------- d-----w- c:\users\Jiri\AppData\Local\temp
2013-09-26 17:22 . 2013-09-26 17:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-26 15:16 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{37D200AF-BBA3-4F68-9DD5-CD8353453DBE}\mpengine.dll
2013-09-26 07:26 . 2013-09-26 07:26 304816 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10218.bin
2013-09-25 21:28 . 2013-09-25 21:28 -------- d-----w- c:\users\Jiri\AppData\Roaming\Leawo
2013-09-24 19:55 . 2013-09-24 19:55 -------- d-----w- c:\program files\trend micro
2013-09-24 19:54 . 2013-09-24 19:55 -------- d-----w- C:\rsit
2013-09-24 12:44 . 2013-09-24 12:45 -------- d-----w- C:\$SysReset
2013-09-24 10:09 . 2006-09-26 11:57 28672 ----a-w- c:\windows\SysWow64\AVEQT.dll
2013-09-24 10:09 . 2004-12-20 14:19 129024 ----a-w- c:\windows\SysWow64\AVERM.dll
2013-09-24 10:09 . 2013-09-24 10:18 -------- d-----w- c:\program files (x86)\Allok MP3 to AMR Converter
2013-09-24 03:06 . 2013-09-24 03:06 234010 ----a-w- c:\windows\SysWow64\poclbm130302GeForce GTX 660gv1w256l4.bin
2013-09-16 15:15 . 2009-09-27 07:39 369152 --sh--w- c:\windows\SysWow64\avisynth.dll
2013-09-16 15:15 . 2005-07-14 10:31 32256 --sh--w- c:\windows\SysWow64\AVSredirect.dll
2013-09-16 15:06 . 2004-07-02 15:33 327749 ----a-w- c:\windows\SysWow64\drvc.dll
2013-09-16 15:05 . 2013-09-16 15:05 -------- d-----w- c:\users\Jiri\AppData\Local\SwvUpdater
2013-09-15 23:09 . 2013-09-15 23:09 -------- d-----w- c:\users\Jiri\AppData\Roaming\Digiarty
2013-09-15 23:08 . 2013-09-16 08:53 -------- d-----w- c:\program files (x86)\Digiarty
2013-09-15 22:07 . 2009-06-07 14:25 77824 ----a-w- c:\windows\SysWow64\xvid.ax
2013-09-15 22:07 . 2009-06-07 14:16 819200 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-09-15 22:07 . 2009-06-07 14:24 180224 ----a-w- c:\windows\SysWow64\xvidvfw.dll
2013-09-15 22:06 . 2013-09-15 22:06 35365 ----a-w- c:\windows\SysWow64\uninstHelixYUV.exe
2013-09-15 21:57 . 2013-09-16 13:32 -------- d-----w- c:\programdata\StaxRip
2013-09-12 11:30 . 2013-09-25 21:21 -------- d-----w- c:\program files (x86)\MeGUI_2356_x86
2013-09-12 11:15 . 2013-09-18 23:26 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-12 11:15 . 2013-09-18 23:26 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-11 17:15 . 2013-09-24 03:41 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-09-10 22:34 . 2013-09-10 22:34 99328 ----a-w- c:\windows\system32\wudriver.dll
2013-09-10 22:33 . 2013-09-10 22:33 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-10 19:10 . 2013-09-16 15:59 -------- d-----w- c:\users\Jiri\AppData\Roaming\tiger-k
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\thdudf.sys
2013-09-10 19:09 . 2012-01-10 08:18 66944 ----a-w- c:\windows\SysWow64\drivers\thdudf.sys
2013-09-10 19:09 . 2013-09-10 19:09 -------- d-----w- c:\program files (x86)\Leawo
2013-09-08 20:16 . 2013-09-08 20:16 -------- d-----w- c:\users\Jiri\AppData\Roaming\HellShare Upload Manager
2013-09-08 20:15 . 2013-09-08 20:15 -------- d-----w- c:\program files (x86)\HellShare Upload Manager
2013-09-06 07:21 . 2013-09-26 15:27 -------- d-----w- c:\users\Jiri\AppData\Roaming\VideoReDo-TVSuite4
2013-09-04 12:51 . 2013-09-04 12:58 -------- d-----w- c:\programdata\Logs
2013-09-03 13:18 . 2013-09-03 13:18 -------- d-----w- c:\users\Jiri\AppData\Roaming\Publish Providers
2013-09-03 13:15 . 2013-09-03 13:44 -------- d-----w- c:\users\Jiri\AppData\Local\Sony
2013-09-03 13:15 . 2013-09-03 13:33 -------- d-----w- c:\users\Jiri\AppData\Roaming\Sony
2013-08-28 13:27 . 2010-03-20 09:27 2966016 ----a-w- c:\windows\system32\avisynth.dll
2013-08-28 13:27 . 2009-04-29 18:25 2300928 ----a-w- c:\windows\system32\DevIL.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 18:13 . 2013-02-28 14:45 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-10 22:32 . 2012-07-26 07:24 2207232 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2013-08-14 18:10 . 2013-08-14 18:10 96512 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 888832 ----a-w- c:\windows\system32\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 778752 ----a-w- c:\windows\system32\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 77312 ----a-w- c:\windows\system32\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 74240 ----a-w- c:\windows\system32\wcmcsp.dll
