VIRY.CZ

Dobrý den,

chtěl bych poprosit o kontrolu logu z ComboFix. Jedná se o notebook mé drahé polovičky. Zakoupili jsme antivirus Kaspersky multilicenci a nejde nainstalovat. Na dalších dvou pc nainstalovat šel bez problémů. Tento notebook jsem projel Esetem, UsbFixem, tdskillerem a RogueKillerem. Nějaké viry to našlo, eset spustit jde, ale Kaspersky po instalaci ihned spadne a nejde spustit. Z toho soudím, že nejšpíše je v notebooku stále nějaký virus. Tímto bych Vás chtěl poprosit o pomoc.

Moc děkuji!

Marek

LOG:

ComboFix 14-08-21.01 - Romana 22.08.2014 14:36:00.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.5941.4063 [GMT 2:00]
Spuštěný z: c:\users\Romana\Desktop\brouciLikvidator.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\MyPC Backup
c:\program files (x86)\MyPC Backup\aff.conf
c:\program files (x86)\MyPC Backup\AlphaVSS.51.x86.dll
c:\program files (x86)\MyPC Backup\AlphaVSS.52.x64.dll
c:\program files (x86)\MyPC Backup\AlphaVSS.52.x86.dll
c:\program files (x86)\MyPC Backup\AlphaVSS.60.x64.dll
c:\program files (x86)\MyPC Backup\AlphaVSS.60.x86.dll
c:\program files (x86)\MyPC Backup\AlphaVSS.Common.dll
c:\program files (x86)\MyPC Backup\AWSSDK.dll
c:\program files (x86)\MyPC Backup\BackupStack.exe
c:\program files (x86)\MyPC Backup\Configuration Updater.exe
c:\program files (x86)\MyPC Backup\Crypto32.dll
c:\program files (x86)\MyPC Backup\Crypto64.dll
c:\program files (x86)\MyPC Backup\Database\mpcb_backup_conf.db
c:\program files (x86)\MyPC Backup\Database\mpcb_file_cache.db
c:\program files (x86)\MyPC Backup\Database\mpcb_queues.db
c:\program files (x86)\MyPC Backup\Database\mpcb_settings.db
c:\program files (x86)\MyPC Backup\Database\mpcb_sig_cache.db
c:\program files (x86)\MyPC Backup\de_DE.mo
c:\program files (x86)\MyPC Backup\diffstack.dll
c:\program files (x86)\MyPC Backup\es_ES.mo
c:\program files (x86)\MyPC Backup\fr_FR.mo
c:\program files (x86)\MyPC Backup\GetText.dll
c:\program files (x86)\MyPC Backup\it_IT.mo
c:\program files (x86)\MyPC Backup\log\WAIT_HANDLES.log
c:\program files (x86)\MyPC Backup\LogicNP.EZShellExtensions.dll
c:\program files (x86)\MyPC Backup\MPCBClient.dll
c:\program files (x86)\MyPC Backup\MPCBContextMenu.dll
c:\program files (x86)\MyPC Backup\MPCBIconOverlays.dll
c:\program files (x86)\MyPC Backup\MyPC Backup.exe
c:\program files (x86)\MyPC Backup\mypcbackup.ico
c:\program files (x86)\MyPC Backup\ObjectListView.dll
c:\program files (x86)\MyPC Backup\pt_PT.mo
c:\program files (x86)\MyPC Backup\RegisterExtensionDotNet20_x64.exe
c:\program files (x86)\MyPC Backup\RegisterExtensionDotNet20_x86.exe
c:\program files (x86)\MyPC Backup\RestartExplorer.exe
c:\program files (x86)\MyPC Backup\Service Start.exe
c:\program files (x86)\MyPC Backup\Shared Stack.dll
c:\program files (x86)\MyPC Backup\Signup Wizard.exe
c:\program files (x86)\MyPC Backup\syncicon.ico
c:\program files (x86)\MyPC Backup\syncing.ico
c:\program files (x86)\MyPC Backup\tick.ico
c:\program files (x86)\MyPC Backup\uninst.exe
c:\program files (x86)\MyPC Backup\UnRegisterExtensions.exe
c:\program files (x86)\MyPC Backup\Updater.exe
c:\program files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
c:\program files (x86)\MyPC Backup\x86\System.Data.SQLite.dll
c:\program files (x86)\ShopperPro
c:\program files (x86)\ShopperPro\config.json
c:\program files (x86)\ShopperPro\database1_0_0.json
c:\program files (x86)\ShopperPro\FireFox\content\overlay.js
c:\program files (x86)\ShopperPro\FireFox\content\overlay.xul
c:\program files (x86)\ShopperPro\FireFox\content\shopperpro_128.png
c:\program files (x86)\ShopperPro\FireFox\chrome.manifest
c:\program files (x86)\ShopperPro\FireFox\install.rdf
c:\program files (x86)\ShopperPro\JSDriver\1.36.1.172\config.json
c:\program files (x86)\ShopperPro\JSDriver\1.36.1.172\database1_0_0.json
c:\program files (x86)\ShopperPro\JSDriver\1.36.1.172\jsdrv.exe
c:\program files (x86)\ShopperPro\JSDriver\1.36.1.172\jsdrv.sys
c:\program files (x86)\ShopperPro\JSDriver\1.37.1.189\config.json
c:\program files (x86)\ShopperPro\JSDriver\1.37.1.189\database1_0_0.json
c:\program files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe
c:\program files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.sys
c:\program files (x86)\ShopperPro\JSDriver\jsdrv.exe
c:\program files (x86)\ShopperPro\JSDriver\jsdrv.sys
