VIRY.CZ

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-12-06.02 - Rambo 07.12.2011 18:24:15.1.4 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3327.2453 [GMT 1:00]
Spuštěný z: c:\users\Rambo\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DSC04029.JPG
C:\setup.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\tcpip.copy
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-07 do 2011-12-07 )))))))))))))))))))))))))))))))
.
.
2011-12-07 17:28 . 2011-12-07 17:28 -------- d-----w- c:\users\Rambo\AppData\Local\temp
2011-12-07 17:28 . 2011-12-07 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-07 17:14 . 2011-12-07 17:14 -------- d-----w- C:\## aswSnx private storage
2011-12-07 16:37 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-07 16:37 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-07 16:37 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-07 16:37 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-07 16:37 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-07 16:37 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-07 16:37 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-07 16:37 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-07 16:37 . 2011-12-07 16:37 -------- d-----w- c:\programdata\AVAST Software
2011-12-07 16:37 . 2011-12-07 16:37 -------- d-----w- c:\program files\AVAST Software
2011-12-07 16:00 . 2011-12-07 17:19 -------- d-----w- c:\windows\system32\wbem\repository
2011-12-07 15:57 . 2011-12-07 15:57 -------- d-----w- c:\users\Rambo\AppData\Roaming\Uninstaller Tool(Comodo Forums)
2011-12-07 14:50 . 2011-12-07 14:50 102184 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-12-07 13:14 . 2011-12-07 13:14 -------- d-----w- c:\users\Rambo\AppData\Local\Threat Expert
2011-12-07 11:57 . 2011-12-07 16:46 -------- d-----w- c:\program files\trend micro
2011-12-07 11:57 . 2011-12-07 11:59 -------- d-----w- C:\rsit
2011-12-07 11:09 . 2011-12-07 11:09 -------- d-----w- c:\program files\PC Tools
2011-12-07 11:07 . 2011-12-07 15:06 -------- d-----w- c:\program files\Common Files\PC Tools
2011-12-07 11:07 . 2011-11-22 18:42 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-30 12:51 . 2011-12-07 16:05 -------- d-----w- c:\programdata\CPA_VA
2011-11-29 15:57 . 2011-11-29 15:58 -------- d-----w- C:\SS3_DS
2011-11-26 09:26 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-11-18 22:58 . 2011-11-18 23:11 -------- d-----w- c:\program files\DreamCom
2011-11-12 10:26 . 2011-11-12 10:27 -------- d-----w- c:\users\Rambo\AppData\Local\Nero
2011-11-09 15:44 . 2011-12-07 15:05 -------- d-----w- c:\programdata\PC Tools
2011-11-09 15:44 . 2011-11-09 15:44 -------- d-----w- c:\users\Rambo\AppData\Roaming\TestApp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 10:37 . 2011-09-05 11:45 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-02 10:37 . 2011-09-05 11:28 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-12-02 10:37 . 2010-10-04 14:24 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-12-02 09:47 . 2011-05-25 08:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-02 08:23 . 2010-10-04 13:57 280736 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-09-28 08:14 . 2011-09-05 11:33 138056 ----a-w- c:\users\Rambo\AppData\Roaming\PnkBstrK.sys
2011-09-28 08:14 . 2011-09-05 11:28 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2006-05-03 09:06 163328 --sha-r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sha-r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sha-r- c:\windows\System32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2011-02-26 03:04 930672 ----a-w- c:\program files\kikin\ie_kikin.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files\Origin\Origin.exe" [2011-09-23 27763336]
"NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2011-03-21 1839104]
"Game Fire"="d:\program files\Smart PC Utilities\Game Fire\GFTray.exe" [2011-08-14 40448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-12-07 113024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cracked Steam Service
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2010-04-22 17:59 1221024 ----a-w- c:\program files\GameSpy\Comrade\Comrade.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2009-09-03 09:30 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 10:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-09-03 14:15 9726568 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-09-04 23:46 2424560 ----a-w- d:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2007-09-27 02:05 734264 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Steam"="c:\hry\_STEAM\steam.exe" -silent
"Google Update"="c:\users\Rambo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 SASKUTIL;SASKUTIL;c:\users\Rambo\AppData\Local\Temp\SASKUTIL.SYS [x]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-07-19 158000]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-07-19 93488]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-01 1526080]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-07-15 101904]
R3 ATP;Comodo EasyVPN Miniport Driver; [x]
R3 cpuz130;cpuz130;c:\users\Rambo\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [2009-06-30 17408]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 5230088]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-07-19 104752]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
R4 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2011-03-21 5281672]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-12-07 116608]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]
S3 netr28u;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 5230088]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-07-19 116016]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-27 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2011-12-01 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2011-12-04 c:\windows\Tasks\At3.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]
.
2011-12-07 c:\windows\Tasks\Auslogics BoostSpeed Special Edition Integrator Start On Rambo Logon.job
- c:\program files\Auslogics\Auslogics BoostSpeed Special Edition\BoostSpeed.exe [2010-11-15 09:15]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000Core.job
- c:\users\Rambo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-02 09:10]
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000UA.job
- c:\users\Rambo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-02 09:10]
.
2011-12-02 c:\windows\Tasks\UpdateCheck.job
- d:\program files\Smart PC Utilities\Game Fire\UpdateCheck.exe [2011-08-14 07:19]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{1D2DA63E-DFE9-4A34-900F-D2A9D2BA2F26}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{1D2DA63E-DFE9-4A34-900F-D2A9D2BA2F26}\7554254435: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{1D2DA63E-DFE9-4A34-900F-D2A9D2BA2F26}\7556274637: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{377088FD-2771-4E5E-8C65-97FD4D7384C5}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{678A4A7F-52D7-4A1E-8A3E-A8E19C8D7FED}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Rambo\AppData\Roaming\Mozilla\Firefox\Profiles\svq7ewal.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Softonic-Eng7 Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://discokillers-eu.websnadno.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8118
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8118
FF - prefs.js: network.proxy.type - 0
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Battlefield Play4Free: battlefieldplay4free@ea.com - %profile%\extensions\battlefieldplay4free@ea.com
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: kikin plugin: {AA994882-F391-4d2e-806F-8908DA4814ED} - %profile%\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
FF - Ext: DigitalPowered Community Toolbar: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - %profile%\extensions\{b317125e-2f10-4388-bf1f-2c31c6cd89ed}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
FF - Ext: Softonic-Eng7 Community Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG2012\Firefox4
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-COMODO Internet Security - c:\program files\COMODO\COMODO Internet Security\cfp.exe
MSConfigStartUp-IObit Malware Fighter - c:\program files\IObit\IObit Malware Fighter\IMF.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1272418347-3484792947-3493189521-1000\Software\SecuROM\License information*]
"datasecu"=hex:e6,75,f2,25,51,01,91,e5,06,34,83,79,7a,14,4a,cc,a7,04,72,cd,92,
01,50,d8,12,c4,96,c4,83,62,e7,ef,a7,2c,50,1b,c9,26,d1,a6,6d,8f,4a,d4,55,93,\
"rkeysecu"=hex:a4,57,a8,e4,57,7b,c7,2c,d5,3f,02,25,26,db,c2,6b
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-12-07 18:30:11
ComboFix-quarantined-files.txt 2011-12-07 17:30
.
Před spuštěním: Volných bajtů: 16 671 571 968
Po spuštění: Volných bajtů: 16 512 532 480
.
- - End Of File - - 9E00E4489C12113905F0167E40CB5FED

