Moc prosím o ko pc...co možná nejrychejší-děkuji

[JaRon]

update skus cez fixit

upd.jpg

(89.83 KiB) Zatím ještě nestaženo

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[jaruneczka]

ComboFix 14-10-15.01 - Jaruneczka 17.10.2014 8:28.6.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1900.597 [GMT 2:00]
Spuštěný z: c:\users\Jaruneczka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jaruneczka\Desktop\CFScript.txt..txt
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-17 do 2014-10-17 )))))))))))))))))))))))))))))))
.
.
2014-10-17 06:36 . 2014-10-17 06:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-17 06:26 . 2014-10-17 06:26 332 ----a-w- C:\Start_.cmd
2014-10-16 18:15 . 2014-10-16 18:15 -------- d-----w- c:\programdata\Simply Super Software
2014-10-16 07:37 . 2014-10-16 07:55 -------- d-----w- c:\users\Jaruneczka\AppData\Local\NPE
2014-10-16 07:37 . 2014-10-16 07:37 -------- d-----w- c:\programdata\Norton
2014-10-16 06:40 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2014-10-16 06:39 . 2014-10-16 06:39 -------- d-----w- c:\windows\ELAMBKUP
2014-10-16 06:39 . 2014-10-17 06:39 -------- d-----w- c:\programdata\Kaspersky Lab
2014-10-16 06:39 . 2014-10-16 06:39 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2014-10-16 06:39 . 2014-10-16 06:48 793800 ----a-w- c:\windows\system32\drivers\klif.sys
2014-10-16 06:39 . 2014-10-16 06:48 141320 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-10-16 06:39 . 2014-04-10 15:25 243808 ----a-w- c:\windows\system32\drivers\klhk.sys
2014-10-16 04:04 . 2014-10-17 04:18 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-16 04:04 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-16 04:04 . 2014-10-16 04:04 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-16 04:04 . 2014-10-16 04:04 -------- d-----w- c:\programdata\Malwarebytes
2014-10-16 04:04 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-16 04:04 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-15 17:23 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-10-15 17:23 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-15 16:48 . 2014-08-29 02:07 3179520 ----a-w- c:\windows\system32\rdpcorets.dll
2014-10-15 15:59 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2014-10-15 15:59 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2014-10-15 15:54 . 2014-09-05 02:11 6584320 ----a-w- c:\windows\system32\mstscax.dll
2014-10-15 15:54 . 2014-09-05 01:52 5703168 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-10-15 15:49 . 2014-10-10 02:05 276480 ----a-w- c:\windows\system32\generaltel.dll
2014-10-15 15:49 . 2014-10-10 02:05 507392 ----a-w- c:\windows\system32\aepdu.dll
2014-10-15 15:49 . 2014-10-10 02:00 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-10-15 14:16 . 2014-10-15 14:16 -------- d-----w- c:\program files (x86)\HD Tune
2014-10-15 13:15 . 2014-10-15 13:15 -------- d-----w- c:\program files\Windows Defender
2014-10-15 08:22 . 2014-10-15 08:22 -------- d-----w- c:\windows\CheckSur
2014-10-01 03:38 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 03:38 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-28 15:10 . 2014-09-28 15:21 -------- d-----w- c:\users\Jaruneczka\AppData\Roaming\KeePass
2014-09-28 05:38 . 2014-10-13 08:26 -------- d-----w- c:\users\Jaruneczka\AppData\Roaming\Skype
2014-09-28 05:38 . 2014-09-28 05:38 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-28 05:38 . 2014-09-28 05:38 -------- d-----r- c:\program files (x86)\Skype
2014-09-28 05:38 . 2014-10-07 03:58 -------- d-----w- c:\programdata\Skype
2014-09-28 04:41 . 2014-09-28 04:41 -------- d-----w- c:\programdata\Acer
2014-09-27 15:17 . 2014-09-27 15:17 -------- d-----w- c:\users\Jaruneczka\AppData\Local\CyberLink
2014-09-27 14:50 . 2014-09-27 14:50 -------- d-----w- c:\users\Jaruneczka\AppData\Roaming\CyberLink
2014-09-27 13:52 . 2014-09-27 13:58 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-09-27 13:29 . 2014-09-27 13:29 -------- d-----w- c:\users\Jaruneczka\AppData\Local\Chromium
2014-09-25 15:33 . 2014-10-15 12:13 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-09-24 02:58 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 02:58 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-22 04:31 . 2014-09-22 04:31 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-09-22 04:31 . 2014-09-22 04:31 44640 ----a-w- c:\windows\system32\drivers\aswTap.sys
2014-09-17 13:54 . 2014-09-17 13:54 -------- d-----w- c:\program files (x86)\Windows Defender
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-15 04:26 . 2012-04-26 12:04 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-09-15 07:06 . 2010-11-21 03:27 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-15 00:08 . 2014-10-17 05:34 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{375B8D3E-DE5A-488E-A944-A710CBF7FD6E}\mpengine.dll
2014-09-10 03:54 . 2014-08-13 06:03 33512 ----a-w- c:\windows\SysWow64\drivers\TrueSight.sys