c:\program files (x86)\ShopperPro\manifest.json
c:\program files (x86)\ShopperPro\ShopperPro.crx
c:\program files (x86)\ShopperPro\ShopperPro.zip
c:\program files (x86)\ShopperPro\SPRemove.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPDRIVER_1.37.1.189
-------\Legacy_SPDRIVER_1.37.1.189
-------\Service_BackupStack
-------\Service_SPDRIVER_1.37.1.189
-------\Service_BackupStack
-------\Service_SPDRIVER_1.37.1.189
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-22 do 2014-08-22 )))))))))))))))))))))))))))))))
.
.
2014-08-22 12:43 . 2014-08-22 12:43 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-22 12:43 . 2014-08-22 12:43 -------- d-----w- c:\users\Marek\AppData\Local\temp
2014-08-22 12:43 . 2014-08-22 12:43 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-08-22 12:43 . 2014-08-22 12:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-22 12:11 . 2014-08-22 12:11 -------- d-----w- c:\users\Administrator
2014-08-22 11:02 . 2014-08-22 11:02 -------- d-----w- c:\users\Marek\AppData\Roaming\PC Suite
2014-08-22 10:00 . 2014-08-22 10:00 -------- d-----w- c:\users\Romana\AppData\Roaming\Nokia
2014-08-22 09:48 . 2014-08-22 09:50 -------- d-----w- c:\users\Romana\AppData\Local\Nokia
2014-08-22 09:48 . 2014-08-22 09:59 -------- d-----w- c:\users\Romana\AppData\Roaming\PC Suite
2014-08-22 09:48 . 2014-08-22 09:48 -------- d-----w- c:\programdata\PC Suite
2014-08-22 09:48 . 2014-08-22 09:48 -------- d-----w- c:\programdata\Nokia
2014-08-22 09:48 . 2014-08-22 09:48 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2014-08-22 09:47 . 2014-08-22 09:47 -------- d-----w- c:\program files\DIFX
2014-08-22 09:47 . 2012-10-17 12:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2014-08-22 09:47 . 2014-08-22 09:47 -------- dc----w- c:\windows\system32\DRVSTORE
2014-08-22 09:47 . 2014-08-22 09:47 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2014-08-22 09:47 . 2013-01-23 08:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2014-08-22 09:44 . 2014-08-22 09:48 -------- d-----w- c:\program files (x86)\Nokia
2014-08-20 16:22 . 2014-08-20 16:22 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E0388585-633A-4FF3-9E61-E7CDF730A02C}\offreg.dll
2014-08-19 16:37 . 2014-08-07 08:59 11319200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E0388585-633A-4FF3-9E61-E7CDF730A02C}\mpengine.dll
2014-08-17 15:23 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-17 15:23 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-17 15:23 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-17 15:23 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-17 15:23 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-17 15:23 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-17 15:22 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-17 15:22 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 09:51 . 2014-06-03 10:02 3241984 ----a-w- c:\windows\system32\msi.dll
2014-08-15 09:51 . 2014-06-03 09:29 2363392 ----a-w- c:\windows\SysWow64\msi.dll
2014-08-15 09:51 . 2014-06-03 02:42 1942016 ----a-w- c:\windows\system32\authui.dll
2014-08-15 09:51 . 2014-06-03 02:13 1806336 ----a-w- c:\windows\SysWow64\authui.dll
2014-08-15 09:51 . 2014-06-03 10:02 504320 ----a-w- c:\windows\system32\msihnd.dll
2014-08-15 09:51 . 2014-06-03 09:29 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-08-15 09:51 . 2014-06-03 02:42 112576 ----a-w- c:\windows\system32\consent.exe
2014-08-15 09:49 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-15 09:49 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-15 09:49 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-15 09:49 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-14 16:38 . 2014-08-14 16:38 -------- d-----w- c:\users\Romana\AppData\Local\Ashampoo Movie Studio Pro
2014-08-14 11:07 . 2014-07-08 16:42 61128 ----a-w- c:\windows\system32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys
2014-08-14 10:23 . 2014-08-14 10:23 -------- d-----w- c:\programdata\Freemake
2014-08-14 10:23 . 2014-08-14 10:23 -------- d-----w- c:\program files (x86)\Freemake
2014-08-14 10:03 . 2014-08-14 10:03 -------- d-----w- c:\program files (x86)\SiteLookup
2014-08-14 10:03 . 2014-08-14 10:03 -------- d-----w- c:\users\Romana\AppData\Roaming\SimilarAddon
2014-08-14 10:02 . 2014-08-19 16:27 -------- d-----w- c:\program files (x86)\EnhanceEmpire