2013-08-14 18:10 . 2013-08-14 18:10 723968 ----a-w- c:\windows\system32\BFE.DLL
2013-08-14 18:10 . 2013-08-14 18:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-08-14 18:10 . 2013-08-14 18:10 67072 ----a-w- c:\windows\SysWow64\openfiles.exe
2013-08-14 18:10 . 2013-08-14 18:10 551424 ----a-w- c:\windows\SysWow64\oleaut32.dll
2013-08-14 18:10 . 2013-08-14 18:10 543744 ----a-w- c:\windows\system32\wwanmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 447488 ----a-w- c:\windows\system32\wwansvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 439488 ----a-w- c:\windows\system32\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 414208 ----a-w- c:\windows\system32\wwanconn.dll
2013-08-14 18:10 . 2013-08-14 18:10 391168 ----a-w- c:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 385768 ----a-w- c:\windows\SysWow64\WerFault.exe
2013-08-14 18:10 . 2013-08-14 18:10 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 370688 ----a-w- c:\windows\system32\Wwanadvui.dll
2013-08-14 18:10 . 2013-08-14 18:10 327512 ----a-w- c:\windows\system32\drivers\Classpnp.sys
2013-08-14 18:10 . 2013-08-14 18:10 321536 ----a-w- c:\windows\system32\drivers\udfs.sys
2013-08-14 18:10 . 2013-08-14 18:10 312832 ----a-w- c:\windows\system32\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 2839552 ----a-w- c:\windows\system32\msftedit.dll
2013-08-14 18:10 . 2013-08-14 18:10 268800 ----a-w- c:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-08-14 18:10 . 2013-08-14 18:10 263680 ----a-w- c:\windows\system32\wcmsvc.dll
2013-08-14 18:10 . 2013-08-14 18:10 245760 ----a-w- c:\windows\SysWow64\LocationApi.dll
2013-08-14 18:10 . 2013-08-14 18:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 230912 ----a-w- c:\windows\system32\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 183808 ----a-w- c:\windows\system32\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 160256 ----a-w- c:\windows\SysWow64\winmmbase.dll
2013-08-14 18:10 . 2013-08-14 18:10 154112 ----a-w- c:\windows\SysWow64\WinSCard.dll
2013-08-14 18:10 . 2013-08-14 18:10 1300480 ----a-w- c:\windows\system32\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 125440 ----a-w- c:\windows\SysWow64\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 120144 ----a-w- c:\windows\system32\drivers\msgpioclx.sys
2013-08-14 18:10 . 2013-08-14 18:10 115712 ----a-w- c:\windows\system32\winmm.dll
2013-08-14 18:10 . 2013-08-14 18:10 1156096 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-08-14 18:10 . 2013-08-14 18:10 1025024 ----a-w- c:\windows\system32\localspl.dll
2013-08-14 18:10 . 2013-08-14 18:10 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-08-14 18:10 . 2013-08-14 18:10 341504 ----a-w- c:\windows\system32\drivers\HdAudio.sys
2013-08-14 18:10 . 2013-08-14 18:10 195416 ----a-w- c:\windows\system32\drivers\sdbus.sys
2013-08-14 18:10 . 2013-08-14 18:10 125784 ----a-w- c:\windows\system32\drivers\dumpsd.sys
2013-08-14 18:10 . 2013-08-14 18:10 119040 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2013-07-16 03:02 . 2013-08-16 05:43 941720 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2105621A-709F-4653-A87A-25A51EBFDF48}\gapaengine.dll
2013-07-13 06:18 . 2013-08-14 05:13 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-14 05:13 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:16 . 2013-08-14 05:13 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:15 . 2013-08-14 05:13 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-14 05:13 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-14 05:13 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-14 05:13 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-14 05:13 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-14 05:13 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-12 22:24 . 2013-07-12 22:24 850944 ----a-w- c:\windows\SysWow64\mfasfsrcsnk.dll