2014-09-10 03:48 . 2014-02-17 08:48 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 03:48 . 2014-02-17 08:48 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-23 02:07 . 2014-08-28 03:56 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 03:56 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 03:56 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-19 18:05 . 2014-09-10 03:12 374968 ----a-w- c:\windows\system32\iedkcs32.dll
2014-08-18 23:01 . 2014-09-10 03:12 23591424 ----a-w- c:\windows\system32\mshtml.dll
2014-08-18 22:29 . 2014-09-10 03:12 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-08-18 22:29 . 2014-09-10 03:12 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-08-18 22:20 . 2014-09-10 03:12 2793984 ----a-w- c:\windows\system32\iertutil.dll
2014-08-18 22:19 . 2014-09-10 03:12 5833728 ----a-w- c:\windows\system32\jscript9.dll
2014-08-18 22:15 . 2014-09-10 03:12 547328 ----a-w- c:\windows\system32\vbscript.dll
2014-08-18 22:15 . 2014-09-10 03:12 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-08-18 22:14 . 2014-09-10 03:12 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-08-18 22:14 . 2014-09-10 03:12 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-08-18 22:08 . 2014-09-10 03:12 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-08-18 22:08 . 2014-09-10 03:12 4232704 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-08-18 22:08 . 2014-09-10 03:12 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-08-18 22:05 . 2014-09-10 03:12 596480 ----a-w- c:\windows\system32\ieui.dll
2014-08-18 22:03 . 2014-09-10 03:12 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-08-18 22:03 . 2014-09-10 03:12 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-08-18 22:03 . 2014-09-10 03:12 758272 ----a-w- c:\windows\system32\jscript9diag.dll
2014-08-18 21:57 . 2014-09-10 03:12 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-08-18 21:56 . 2014-09-10 03:12 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-08-18 21:51 . 2014-09-10 03:12 446464 ----a-w- c:\windows\system32\dxtmsft.dll
2014-08-18 21:46 . 2014-09-10 03:12 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-08-18 21:45 . 2014-09-10 03:12 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-08-18 21:45 . 2014-09-10 03:12 72704 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 21:44 . 2014-09-10 03:12 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44 . 2014-09-10 03:12 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-08-18 21:40 . 2014-09-10 03:12 195584 ----a-w- c:\windows\system32\msrating.dll
2014-08-18 21:39 . 2014-09-10 03:12 85504 ----a-w- c:\windows\system32\mshtmled.dll
2014-08-18 21:38 . 2014-09-10 03:12 289280 ----a-w- c:\windows\system32\dxtrans.dll
2014-08-18 21:36 . 2014-09-10 03:12 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-08-18 21:35 . 2014-09-10 03:12 597504 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-08-18 21:25 . 2014-09-10 03:12 727040 ----a-w- c:\windows\system32\msfeeds.dll
2014-08-18 21:25 . 2014-09-10 03:12 707072 ----a-w- c:\windows\system32\ie4uinit.exe
2014-08-18 21:23 . 2014-09-10 03:12 2104832 ----a-w- c:\windows\system32\inetcpl.cpl
2014-08-18 21:23 . 2014-09-10 03:12 1249280 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-08-18 21:22 . 2014-09-10 03:12 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:16 . 2014-09-10 03:12 13588480 ----a-w- c:\windows\system32\ieframe.dll
2014-08-18 21:15 . 2014-09-10 03:12 2310656 ----a-w- c:\windows\system32\wininet.dll
2014-08-18 21:08 . 2014-09-10 03:12 2014208 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-08-18 21:07 . 2014-09-10 03:12 1068032 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:55 . 2014-09-10 03:12 1447424 ----a-w- c:\windows\system32\urlmon.dll
2014-08-18 20:46 . 2014-09-10 03:12 1812992 ----a-w- c:\windows\SysWow64\wininet.dll
2014-08-18 20:38 . 2014-09-10 03:12 775168 ----a-w- c:\windows\system32\ieapfltr.dll
2014-08-12 13:33 . 2014-08-12 13:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-12 13:28 . 2014-08-12 13:28 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-08-12 13:28 . 2014-08-12 13:28 319912 ----a-w- c:\windows\system32\javaws.exe
2014-08-12 13:28 . 2014-08-12 13:28 189352 ----a-w- c:\windows\system32\javaw.exe
2014-08-12 13:28 . 2014-08-12 13:28 189352 ----a-w- c:\windows\system32\java.exe