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
  [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
  [-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
  
  File::
  C:\Windows\tasks\Auslogics BoostSpeed Special Edition Integrator Start On Rambo Logon.job
  C:\Windows\tasks\AWC Startup.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000UA.job
  C:\Windows\tasks\UpdateCheck.job
  
  Folder::
  C:\Program Files\IObit Toolbar
  C:\Program Files\Common Files\Spigot
  
  Firefox::
  FF - ProfilePath - c:\users\Rambo\AppData\Roaming\Mozilla\Firefox\Profiles\svq7ewal.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
  FF - prefs.js: browser.search.selectedEngine - Softonic-Eng7 Customized Web Search
  FF - prefs.js: browser.startup.homepage - hxxp://discokillers-eu.websnadno.cz/
  FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2405280&q=
  FF - prefs.js: network.proxy.http - 127.0.0.1
  FF - prefs.js: network.proxy.http_port - 8118
  FF - prefs.js: network.proxy.socks - 127.0.0.1
  FF - prefs.js: network.proxy.socks_port - 9050
  FF - prefs.js: network.proxy.ssl - 127.0.0.1
  FF - prefs.js: network.proxy.ssl_port - 8118
  FF - prefs.js: network.proxy.type - 0
  FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\AVG\AVG2012\Firefox4
  FF - user.js: browser.cache.memory.capacity - 65536
  FF - user.js: browser.display.show_image_placeholders - true
  FF - user.js: browser.chrome.favicons - false
  FF - user.js: browser.turbo.enabled - true
  FF - user.js: browser.urlbar.autocomplete.enabled - true
  FF - user.js: browser.urlbar.autofill - true
  FF - user.js: content.interrupt.parsing - true
  FF - user.js: content.max.tokenizing.time - 1800000
  FF - user.js: content.notify.backoffcount - 5
  FF - user.js: content.notify.interval - 600000
  FF - user.js: content.notify.ontimer - true
  FF - user.js: content.switch.threshold - 600000
  FF - user.js: network.http.max-connections - 48
  FF - user.js: network.http.max-connections-per-server - 8
  FF - user.js: network.http.max-persistent-connections-per-proxy - 16
  FF - user.js: network.http.max-persistent-connections-per-server - 4
  FF - user.js: network.http.pipelining - true
  FF - user.js: network.http.pipelining.firstrequest - true
  FF - user.js: network.http.pipelining.maxrequests - 8
  FF - user.js: network.http.proxy.pipelining - true
  FF - user.js: network.http.request.max-start-delay - 0
  FF - user.js: nglayout.initialpaint.delay - 600
  FF - user.js: plugin.expose_full_path - true
  FF - user.js: ui.submenuDelay - 0
  