2013-07-12 22:24 . 2013-07-12 22:24 80896 ----a-w- c:\windows\system32\MbaeParserTask.exe
2013-07-12 22:24 . 2013-07-12 22:24 785408 ----a-w- c:\windows\system32\audiosrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 729600 ----a-w- c:\windows\system32\samsrv.dll
2013-07-12 22:24 . 2013-07-12 22:24 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-12 22:24 . 2013-07-12 22:24 680960 ----a-w- c:\windows\system32\vds.exe
2013-07-12 22:24 . 2013-07-12 22:24 67584 ----a-w- c:\windows\SysWow64\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 583168 ----a-w- c:\windows\system32\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 523264 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 493056 ----a-w- c:\windows\SysWow64\mscms.dll
2013-07-12 22:24 . 2013-07-12 22:24 37632 ----a-w- c:\windows\system32\drivers\BthAvrcpTg.sys
2013-07-12 22:24 . 2013-07-12 22:24 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-12 22:24 . 2013-07-12 22:24 337152 ----a-w- c:\windows\system32\drivers\USBXHCI.SYS
2013-07-12 22:24 . 2013-07-12 22:24 327936 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-07-12 22:24 . 2013-07-12 22:24 2391280 ----a-w- c:\windows\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 213248 ----a-w- c:\windows\system32\drivers\UCX01000.SYS
2013-07-12 22:24 . 2013-07-12 22:24 2106176 ----a-w- c:\windows\SysWow64\explorer.exe
2013-07-12 22:24 . 2013-07-12 22:24 207872 ----a-w- c:\windows\system32\DeviceSetupManager.dll
2013-07-12 22:24 . 2013-07-12 22:24 190976 ----a-w- c:\windows\system32\vdsutil.dll
2013-07-12 22:24 . 2013-07-12 22:24 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1527808 ----a-w- c:\windows\system32\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1453568 ----a-w- c:\windows\SysWow64\mfcore.dll
2013-07-12 22:24 . 2013-07-12 22:24 1403296 ----a-w- c:\windows\system32\winload.efi
2013-07-12 22:24 . 2013-07-12 22:24 1271584 ----a-w- c:\windows\system32\winload.exe
2013-07-12 22:24 . 2013-07-12 22:24 1217352 ----a-w- c:\windows\system32\winresume.efi
2013-07-12 22:24 . 2013-07-12 22:24 1093904 ----a-w- c:\windows\system32\winresume.exe
2013-07-12 22:24 . 2013-07-12 22:24 106496 ----a-w- c:\windows\system32\samlib.dll
2013-07-12 22:24 . 2013-07-12 22:24 1048576 ----a-w- c:\windows\system32\mfasfsrcsnk.dll
2013-07-02 00:44 . 2013-08-14 05:13 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-14 05:13 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-03-13 07:03 . 2013-03-13 07:03 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
2009-09-27 07:39 369152 --sh--w- c:\windows\SysWOW64\avisynth.dll
2005-07-14 10:31 32256 --sh--w- c:\windows\SysWOW64\AVSredirect.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:43 1724616 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-02 491120]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [BU]
"PowerDVD12DMREngine"="c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" [2013-01-22 505096]
"PowerDVD12Agent"="c:\program files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe" [2013-01-22 373784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R1 aswSnx;aswSnx; [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\DRIVERS\thdudf.sys;c:\windows\SYSNATIVE\DRIVERS\thdudf.sys [x]
R3 aswVmm;aswVmm; [x]
R3 athur;Qualcomm Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athuw8x.sys;c:\windows\SYSNATIVE\DRIVERS\athuw8x.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSP;aswSP; [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2013/03/18 13:11];c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 ntk_PowerDVD12;ntk_PowerDVD12;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys;c:\program files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
apphost REG_MULTI_SZ apphostsvc
iissvcs REG_MULTI_SZ w3svc was
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-19 20:51 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 17:04]
.
