Problem s RSIT

[volodja23]

Ty učty tam byly asi již dřive

[Márty84]

Disk hlasi hodne chyb, muze to byt pricina problemu



Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[volodja23]

ComboFix 13-08-21.01 - Vladimir 22.08.2013 6:39.7.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1029 [GMT 2:00]
Spuštěný z: c:\users\Vladimir\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-22 do 2013-08-22 )))))))))))))))))))))))))))))))
.
.
2013-08-19 08:50 . 2013-08-19 08:50 -------- d-----w- c:\program files\Defraggler
2013-08-14 16:24 . 2013-08-14 16:27 -------- d-----w- c:\windows\system32\MRT
2013-08-14 06:57 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 06:57 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 06:57 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 06:57 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 06:57 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 06:57 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 06:57 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 06:57 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 06:57 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 06:57 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-14 06:57 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 06:57 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-13 11:08 . 2013-08-13 11:08 -------- d-----w- c:\users\Vladimir\AppData\Roaming\OpenOffice
2013-08-10 10:30 . 2013-08-10 10:46 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-08-09 06:22 . 2013-08-09 06:22 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-08-09 06:14 . 2013-08-09 06:14 -------- d-----w- c:\users\Vladimir\AppData\Local\Application Data
2013-08-09 06:11 . 2013-08-09 06:11 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-09 06:11 . 2013-08-09 06:11 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-08-07 14:19 . 2013-08-07 14:55 -------- d-----w- c:\program files\jv16 PowerTools 2013
2013-08-05 20:16 . 2013-08-05 20:16 -------- d-----w- c:\users\Vladimir\AppData\Local\NVIDIA
2013-08-05 20:14 . 2013-08-05 20:14 -------- d-----w- C:\NvidiaLogging
2013-08-05 20:11 . 2013-05-14 19:28 34592 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2013-08-05 20:11 . 2013-05-14 19:27 28448 ----a-w- c:\windows\system32\nvaudcap32v.dll
2013-08-05 19:04 . 2013-08-05 19:04 -------- d-----w- c:\program files\revouninstaller
2013-08-05 06:43 . 2013-08-05 06:43 -------- d-----w- c:\program files\OpenOffice 4
2013-07-28 07:13 . 2013-07-28 07:14 -------- d-----w- c:\program files\LibreOffice 4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-20 14:32 . 2012-03-29 17:58 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-20 14:32 . 2011-10-28 15:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-08 20:59 . 2013-01-16 18:51 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-06-29 16:51 . 2013-06-29 16:51 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-29 16:51 . 2011-12-15 08:04 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-29 16:51 . 2011-10-29 05:32 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-28 05:11 . 2013-03-01 15:44 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-28 05:11 . 2013-01-22 10:19 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 05:11 . 2013-01-22 10:19 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-21 12:02 . 2013-07-04 17:43 6324360 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:02 . 2013-07-04 17:43 21102368 ----a-w- c:\windows\system32\nvoglv32.dll
2013-06-21 12:02 . 2013-07-04 17:43 9069344 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:02 . 2013-07-04 17:43 893728 ----a-w- c:\windows\system32\nvdispgenco3232049.dll
2013-06-21 12:02 . 2013-07-04 17:43 7687592 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:02 . 2013-07-04 17:43 467232 ----a-w- c:\windows\system32\NvIFR.dll
2013-06-21 12:02 . 2013-07-04 17:43 465184 ----a-w- c:\windows\system32\NvFBC.dll
2013-06-21 12:02 . 2013-07-04 17:43 2777888 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:02 . 2013-07-04 17:43 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:02 . 2013-07-04 17:43 12427240 ----a-w- c:\windows\system32\nvd3dum.dll
2013-06-21 12:02 . 2013-07-04 17:43 1024288 ----a-w- c:\windows\system32\nvdispco3232049.dll
2013-06-21 12:02 . 2013-07-04 17:43 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:02 . 2011-10-28 15:20 2597856 ----a-w- c:\windows\system32\nvapi.dll
2013-06-21 12:02 . 2009-07-13 22:09 13411896 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-06-21 09:52 . 2011-10-28 15:21 4192544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 09:52 . 2011-10-28 15:21 3045664 ----a-w- c:\windows\system32\nvsvc.dll
2013-06-21 09:52 . 2011-10-28 15:21 640288 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 09:52 . 2011-10-28 15:21 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 09:52 . 2011-10-28 15:21 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 09:52 . 2011-10-28 15:21 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\system32\nvStreaming.exe
2013-06-18 15:16 . 2013-01-16 18:51 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-06-18 15:16 . 2013-01-16 18:51 43728 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16 . 2013-01-16 18:51 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15 . 2012-12-14 19:45 35488 ----a-w- c:\windows\system32\cmdcsr.dll
2013-06-18 15:15 . 2013-01-24 21:43 348584 ----a-w- c:\windows\system32\guard32.dll
2013-06-18 15:15 . 2012-12-14 19:45 278232 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-06-18 15:15 . 2012-09-04 18:07 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-06-12 06:51 . 2013-06-12 06:51 9089416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-06-05 03:05 . 2013-07-11 05:49 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-11 05:50 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996368]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-07-08 1464536]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-02-15 12:08 1597864 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Vladimir\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-06-18 127192]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-12-04 27632]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-08-20 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-29 1343400]
R4 IObitUnlocker;IObitUnlocker;c:\program files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2011-07-27 20872]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-09-11 76768]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2000-01-01 24680]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-06-18 20072]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-07-08 582936]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-06-18 43728]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-09 243128]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-07 119024]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-29 238952]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14592288]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2011-11-28 32896]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-05-14 34592]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-11-16 10088]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ofescmbg.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:c8,e8,24,af,24,f0,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,e1,5c,5f,b5,93,38,4e,ac,bb,88,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3d,e1,5c,5f,b5,93,38,4e,ac,bb,88,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(692)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(5156)
c:\windows\system32\guard32.dll
c:\windows\System32\cscobj.dll
c:\windows\System32\srchadmin.dll
c:\windows\system32\FXSAPI.dll
.
Celkový čas: 2013-08-22 06:59:45
ComboFix-quarantined-files.txt 2013-08-22 04:59
.
Před spuštěním: Volných bajtů: 37 058 080 768
Po spuštění: Volných bajtů: 36 855 066 624
.
- - End Of File - - F6C7C1FDE2168C54473851210B1E500B
D1AD4C53EADD115593E05FA56D6B9DEA

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"=-
"SUPERAntiSpyware"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"=-
"QuickTime Task"=-
"Malwarebytes' Anti-Malware (reboot)"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Firefox::
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[volodja23]

ComboFix 13-08-21.01 - Vladimir 22.08.2013 12:43:11.8.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1343 [GMT 2:00]
Spuštěný z: c:\users\Vladimir\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Vladimir\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-22 do 2013-08-22 )))))))))))))))))))))))))))))))
.
.
2013-08-22 11:00 . 2013-08-22 11:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-19 08:50 . 2013-08-19 08:50 -------- d-----w- c:\program files\Defraggler
2013-08-14 16:24 . 2013-08-14 16:27 -------- d-----w- c:\windows\system32\MRT
2013-08-14 06:57 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 06:57 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 06:57 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 06:57 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 06:57 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 06:57 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 06:57 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 06:57 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 06:57 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-14 06:57 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-14 06:57 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 06:57 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-13 11:08 . 2013-08-13 11:08 -------- d-----w- c:\users\Vladimir\AppData\Roaming\OpenOffice
2013-08-10 10:30 . 2013-08-10 10:46 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-08-09 06:22 . 2013-08-09 06:22 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-08-09 06:14 . 2013-08-09 06:14 -------- d-----w- c:\users\Vladimir\AppData\Local\Application Data
2013-08-09 06:11 . 2013-08-09 06:11 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-08-09 06:11 . 2013-08-09 06:11 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-08-07 14:19 . 2013-08-07 14:55 -------- d-----w- c:\program files\jv16 PowerTools 2013
2013-08-05 20:16 . 2013-08-05 20:16 -------- d-----w- c:\users\Vladimir\AppData\Local\NVIDIA
2013-08-05 20:14 . 2013-08-05 20:14 -------- d-----w- C:\NvidiaLogging
2013-08-05 20:11 . 2013-05-14 19:28 34592 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2013-08-05 20:11 . 2013-05-14 19:27 28448 ----a-w- c:\windows\system32\nvaudcap32v.dll
2013-08-05 19:04 . 2013-08-05 19:04 -------- d-----w- c:\program files\revouninstaller
2013-08-05 06:43 . 2013-08-05 06:43 -------- d-----w- c:\program files\OpenOffice 4
2013-07-28 07:13 . 2013-07-28 07:14 -------- d-----w- c:\program files\LibreOffice 4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-20 14:32 . 2012-03-29 17:58 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-20 14:32 . 2011-10-28 15:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-08 20:59 . 2013-01-16 18:51 582936 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2013-06-29 16:51 . 2013-06-29 16:51 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-29 16:51 . 2011-12-15 08:04 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-29 16:51 . 2011-10-29 05:32 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-28 05:11 . 2013-03-01 15:44 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-28 05:11 . 2013-01-22 10:19 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-28 05:11 . 2013-01-22 10:19 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-21 12:02 . 2013-07-04 17:43 6324360 ----a-w- c:\windows\system32\nvopencl.dll
2013-06-21 12:02 . 2013-07-04 17:43 21102368 ----a-w- c:\windows\system32\nvoglv32.dll
2013-06-21 12:02 . 2013-07-04 17:43 9069344 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-06-21 12:02 . 2013-07-04 17:43 893728 ----a-w- c:\windows\system32\nvdispgenco3232049.dll
2013-06-21 12:02 . 2013-07-04 17:43 7687592 ----a-w- c:\windows\system32\nvcuda.dll
2013-06-21 12:02 . 2013-07-04 17:43 467232 ----a-w- c:\windows\system32\NvIFR.dll
2013-06-21 12:02 . 2013-07-04 17:43 465184 ----a-w- c:\windows\system32\NvFBC.dll
2013-06-21 12:02 . 2013-07-04 17:43 2777888 ----a-w- c:\windows\system32\nvcuvid.dll
2013-06-21 12:02 . 2013-07-04 17:43 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-06-21 12:02 . 2013-07-04 17:43 12427240 ----a-w- c:\windows\system32\nvd3dum.dll
2013-06-21 12:02 . 2013-07-04 17:43 1024288 ----a-w- c:\windows\system32\nvdispco3232049.dll
2013-06-21 12:02 . 2013-07-04 17:43 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2013-06-21 12:02 . 2011-10-28 15:20 2597856 ----a-w- c:\windows\system32\nvapi.dll
2013-06-21 12:02 . 2009-07-13 22:09 13411896 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-06-21 09:52 . 2011-10-28 15:21 4192544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 09:52 . 2011-10-28 15:21 3045664 ----a-w- c:\windows\system32\nvsvc.dll
2013-06-21 09:52 . 2011-10-28 15:21 640288 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 09:52 . 2011-10-28 15:21 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 09:52 . 2011-10-28 15:21 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 09:52 . 2011-10-28 15:21 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-21 03:16 . 2013-06-21 03:16 566048 ----a-w- c:\windows\system32\nvStreaming.exe
2013-06-18 15:16 . 2013-01-16 18:51 85464 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-06-18 15:16 . 2013-01-16 18:51 43728 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-06-18 15:16 . 2013-01-16 18:51 20072 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-06-18 15:15 . 2012-12-14 19:45 35488 ----a-w- c:\windows\system32\cmdcsr.dll
2013-06-18 15:15 . 2013-01-24 21:43 348584 ----a-w- c:\windows\system32\guard32.dll
2013-06-18 15:15 . 2012-12-14 19:45 278232 ----a-w- c:\windows\system32\cmdvrt32.dll
2013-06-18 15:15 . 2012-09-04 18:07 40664 ----a-w- c:\windows\system32\cmdkbd32.dll
2013-06-12 06:51 . 2013-06-12 06:51 9089416 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-06-05 03:05 . 2013-07-11 05:49 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 04:53 . 2013-07-11 05:50 509440 ----a-w- c:\windows\system32\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-07-07 12:38 220632 ----a-w- c:\users\Vladimir\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2000-01-01 10996368]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-07-08 1464536]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2013-02-15 12:08 1597864 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-06-18 127192]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-12-04 27632]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-08-20 104792]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-29 1343400]
R4 IObitUnlocker;IObitUnlocker;c:\program files\IObit\IObit Unlocker\IObitUnlocker.sys [2011-08-26 28016]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-06-21 413472]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2011-07-27 20872]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-09-11 76768]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2000-01-01 24680]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-06-18 20072]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-07-08 582936]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2013-06-18 43728]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-09 243128]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-07 119024]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-29 238952]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-07-27 14592288]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
S3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys [2011-11-28 32896]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-05-14 34592]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-11-16 10088]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{91C89D88-4FB5-48CA-9AA5-7840DB89F067}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\ofescmbg.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p=
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(688)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(3836)
c:\windows\system32\guard32.dll
c:\windows\System32\gameux.dll
c:\windows\system32\prnfldr.dll
c:\windows\System32\QAgent.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\COMODO\COMODO Internet Security\cavwp.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2013-08-22 13:10:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-22 11:10
ComboFix2.txt 2013-08-22 04:59
.
Před spuštěním: Volných bajtů: 36 913 688 576
Po spuštění: Volných bajtů: 36 860 973 056
.
- - End Of File - - 3D7A8605BD9AB1D6B7DBBF9A9B98294C
D1AD4C53EADD115593E05FA56D6B9DEA

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.



Nastala nejaka zmena?

[volodja23]

PC je rychlejší
mohu odstranit ten "Neznámí účet" ?

[Márty84]

Pro jistotu vytvorte bod novy bod obnovy a pak to muzete zkusit.

[volodja23]

Účet jsem smazal ,zatim vše funguje.
Děkuji Vám moc za pomoc

[Márty84]

Nemate zac

Mejte se a treba zase nekdy