2014-08-02 10:49 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-02 10:49 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-02 10:49 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-02 10:49 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-02 10:48 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-02 10:48 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-02 10:48 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-02 10:48 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-02 10:48 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-02 10:48 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-02 10:48 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-02 10:48 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-02 10:48 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-02 10:48 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-28 10:25 . 2014-07-28 10:25 3060920 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\MSOINTL.DLL
2014-07-27 09:45 . 2014-07-27 09:45 5532368 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-07-27 09:45 . 2014-07-27 09:45 5233848 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-07-27 09:45 . 2014-07-27 09:45 26273464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-07-27 09:41 . 2014-07-27 09:41 3633848 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1033\MSOINTL.DLL
2014-07-27 09:41 . 2014-07-27 09:41 7501528 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\CMigrate.exe
2014-07-27 09:41 . 2014-07-27 09:41 7259328 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\Csi.dll
2014-07-27 09:41 . 2014-07-27 09:41 654512 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-07-27 09:41 . 2014-07-27 09:41 36681400 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2014-07-27 09:41 . 2014-07-27 09:41 197328 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\LICLUA.EXE
2014-07-24 16:50 . 2014-07-24 19:13 -------- d-----w- c:\users\Romana\AppData\Local\VirtualStore
2014-07-24 16:12 . 2014-07-24 16:12 -------- d-----w- c:\programdata\Malwarebytes
2014-07-24 16:10 . 2014-08-14 16:20 -------- d-----w- c:\users\Romana\AppData\Local\CrashDumps
2014-07-24 16:01 . 2014-07-24 16:01 29160 ----a-w- c:\windows\SysWow64\drivers\TrueSight.sys
2014-07-24 16:01 . 2014-07-24 16:01 -------- d-----w- c:\programdata\RogueKiller
2014-07-24 15:51 . 2014-08-22 12:18 -------- d-----w- C:\UsbFix
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-19 16:38 . 2014-05-28 17:42 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-19 16:38 . 2014-05-27 15:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-19 15:56 . 2014-05-27 09:24 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-09 15:22 . 2014-05-28 18:22 11204096 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-08 16:19 . 2014-07-08 16:19 119808 ----a-r- c:\users\Romana\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-07-01 13:27 . 2014-07-01 13:27 119808 ----a-r- c:\users\Marek\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-06-18 02:18 . 2014-07-08 19:32 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-08 19:32 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-08 19:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-08 19:32 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:44 . 2014-07-08 19:32 340992 ----a-w- c:\windows\system32\schannel.dll
2014-06-05 14:44 . 2014-07-08 19:32 1462272 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:44 . 2014-07-08 19:32 463872 ----a-w- c:\windows\system32\certcli.dll
2014-06-05 14:16 . 2014-07-08 19:32 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-06-05 14:16 . 2014-07-08 19:32 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:16 . 2014-07-08 19:32 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-06-05 14:15 . 2014-07-08 19:32 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 06:41 . 2014-07-08 19:32 496640 ----a-w- c:\windows\system32\drivers\afd.sys
2014-05-28 07:18 . 2014-05-27 10:11 50800 ----a-w- c:\windows\SysWow64\vmhgfs.dll
2014-05-28 07:18 . 2014-05-27 10:11 34416 ----a-w- c:\windows\SysWow64\vmGuestLibJava.dll
2014-05-28 07:18 . 2014-05-27 10:11 53360 ----a-w- c:\windows\SysWow64\vmGuestLib.dll
2014-05-28 07:17 . 2014-05-27 10:10 18432 ----a-w- c:\windows\SysWow64\corpol.dll