2013-09-25 c:\windows\Tasks\HPCeeScheduleForJiri.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-07-13 02:37 2328776 ----a-w- c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-09-19 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-09-19 1425408]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.downha.com/vb/members/downha1398/
mDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
mStart Page = hxxp://www.bing.com?pc=HPDTDFJS
IE: E&xportovat do aplikace Microsoft Excel
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 82.144.128.1 82.144.129.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - ExtSQL: 2013-09-25 22:45; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\Jiri\AppData\Roaming\Mozilla\Firefox\Profiles\d6a99gex.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{73526619-C24F-470B-9BED-53D455FBB5C6}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSE06.00.00.01PRO"="72084BFD9781F899628E264E0A6B325CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407BA7FD869164D6794FEBC9E127BECC74CFEBC9E127BECC74C7DCCBEDEB1B248EE6612A378C9604D4024532F9FD252E68F404ACCD182330598E7C0FC5DFEFD8D478375B8BDAC7C3C0DC4CD5BD21022A3F4DACFA067C5B52813A4F739837CCAA1430159E08F12877634288C93CD2A3D5DC114EF489A6C541DA47CB942FEBC02E16C6257EB9C945129CC289F4A5B64F935BC3ECEF4F1830B915EDBDEAC35B265AF3FCB1FF045347F85E1C42AB578E5004A9CD2269F27FAA8BA4655D450BDB9876E2F8970C79CD00BC172A0E251563950C68EEC40822BA7CDD0D41D9BC9620ED0892208230E6C33411771029659DACEB9D1314BFE9C9EC1738DF58BCAF924D1FC6AF1592224B1054143C5D4A2511FF9E31D19D355315965E3318B9E8983B58A1B036CB3EAB01BD28108C9277B7E7072C759CE0ECCC763933E00EAF5164E002090C85370109C0F12C92BCD2C286B5152B2BDCD25812BFD3073C15CD641891DE113345D8DB693A4173775943B43E67699C78685E822E91B844D419D2A71215C80AEBF342D1B882A1DBA37554FFD02492D7BEEDACDF3D860BBE34F5F7E9ECC4391C46FF5150AAE1E42183E39061A9268D1983CA5EB508EA867273FC681D703860E0945B5AF660136096AE2E1A46E34A435BC3532FE22E4827A5AE6EC8B3C7F9453014AF70A25BB5AD79B7E610FE7C403E459A3BF666A7BB04F93A4DE9201438A238A8DB6D753DFA7786E6D3DD205663ED5335683A5BC37A821BC569CB57113BD22559B606C8C336E1AF613F21CD8FC43DEE61FA4E6C1BC978F16E01DB36A75B4DB648DD7C284BE34509E5470410A36B23A5FD5BF73B579D8A0B1AA4873DB37AA3B8EF772F901CFAE8EA01A18B6D4FDE389DFD4E3BCE91A01BBF6207A7DCBE9109282FA7952DC764D311052C11888865F4FFC7A95D54194D52EA0B0867ED3DF08183DB42CB20689AFF64FEF38240847E172A22A4D77B39ED2273DCFAFC62031E96314CA3C25FDA0A9809867BA3E4A79DDBE8C49F67DCF3225BB2E75AF4BF33B42742EE54F565C1A4456F732FB6CDB9BF8E24EC372663391AF642C1D3326A21D4FAA0733FE184A163DE04F4F23D9DA6F8C73CB0713D7933C09FCC1475C92163C05CAEF62DA62077A82EFD13ECAD57A7B27E7BE07A21939FCFBC6CC763FF24C400B808AA8E3CDE4F0BAB58A0703530389871A373A5B957F5B876601B2E4CAD5943D58503E901848E43D4854324EE84FA8A5CA959AEDDD57A9DC62E3874B45D8E92A430CE0CA23AE0918225F4DA252CD2A2B1D0F27FDA546F8E3A8510562AC8C3495965E50EF7523D10AA1B2696DEC832473182EE125C562A0360A783E10"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Reminder.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\register.exe
.
**************************************************************************
.
Celkový čas: 2013-09-26 19:28:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-26 17:28
ComboFix2.txt 2013-09-25 20:55
ComboFix3.txt 2013-09-25 20:01
ComboFix4.txt 2013-09-25 18:37
ComboFix5.txt 2013-09-26 17:19
.
Před spuštěním: 455 828 385 792 bytes free
Po spuštění: 455 665 635 328 bytes free
.
- - End Of File - - 7EA0A02B268077B1ADDB115BEFD72763
Nahr nˇ probŘhlo ŁspŘçnŘ

Log již vypadá OK. Ještě bych doporučil odinstalovat AdvancedSystemCare . Tento program hledá chyby tam, kde nejsou a tím si jím laik může snadno poškodit systém, či nějakou aplikaci.

Velké díky za Vaši pomoc a jdu odinstalovat na vaše doporučení Advanced SystemCare .

Pokud jste ho používal k čištění, můžete ho nahradit CCleanerem: http://forum.viry.cz/viewtopic.php?f=46&t=7478 . Nemáte zač! CF odinstalujte T-Cleanerem: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe .