Zavirovaná IP??!!

[jasnenka]

Ale samzal se mi nějaký klíč, program musím každý otvírat jako správce, jinak ho neotevřu a teď třeba ani soubor neotevřu...zase mi to píše, že byl označen klíč k registru...

[Márty84]

Tak sem dejte novy log z RSIT

[Márty84]

Ale samzal se mi nějaký klíč, program musím každý otvírat jako správce, jinak ho neotevřu a teď třeba ani soubor neotevřu...zase mi to píše, že byl označen klíč k registru...

Restartujte pc, registry se vzpamatujou

[jasnenka]

To budu docela zase ale čekat..docela to trvá...ale asi mi nic jiného nezbyde, že?..

[Márty84]

Co trva? RSIT je rychlovka

[jasnenka]

Jo RSIT, to je rychlé...

[jasnenka]

Logfile of random's system information tool 1.09 (written by random/random)
Run by marika at 2012-10-09 19:22:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 87 GB (63%) free of 137 GB
Total RAM: 1791 MB (36% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
taskeng.exe {9441575B-6EE2-4737-A153-A4D7D846A92C}
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe"
"C:\Program Files (x86)\System Control Manager\MSIService.exe"
"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Sticky Password\stpass.exe" /autorunned
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\NetSoftware\NetSoftware.exe"
WLIDSvcM.exe 2208
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\sppsvc.exe
"C:\Users\marika\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\marika\AppData\Roaming\Mozilla\Firefox\Profiles\ijkzm78c.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/?clid=3"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\marika\AppData\Roaming\Mozilla\Firefox\Profiles\ijkzm78c.default\extensions\
avg@toolbar
foxmarks@kei.com
gemgecko-web@gemius.com
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\marika\AppData\Roaming\Mozilla\Firefox\Profiles\ijkzm78c.default\searchplugins\
avg-secure-search.xml
firmycz.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files (x86)\Seznam.cz\listicka.dll [2011-03-15 2201600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll [2011-03-10 183808]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-06-24 1833504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StickyPassword"=C:\Program Files (x86)\Sticky Password\stpass.exe [2012-08-23 3212152]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2012-08-28 188928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-05-17 249344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-10-09 18:27:49 ----D---- C:\Program Files (x86)\MozBackup
2012-10-09 18:13:41 ----A---- C:\ComboFix.txt
2012-10-09 17:59:11 ----D---- C:\$RECYCLE.BIN
2012-10-09 16:18:18 ----A---- C:\windows\zip.exe
2012-10-09 16:18:18 ----A---- C:\windows\SWSC.exe
2012-10-09 16:18:18 ----A---- C:\windows\SWREG.exe
2012-10-09 16:18:18 ----A---- C:\windows\sed.exe
2012-10-09 16:18:18 ----A---- C:\windows\PEV.exe
2012-10-09 16:18:18 ----A---- C:\windows\NIRCMD.exe
2012-10-09 16:18:18 ----A---- C:\windows\MBR.exe
2012-10-09 16:18:18 ----A---- C:\windows\grep.exe
2012-10-09 16:09:34 ----D---- C:\Qoobox
2012-10-09 16:08:54 ----D---- C:\windows\erdnt
2012-10-09 15:31:54 ----A---- C:\TDSSKiller.2.8.10.0_09.10.2012_15.31.54_log.txt
2012-10-09 15:28:55 ----A---- C:\TDSSKiller.2.8.10.0_09.10.2012_15.28.55_log.txt
2012-10-09 14:34:26 ----D---- C:\_OTL
2012-10-09 11:05:20 ----D---- C:\Program Files\trend micro
2012-10-09 11:05:18 ----D---- C:\rsit
2012-09-26 06:22:33 ----A---- C:\windows\system32\OxpsConverter.exe
2012-09-22 21:46:11 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2012-09-22 21:46:11 ----A---- C:\windows\system32\mshtmled.dll
2012-09-22 21:46:09 ----A---- C:\windows\SYSWOW64\vbscript.dll
2012-09-22 21:46:08 ----A---- C:\windows\SYSWOW64\ieui.dll
2012-09-22 21:46:07 ----A---- C:\windows\system32\ieui.dll
2012-09-22 21:46:06 ----A---- C:\windows\SYSWOW64\url.dll
2012-09-22 21:46:06 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2012-09-22 21:46:06 ----A---- C:\windows\system32\url.dll
2012-09-22 21:46:06 ----A---- C:\windows\system32\ieUnatt.exe
2012-09-22 21:46:03 ----A---- C:\windows\SYSWOW64\urlmon.dll
2012-09-22 21:46:02 ----A---- C:\windows\system32\urlmon.dll
2012-09-22 21:46:00 ----A---- C:\windows\system32\jscript9.dll
2012-09-22 21:45:59 ----A---- C:\windows\system32\msfeeds.dll
2012-09-22 21:45:58 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2012-09-22 21:45:56 ----A---- C:\windows\SYSWOW64\wininet.dll
2012-09-22 21:45:56 ----A---- C:\windows\system32\wininet.dll
2012-09-22 21:45:53 ----A---- C:\windows\system32\jsproxy.dll
2012-09-22 21:45:52 ----A---- C:\windows\SYSWOW64\jscript9.dll
2012-09-22 21:45:51 ----A---- C:\windows\SYSWOW64\jscript.dll
2012-09-22 21:45:51 ----A---- C:\windows\system32\vbscript.dll
2012-09-22 21:45:50 ----A---- C:\windows\system32\jscript.dll
2012-09-22 21:45:49 ----A---- C:\windows\system32\iertutil.dll
2012-09-22 21:45:48 ----A---- C:\windows\SYSWOW64\iertutil.dll
2012-09-22 21:45:47 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2012-09-22 21:45:42 ----A---- C:\windows\SYSWOW64\mshtml.dll
2012-09-22 21:45:37 ----A---- C:\windows\system32\mshtml.dll
2012-09-22 21:45:33 ----A---- C:\windows\system32\ieframe.dll
2012-09-22 21:45:29 ----A---- C:\windows\SYSWOW64\ieframe.dll
2012-09-12 14:06:12 ----A---- C:\windows\system32\drivers\ndis.sys
2012-09-12 14:06:11 ----A---- C:\windows\system32\drivers\RNDISMP.sys
2012-09-12 14:06:08 ----A---- C:\windows\system32\d3d10level9.dll
2012-09-12 14:06:07 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2012-09-12 14:06:03 ----A---- C:\windows\system32\drivers\tcpip.sys
2012-09-12 14:06:02 ----A---- C:\windows\system32\drivers\netio.sys
2012-09-12 14:06:01 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS

======List of files/folders modified in the last 1 month======

2012-10-09 19:22:32 ----D---- C:\windows\Temp
2012-10-09 19:18:33 ----D---- C:\ProgramData\NetSoftware
2012-10-09 19:18:01 ----D---- C:\windows\system32\config
2012-10-09 19:17:09 ----D---- C:\Program Files\NetSoftware
2012-10-09 18:27:49 ----RD---- C:\Program Files (x86)
2012-10-09 18:13:59 ----D---- C:\windows\system32\drivers
2012-10-09 18:02:49 ----D---- C:\windows\System32
2012-10-09 18:02:49 ----D---- C:\windows\inf
2012-10-09 18:02:49 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-10-09 17:59:36 ----D---- C:\Windows
2012-10-09 17:59:36 ----A---- C:\windows\system.ini
2012-10-09 17:59:04 ----D---- C:\windows\system32\drivers\etc
2012-10-09 17:50:18 ----D---- C:\windows\SYSWOW64\drivers
2012-10-09 17:50:18 ----D---- C:\windows\SysWOW64
2012-10-09 17:50:18 ----D---- C:\windows\AppPatch
2012-10-09 17:50:16 ----D---- C:\Program Files (x86)\Common Files
2012-10-09 15:01:28 ----D---- C:\Users\marika\AppData\Roaming\Opera
2012-10-09 15:01:26 ----D---- C:\Program Files (x86)\Opera
2012-10-09 14:42:04 ----SHD---- C:\windows\Installer
2012-10-09 14:42:04 ----D---- C:\windows\system32\catroot
2012-10-09 14:41:57 ----D---- C:\windows\Tasks
2012-10-09 12:22:14 ----SHD---- C:\System Volume Information
2012-10-09 12:10:56 ----D---- C:\windows\system32\Tasks
2012-10-09 11:05:20 ----RD---- C:\Program Files
2012-10-08 20:27:06 ----D---- C:\Users\marika\AppData\Roaming\Skype
2012-10-08 11:56:52 ----D---- C:\Users\marika\AppData\Roaming\ICQ
2012-10-06 16:19:49 ----D---- C:\windows\system32\catroot2
2012-10-02 17:26:13 ----D---- C:\windows\system32\NDF
2012-09-28 17:18:17 ----SD---- C:\Users\marika\AppData\Roaming\Microsoft
2012-09-26 06:27:43 ----D---- C:\windows\winsxs
2012-09-26 06:18:38 ----D---- C:\Program Files\CCleaner
2012-09-23 11:34:29 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-23 11:34:28 ----D---- C:\windows\SYSWOW64\migration
2012-09-23 11:34:23 ----D---- C:\windows\system32\migration
2012-09-23 11:34:21 ----D---- C:\Program Files\Internet Explorer
2012-09-21 14:46:39 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2012-09-14 07:56:41 ----D---- C:\windows\debug
2012-09-13 08:23:14 ----D---- C:\Config.Msi
2012-09-13 06:32:01 ----D---- C:\windows\system32\DriverStore
2012-09-13 06:26:04 ----A---- C:\windows\system32\MRT.exe
2012-09-13 06:25:35 ----D---- C:\ProgramData\Microsoft Help
2012-09-11 11:50:53 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2009-06-24 1787168]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-19 712704]
R3 RTHDMIAzAudService;Service for HDMI; C:\windows\system32\drivers\RtHDMIVX.sys [2009-06-24 205472]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-06-04 216064]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 smserial;smserial; C:\windows\system32\DRIVERS\SmSerl64.sys [2009-06-10 1227776]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-04-05 1518976]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-07-30 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 Micro Star SCM;Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [2009-07-10 160768]
R2 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [2009-08-18 7599616]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2009-08-24 544768]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

[Márty84]

OK, takze nezbytny uklid.

Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, zda je vse v poradku

[jasnenka]

Tohle asi není odinstalace ComboFix?..

[jasnenka]

.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-09 do 2012-10-09 )))))))))))))))))))))))))))))))
.
.
2012-10-09 18:36 . 2012-10-09 18:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-09 16:27 . 2012-10-09 16:27 -------- d-----w- c:\program files (x86)\MozBackup
2012-10-09 12:34 . 2012-10-09 12:34 -------- d-----w- C:\_OTL
2012-10-09 10:22 . 2012-10-09 10:22 512 ----a-w- C:\PhysicalMBR.bin
2012-10-09 09:05 . 2012-10-09 17:22 -------- d-----w- c:\program files\trend micro
2012-10-09 09:05 . 2012-10-09 09:07 -------- d-----w- C:\rsit
2012-10-09 08:03 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7F3A90AD-86B0-40C9-9BBC-F01E0A6CCDAC}\mpengine.dll
2012-09-26 04:22 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-22 19:45 . 2012-08-24 10:11 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-09-12 12:06 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 12:06 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 12:06 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 12:06 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 12:06 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 12:06 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 12:06 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-21 12:46 . 2012-06-15 04:36 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-21 12:46 . 2011-05-16 18:40 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-13 04:26 . 2011-05-17 09:45 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-08-21 09:13 . 2012-01-27 08:16 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-01-27 08:16 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-01-27 08:16 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-02-25 13:34 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-01-27 08:16 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-01-27 08:16 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-01-27 08:15 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-01-27 08:15 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2012-01-27 08:16 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-07-18 18:15 . 2012-08-15 18:23 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files (x86)\Seznam.cz\toolbar\toolbar.dll" [2011-03-10 183808]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StickyPassword"="c:\program files (x86)\Sticky Password\stpass.exe" [2012-08-23 3212152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2012-08-28 188928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"ArcSoft Connection Service"=c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" /path="c:\program files\NetSoftware"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [2009-08-24 544768]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-07 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-04 216064]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-17 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AHDDC2;Ashampoo HDD Control 2 Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-04-05 1518976]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-06-19 712704]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-06-24 1833504]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Sticky Password - c:\program files (x86)\Sticky Password\spIEBho.dll/616
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files (x86)\Seznam.cz\listicka.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\marika\AppData\Roaming\Mozilla\Firefox\Profiles\ijkzm78c.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/?clid=3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2012-10-09 20:42:11
ComboFix-quarantined-files.txt 2012-10-09 18:42
ComboFix2.txt 2012-10-09 16:13
ComboFix3.txt 2012-10-09 14:45
.
Před spuštěním: Volných bajtů: 91 073 982 464
Po spuštění: Volných bajtů: 91 005 849 600
.
- - End Of File - - D8D427E25EC943C598C7882D4EEF85B6

[jasnenka]

Moc nerozumím tomuhle:

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

Vrhnu se na tento zbytek dořešení až ráno, dneska už toho mám moc...

Snad si na mě ještě zítra (doufám a věřím, že už ne na celý den..) čas...?

Jinak Vám moc moc děkuju za dnešek! Bez Vás bych byla bezradná...

A dobrou noc přeji..,

[Márty84]

Normalne na plose mate jeho ikonu a ta se jmenuje ComboFix, je to tak? Tak tu ikonu normalne prejmenujte, at se jmenuje Uninstall, pak na ni kliknete pravym mysidlem a spustte jako spravce. CF by nemel zacit skenovat, ale odinstaluje se


Jestli to nejde, tak zmacknete klavesovou kombinaci Win + R a do toho radku co se objevi napiste combofix /uninstall (za tim x musi byt mezera) a zmacknete Enter


Ostatni kroky by nemely delat zadne potize a netrvaji dlouho. Jen ta defragmentace muze trvat i nekolik hodin. Ale doporucuji ji udelat, az bude nekdy cas.

Zitra tady samozrejme budu zase prubezne nahlizet. Sice mene casto nez dnes, ale myslim, ze uz to stejne zvladnete sama

Nemate vubec zac, rado se stalo

Vam take dobrou noc. Snad nebudete mit sny o pc

[jasnenka]

Tak jsem to zvládla a nyní dělám už poslední úkol tu defregmentaci. Pak ještě si přeinstaluji prohlížeč a možná poštovního klienta a bude to díky Vám v cajku?..

Ráda bych se Vás ale zeptala ještě, v čem byl asi tak problém?

Jaký program mi na optimalizaci PC byste doporučil (bezplatného programu prosím) ?

Jinak ccleaner mám v PC nainstalovaný a čistím pravidelně třeba cca po 3 dnech...

A ještě poslendí otázku...Zavirovaný PC nemám a ani nebyl, nebo jo?..

Díky předem za odpovědi.

[Márty84]

No vidite, jak jste sikovna

Preinstalovani klienta myslim nebude nutne. Ale kdyz si zalohujete ty maily tim programem, jak jsem psal, neni problem to preinstalovat taky.

V cem byl presne problem vam nepovim. Jelikoz CF dela vice veci a o nekterych ani neinformuje. Mozna fakt neco s tou IP (to bychom se dozvedeli, kdybyste predtim pouzila ten WinsockFix), nevim.

CCleaner bohate staci, kdyz procistite i registry.

Nejaky binec v pc byl, hlavne v tech registrech.
Jeste bych ale radeji udelal toto
Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce


V lozich sice havet nevidim, ale muze se nekde ukryvat, treba v bodech obnovy a jinych mistech, ktere logy neukazou.

[jasnenka]

To je divné...defregmentace 99% a stále běží už snad 2 hodiny a to samé Malwarebytes...je to normální?..