2014-05-27 16:02 . 2014-05-27 16:02 57096 ----a-w- c:\windows\system32\certsentry.dll
2014-05-27 16:02 . 2014-05-27 16:02 48392 ----a-w- c:\windows\SysWow64\certsentry.dll
2014-05-27 15:29 . 2014-05-27 15:29 172032 ----a-w- c:\windows\SysWow64\AniGIF.ocx
2014-05-27 15:27 . 2014-05-27 15:27 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-05-27 12:26 . 2014-05-27 12:26 73216 ----a-w- c:\windows\system32\admparse.dll
2014-05-27 11:36 . 2014-05-27 11:36 131584 ----a-w- c:\windows\system32\aaclient.dll
2014-05-27 10:56 . 2014-05-27 10:10 73216 ----a-w- c:\windows\SysWow64\admparse.dll
2014-05-27 10:56 . 2014-05-27 10:10 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2014-05-27 10:13 . 2014-05-27 10:13 219248 ----a-w- c:\windows\SysWow64\vm3dum.dll
2014-05-27 10:13 . 2014-05-27 10:13 3223152 ----a-w- c:\windows\SysWow64\vm3dgl.dll
2014-05-27 10:13 . 2014-05-27 10:13 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2014-05-27 10:13 . 2014-05-27 10:13 1047552 ----a-w- c:\windows\SysWow64\mfc71u.dll
2014-05-27 10:13 . 2014-05-27 10:13 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e39519a5-9d10-478c-98d8-9c486f3190a4}]
2014-08-14 07:39 250664 ----a-w- c:\program files (x86)\EnhanceEmpire\EnhanceEmpireBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2014-04-14 112856]
"AdobeCEPServiceManager"="c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-05-26 2688920]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SPBIUpdd;ShopperPro UpdateD;c:\program files\Common Files\ShopperPro\spbiw.sys;c:\program files\Common Files\ShopperPro\spbiw.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 {75e31400-eac4-49b7-986c-d198f0b97db7}Gw64;{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64;c:\windows\system32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys;c:\windows\SYSNATIVE\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Update EnhanceEmpire;Update EnhanceEmpire;c:\program files (x86)\EnhanceEmpire\updateEnhanceEmpire.exe;c:\program files (x86)\EnhanceEmpire\updateEnhanceEmpire.exe [x]
S2 Util EnhanceEmpire;Util EnhanceEmpire;c:\program files (x86)\EnhanceEmpire\bin\utilEnhanceEmpire.exe;c:\program files (x86)\EnhanceEmpire\bin\utilEnhanceEmpire.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
S2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
S2 YouTubeAcceleratorService;YouTubeAcceleratorService;c:\progra~2\YOUTUB~1\YouTubeAcceleratorService.exe;c:\progra~2\YOUTUB~1\YouTubeAcceleratorService.exe [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 13:49 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-28 16:38]
.
2014-05-27 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-05-27 15:56]
.
2014-08-02 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-05-27 15:56]
.
2014-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 09:35]
.
2014-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 09:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-07 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-07 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-07 413720]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
LSP: c:\program files (x86)\YouTube Accelerator\ytalsp.dll
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 10.109.197.1 10.77.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Romana\AppData\Roaming\Mozilla\Firefox\Profiles\7y16sldf.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=Quicksearch_13415&q=
user_pref(extensions.autoDisableScopes,14);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - (no file)
Wow6432Node-HKLM-Run-SPDriver - c:\program files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe
AddRemove-ShopperPro - c:\program files (x86)\ShopperPro\SPremove.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\Version9\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version9\tv_w32.exe
c:\program files (x86)\EnhanceEmpire\bin\EnhanceEmpire.BrowserAdapter.exe
.
**************************************************************************
.
Celkový čas: 2014-08-22 15:14:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-22 13:14
ComboFix2.txt 2014-07-24 17:17
ComboFix3.txt 2014-07-13 20:48
.
Před spuštěním: Volných bajtů: 87 342 002 176
Po spuštění: Volných bajtů: 86 776 287 232
.
- - End Of File - - AA40E1FF82CD1B9E0B9CCF30D76A82C1
A36C5E4F47E84449FF07ED3517B43A31

Zdravím!
Jak je na tom váš oper. systém s legalitou?

Dobrý den,

systém byl již v notebooku nainstalován. Koupen nový. Všechny systémy máme ve všech pc legálně, protože jsme si je dali do nákladů. I Kasperskeho jsme si zakoupili. Klidně Vám mohu poslat licenční kody, jestli jste z finančního úřadu...!

Ale je pravda, že konrétně o tento notebook jsem se já nestaral. Máme v rodině celkem 4 pc a o všechny, kromě tohoto, jsem se staral já. Nyní jsem si ho vzal na starosti a první, co jsem začal řešit bylo odvirování a ovladače.

Poradíte mi a nebo chcete nejdříve poslat licence... ?

Děkuji!

Z FÚ nejsem, pouze respektuji pravidla fóra. Tak jinak. PC je domácí, nebo patří organizaci, či firmě?

Dobrá. Omlouvám se.
Notebook je domácí, pouze si ho žena dala do nákladů. Je účetní. Sice má v kanceláři jiný notebook, ale přesto bych byl klidnější, kdyby byl i tento bez virů.
Děkuji!

OK. Spouštění ComboFixu nedoporučujeme laikům. Tato utilita může poškodit systém, nebo některé aplikace.

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\system32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Rsgistry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e39519a5-9d10-478c-98d8-9c486f3190a4}]

Driver::
SPBIUpdd
c2cautoupdatesvc
c2cpnrsvc

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spsutí a vykoná příkazy ze skriptu.

Obrázek

Dobrý den,

operace v combofix proběhla.
Přikládám nový log. Prosím o kontrolu, jestli je už vše v pořádku.
Moc děkuji!
Marek

ComboFix 14-08-29.03 - Romana 29.08.2014 11:47:59.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.5941.4073 [GMT 2:00]
Spuštěný z: c:\users\Romana\Desktop\brouciLikvidator.exe
Použité ovládací přepínače :: c:\users\Romana\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ShopperPro
c:\programdata\ShopperPro\config.json
c:\programdata\ShopperPro\database1_0_0.json
c:\programdata\ShopperPro\spbihe.js
c:\users\Romana\AppData\Roaming\Mozilla\Firefox\Profiles\7y16sldf.default\search-metadata.json
c:\windows\system32\drivers\{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SPBIUPDD
-------\Service_c2cautoupdatesvc
-------\Service_c2cpnrsvc
-------\Service_SPBIUpdd
-------\Legacy_{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64
-------\Service_{75e31400-eac4-49b7-986c-d198f0b97db7}Gw64
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-29 )))))))))))))))))))))))))))))))
.
.
2014-08-29 09:55 . 2014-08-29 09:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-29 09:55 . 2014-08-29 09:55 -------- d-----w- c:\users\Marek\AppData\Local\temp
2014-08-29 09:55 . 2014-08-29 09:55 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-08-29 09:55 . 2014-08-29 09:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-29 09:44 . 2014-08-29 09:45 -------- d-----w- C:\brouciLikvidator
2014-08-29 09:39 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{77F940BC-7B9E-49F1-8A44-D063E8D71104}\mpengine.dll
2014-08-28 10:42 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 10:42 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 10:42 . 2014-08-23 00:59 3166720 ----a-w- c:\windows\system32\win32k.sys
2014-08-26 05:59 . 2014-08-25 09:45 61128 ----a-w- c:\windows\system32\drivers\{7951da45-7bdd-437b-929a-ec3e88ff6c84}Gw64.sys
2014-08-23 15:42 . 2014-08-23 15:42 -------- d-----w- c:\users\Romana\AppData\Roaming\dll-files.com
2014-08-22 12:11 . 2014-08-22 12:11 -------- d-----w- c:\users\Administrator
2014-08-22 11:02 . 2014-08-22 11:02 -------- d-----w- c:\users\Marek\AppData\Roaming\PC Suite
2014-08-22 10:00 . 2014-08-22 10:00 -------- d-----w- c:\users\Romana\AppData\Roaming\Nokia
2014-08-22 09:48 . 2014-08-22 09:50 -------- d-----w- c:\users\Romana\AppData\Local\Nokia
2014-08-22 09:48 . 2014-08-22 09:59 -------- d-----w- c:\users\Romana\AppData\Roaming\PC Suite
2014-08-22 09:48 . 2014-08-22 09:48 -------- d-----w- c:\programdata\PC Suite
2014-08-22 09:48 . 2014-08-22 09:48 -------- d-----w- c:\programdata\Nokia
2014-08-22 09:48 . 2014-08-22 09:48 -------- d-----w- c:\program files (x86)\Common Files\Nokia
2014-08-22 09:47 . 2014-08-22 09:47 -------- d-----w- c:\program files\DIFX
2014-08-22 09:47 . 2012-10-17 12:53 26112 ----a-w- c:\windows\system32\drivers\pccsmcfdx64.sys
2014-08-22 09:47 . 2014-08-22 09:47 -------- dc----w- c:\windows\system32\DRVSTORE
2014-08-22 09:47 . 2014-08-22 09:47 -------- d-----w- c:\program files (x86)\PC Connectivity Solution
2014-08-22 09:47 . 2013-01-23 08:31 57856 ----a-w- c:\windows\system32\nmwcdclsX64.dll
2014-08-22 09:44 . 2014-08-22 09:48 -------- d-----w- c:\program files (x86)\Nokia
2014-08-17 15:23 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-17 15:23 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-17 15:23 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-17 15:23 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-17 15:23 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-17 15:23 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-17 15:22 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-17 15:22 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 09:51 . 2014-06-03 10:02 3241984 ----a-w- c:\windows\system32\msi.dll
2014-08-15 09:51 . 2014-06-03 09:29 2363392 ----a-w- c:\windows\SysWow64\msi.dll
2014-08-15 09:51 . 2014-06-03 02:42 1942016 ----a-w- c:\windows\system32\authui.dll
2014-08-15 09:51 . 2014-06-03 02:13 1806336 ----a-w- c:\windows\SysWow64\authui.dll
2014-08-15 09:51 . 2014-06-03 10:02 504320 ----a-w- c:\windows\system32\msihnd.dll
2014-08-15 09:51 . 2014-06-03 09:29 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2014-08-15 09:51 . 2014-06-03 02:42 112576 ----a-w- c:\windows\system32\consent.exe
2014-08-15 09:49 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-15 09:49 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-15 09:49 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-15 09:49 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-14 16:38 . 2014-08-14 16:38 -------- d-----w- c:\users\Romana\AppData\Local\Ashampoo Movie Studio Pro
2014-08-14 10:23 . 2014-08-14 10:23 -------- d-----w- c:\programdata\Freemake
2014-08-14 10:23 . 2014-08-14 10:23 -------- d-----w- c:\program files (x86)\Freemake
2014-08-14 10:03 . 2014-08-14 10:03 -------- d-----w- c:\program files (x86)\SiteLookup
2014-08-14 10:03 . 2014-08-14 10:03 -------- d-----w- c:\users\Romana\AppData\Roaming\SimilarAddon
2014-08-14 10:02 . 2014-08-19 16:27 -------- d-----w- c:\program files (x86)\EnhanceEmpire
2014-08-02 10:49 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-02 10:49 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-02 10:49 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-02 10:49 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-02 10:48 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-02 10:48 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-02 10:48 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-02 10:48 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-02 10:48 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-02 10:48 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-02 10:48 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-02 10:48 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-02 10:48 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-02 10:48 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-23 15:46 . 2014-05-27 10:11 50800 ----a-w- c:\windows\SysWow64\vmhgfs.dll
2014-08-23 15:46 . 2014-05-27 10:11 34416 ----a-w- c:\windows\SysWow64\vmGuestLibJava.dll
2014-08-23 15:46 . 2014-05-27 10:11 53360 ----a-w- c:\windows\SysWow64\vmGuestLib.dll
2014-08-23 15:45 . 2014-05-27 10:10 18432 ----a-w- c:\windows\SysWow64\corpol.dll
2014-08-19 16:38 . 2014-05-28 17:42 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-19 16:38 . 2014-05-27 15:45 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-19 15:56 . 2014-05-27 09:24 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-24 16:01 . 2014-07-24 16:01 29160 ----a-w- c:\windows\SysWow64\drivers\TrueSight.sys
2014-07-09 15:22 . 2014-05-28 18:22 11204096 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-08 16:19 . 2014-07-08 16:19 119808 ----a-r- c:\users\Romana\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-07-01 13:27 . 2014-07-01 13:27 119808 ----a-r- c:\users\Marek\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-06-18 02:18 . 2014-07-08 19:32 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-08 19:32 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-08 19:32 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-08 19:32 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:44 . 2014-07-08 19:32 340992 ----a-w- c:\windows\system32\schannel.dll
2014-06-05 14:44 . 2014-07-08 19:32 1462272 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:44 . 2014-07-08 19:32 463872 ----a-w- c:\windows\system32\certcli.dll
2014-06-05 14:16 . 2014-07-08 19:32 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-06-05 14:16 . 2014-07-08 19:32 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:16 . 2014-07-08 19:32 342528 ----a-w- c:\windows\SysWow64\certcli.dll
2014-06-05 14:15 . 2014-07-08 19:32 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e39519a5-9d10-478c-98d8-9c486f3190a4}]
2014-08-14 07:39 250664 ----a-w- c:\program files (x86)\EnhanceEmpire\EnhanceEmpireBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-10-02 1090912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2014-04-14 112856]
"AdobeCEPServiceManager"="c:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-05-26 2688920]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 {7951da45-7bdd-437b-929a-ec3e88ff6c84}Gw64;{7951da45-7bdd-437b-929a-ec3e88ff6c84}Gw64;c:\windows\system32\drivers\{7951da45-7bdd-437b-929a-ec3e88ff6c84}Gw64.sys;c:\windows\SYSNATIVE\drivers\{7951da45-7bdd-437b-929a-ec3e88ff6c84}Gw64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Update EnhanceEmpire;Update EnhanceEmpire;c:\program files (x86)\EnhanceEmpire\updateEnhanceEmpire.exe;c:\program files (x86)\EnhanceEmpire\updateEnhanceEmpire.exe [x]
S2 Util EnhanceEmpire;Util EnhanceEmpire;c:\program files (x86)\EnhanceEmpire\bin\utilEnhanceEmpire.exe;c:\program files (x86)\EnhanceEmpire\bin\utilEnhanceEmpire.exe [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
S2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi20-shared.sys;SysWOW64\drivers\vstor2-mntapi20-shared.sys [x]
S2 YouTubeAcceleratorService;YouTubeAcceleratorService;c:\progra~2\YOUTUB~1\YouTubeAcceleratorService.exe;c:\progra~2\YOUTUB~1\YouTubeAcceleratorService.exe [x]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys;c:\windows\SYSNATIVE\DRIVERS\bcmvwl64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MonitorFunction;Driver for Monitor;c:\windows\system32\DRIVERS\TVMonitor.sys;c:\windows\SYSNATIVE\DRIVERS\TVMonitor.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 13:49 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-28 16:38]
.
2014-08-28 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-05-27 15:56]
.
2014-08-28 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-05-27 15:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-05-23 00:10 671904 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:41 2335960 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Dell\DW WLAN Card\WLTRAY.exe" [2009-12-16 5470208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-07 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-07 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-07 413720]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=13415
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
LSP: c:\program files (x86)\YouTube Accelerator\ytalsp.dll
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 10.109.197.1 10.77.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Romana\AppData\Roaming\Mozilla\Firefox\Profiles\7y16sldf.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=Quicksearch_13415&q=
user_pref(extensions.autoDisableScopes,14);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-08-29 12:02:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-29 10:02
ComboFix2.txt 2014-08-22 13:14
ComboFix3.txt 2014-07-24 17:17
ComboFix4.txt 2014-07-13 20:48
.
Před spuštěním: Volných bajtů: 87 852 716 032
Po spuštění: Volných bajtů: 87 574 937 600
.
- - End Of File - - 1B1AE33234E72310B3F9AB1A617F7D91
A36C5E4F47E84449FF07ED3517B43A31