2014-08-03 04:52 . 2014-08-03 04:52 30312 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-01 11:53 . 2014-09-10 02:57 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-10 02:57 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-22 12:30 . 2014-07-22 12:30 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-07-22 12:30 . 2014-07-22 12:30 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-07-22 12:30 . 2014-07-22 12:30 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-07-22 12:30 . 2014-07-22 12:30 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-07-22 12:30 . 2014-07-22 12:30 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-07-22 12:30 . 2014-07-22 12:30 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-07-22 12:30 . 2014-07-22 12:30 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-07-22 12:30 . 2014-07-22 12:30 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-07-22 12:30 . 2014-07-22 12:30 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-07-22 12:30 . 2014-07-22 12:30 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-07-22 12:30 . 2014-07-22 12:30 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-07-22 12:30 . 2014-07-22 12:30 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-07-22 12:30 . 2014-07-22 12:30 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-07-22 12:30 . 2014-07-22 12:30 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-07-22 12:30 . 2014-07-22 12:30 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-07-22 12:30 . 2014-07-22 12:30 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-07-22 12:30 . 2014-07-22 12:30 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-07-22 12:30 . 2014-07-22 12:30 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-07-22 12:30 . 2014-07-22 12:30 247808 ----a-w- c:\windows\system32\msls31.dll
2014-07-22 12:30 . 2014-07-22 12:30 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-07-22 12:30 . 2014-07-22 12:30 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-07-22 12:30 . 2014-07-22 12:30 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-07-22 12:30 . 2014-07-22 12:30 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-07-22 12:30 . 2014-07-22 12:30 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-07-22 12:30 . 2014-07-22 12:30 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-07-22 12:30 . 2014-07-22 12:30 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-07-22 12:30 . 2014-07-22 12:30 413696 ----a-w- c:\windows\system32\html.iec
2014-07-22 12:30 . 2014-07-22 12:30 81408 ----a-w- c:\windows\system32\icardie.dll
2014-07-22 12:30 . 2014-07-22 12:30 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-07-22 12:30 . 2014-07-22 12:30 235520 ----a-w- c:\windows\system32\url.dll
2014-07-22 12:30 . 2014-07-22 12:30 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-07-22 12:30 . 2014-07-22 12:30 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-07-22 12:30 . 2014-07-22 12:30 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-07-22 12:30 . 2014-07-22 12:30 143872 ----a-w- c:\windows\system32\wextract.exe
2014-07-22 12:30 . 2014-07-22 12:30 101376 ----a-w- c:\windows\system32\inseng.dll
2014-07-22 12:30 . 2014-07-22 12:30 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-07-22 12:30 . 2014-07-22 12:30 147968 ----a-w- c:\windows\system32\occache.dll
2014-07-22 12:29 . 2014-07-22 12:29 13824 ----a-w- c:\windows\system32\mshta.exe
2014-07-22 12:29 . 2014-07-22 12:29 774144 ----a-w- c:\windows\system32\jscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner;c:\windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys;c:\windows\SYSNATIVE\Drivers\ESETOlmarikOlmascoCleaner.sys [x]
R3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys;c:\windows\SYSNATIVE\DRIVERS\GenericMount.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 scvad_simple;SplitCam Virtual Microphone (WDM);c:\windows\system32\drivers\SplitCamAudio.sys;c:\windows\SYSNATIVE\drivers\SplitCamAudio.sys [x]
R3 splitcam_hd_driver;SplitCam Virtual Video Driver;c:\windows\system32\DRIVERS\splitcam_hd_driver.sys;c:\windows\SYSNATIVE\DRIVERS\splitcam_hd_driver.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe;c:\windows\SYSNATIVE\PuranDefragS.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Atheros\Bluetooth Suite\adminservice.exe [x]
S2 AVP15.0.0;Služba Kaspersky Anti-Virus 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uDefault_Search_URL = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
IE: Přidat do součásti Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\etrading
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F73933D0-D1A5-4A36-9CEF-EA26C568D4D6}: NameServer = 62.24.64.2,8.8.4.4
FF - ProfilePath - c:\users\Jaruneczka\AppData\Roaming\Mozilla\Firefox\Profiles\49wt9mps.default\
FF - prefs.js: browser.startup.homepage - www.centrum.cz
FF - prefs.js: network.proxy.type - 4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-10-17 08:49:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-10-17 06:49
ComboFix2.txt 2014-10-17 05:03
.
Před spuštěním: Volných bajtů: 259 811 860 480
Po spuštění: Volných bajtů: 259 532 492 800
.
- - End Of File - - 1C05F035424141454464230EA1D1E02D

[Rudy]

Smazáno. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

[jaruneczka]

fix it na update se načte, ale skončil chybou, nota už má ajták..díky moc, za všechno

[Rudy]

I za JaRona: Rádo se stalo!