Log je již OK. CF odinstalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe. Nastala nějaká změna?

Děkuji!
Bohužel, Kašperský stále nejde ani spustit, ani zaregistrovat. Fakt netuším, čím by to mohlo být. Je zajímavé, že Eset jde naprosto bez problémů. Jenomže jsme si zakoupili Kašperského. Doufám, že jsem nevyhodil 1500 Kč z okna...
Zkoušel jsem i vypnout Windows Defender a nic. Jiný antivir také není nainstalovaný.
Mohl by to být třeba nějaký spyware?
Moc děkuji za pomoc.
Marek

Jaký tam byl antivir před tím, než jste si zakoupili Kasperského?

Eset, a před ním ten antivirus od Microsoftu. Eset byl pouze na zkoušku, tzn free. Jinak na dalších dvou PC (syna a prac. Ntb ženy) funguje Kašperský bez problému. Koupili jsme licenci pro tři PC.

OK. Zkuste PC projet Eset Uninstallerem: http://kb.eset.com/esetkb/index?page=co ... cale=cs_CZ . Akci doporučuji provést v nouz. režimu. Pak znovu zkuste instalaci Kasperského.

Sláva Bohu!
Moc moc moc dííííííííky!
Konečně se Kašpersky rozeběhl. Nyní běží test. Tak uvidíme.
Chtěl bych Vás ještě poprosit o radu. I přesto, že v prohlížeči je ADBlock na blokování reklamy, tak neustále nějaká vyskakuje.
Je nějaký účinný antispyware nebo antimalware? Nebo bude stačit Kašpersky?
Také bych se chtěl zeptat, kde se dá naučit, jak pracovat s ComboFix a vůbec více o pc bezpečnosti a o virech? A kolik by to stálo?
Ještě jednou moc děkuji!
Marek

Antispy je Kasperského součástí. Takže nejprve vyzkoušejte a pokud by vám nevyhovoval, budeme uvažovat o jiném antispy.

Nalezeno 15 virů - adware a malware.
Scanuji pc znova.

VIRY.CZ

Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky

Re: Prosím o kontrolu logu - nejde nainstalovat Kaspersky