  RegNull::
  [HKEY_USERS\S-1-5-21-1272418347-3484792947-3493189521-1000\Software\SecuROM\License information*]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  AtJob::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Dobře já to tak udělám. Ještě bych měl dotaz jestli je rozdíl: jestli budu spouštět program: ComboFix v nouzovém nebo normálním réžimu windowsu? Abych něco nedělal špatně děkuji

ComboFix je staven aby fungoval nejlepe v normalnim rezimu, v nouzovem funguje ale muze mit nejake omezene schopnosti. Takze jej spustte v normalnim

Jsem si všimnul, že mi v dolním pravém rohu se neukazuje ikonka avastu jestli je antivirový program avast spuštěný a funguje správně ,-?

ComboFix 11-12-08.01 - Rambo 08.12.2011 17:20:17.2.4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3327.2212 [GMT 1:00]
Spuštěný z: c:\users\Rambo\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Rambo\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\Auslogics BoostSpeed Special Edition Integrator Start On Rambo Logon.job"
"c:\windows\tasks\AWC Startup.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000UA.job"
"c:\windows\tasks\UpdateCheck.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVG\AVG2012\Firefox4
c:\program files\AVG\AVG2012\Firefox4\Components\avgssff4.dll
c:\program files\AVG\AVG2012\Firefox4\Components\avgssff5.dll
c:\program files\AVG\AVG2012\Firefox4\Components\avgssff6.dll
c:\program files\AVG\AVG2012\Firefox4\Components\avgssff7.dll
c:\program files\AVG\AVG2012\Firefox4\Components\avgssff8.dll
c:\program files\AVG\AVG2012\Firefox4\Components\ISearchShield4.xpt
c:\program files\AVG\AVG2012\Firefox4\chrome.manifest
c:\program files\AVG\AVG2012\Firefox4\Chrome\searchshield.jar
c:\program files\AVG\AVG2012\Firefox4\install.rdf
c:\windows\Tasks\At1.job
c:\windows\Tasks\At2.job
c:\windows\Tasks\At3.job
c:\windows\tasks\Auslogics BoostSpeed Special Edition Integrator Start On Rambo Logon.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1272418347-3484792947-3493189521-1000UA.job
c:\windows\tasks\UpdateCheck.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-08 do 2011-12-08 )))))))))))))))))))))))))))))))
.
.
2011-12-08 16:26 . 2011-12-08 16:29 -------- d-----w- c:\users\Rambo\AppData\Local\temp
2011-12-07 16:37 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-07 16:37 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-07 16:37 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-07 16:37 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-07 16:37 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-07 16:37 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-12-07 16:37 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-07 16:37 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-07 16:37 . 2011-12-07 16:37 -------- d-----w- c:\programdata\AVAST Software
2011-12-07 16:37 . 2011-12-07 16:37 -------- d-----w- c:\program files\AVAST Software
2011-12-07 16:00 . 2011-12-08 16:28 -------- d-----w- c:\windows\system32\wbem\repository
2011-12-07 15:57 . 2011-12-07 15:57 -------- d-----w- c:\users\Rambo\AppData\Roaming\Uninstaller Tool(Comodo Forums)
2011-12-07 14:50 . 2011-12-07 14:50 102184 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-12-07 13:14 . 2011-12-07 13:14 -------- d-----w- c:\users\Rambo\AppData\Local\Threat Expert
2011-12-07 11:57 . 2011-12-07 16:46 -------- d-----w- c:\program files\trend micro
2011-12-07 11:57 . 2011-12-07 11:59 -------- d-----w- C:\rsit
2011-12-07 11:09 . 2011-12-07 11:09 -------- d-----w- c:\program files\PC Tools
2011-12-07 11:07 . 2011-12-07 15:06 -------- d-----w- c:\program files\Common Files\PC Tools
2011-12-07 11:07 . 2011-11-22 18:42 185560 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-11-30 12:51 . 2011-12-07 16:05 -------- d-----w- c:\programdata\CPA_VA
2011-11-29 15:57 . 2011-11-29 15:58 -------- d-----w- C:\SS3_DS
2011-11-26 09:26 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-11-18 22:58 . 2011-11-18 23:11 -------- d-----w- c:\program files\DreamCom
2011-11-12 10:26 . 2011-11-12 10:27 -------- d-----w- c:\users\Rambo\AppData\Local\Nero
2011-11-09 15:44 . 2011-12-07 15:05 -------- d-----w- c:\programdata\PC Tools
2011-11-09 15:44 . 2011-11-09 15:44 -------- d-----w- c:\users\Rambo\AppData\Roaming\TestApp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-02 10:37 . 2011-09-05 11:45 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-02 10:37 . 2011-09-05 11:28 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-12-02 10:37 . 2010-10-04 14:24 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-12-02 09:47 . 2011-05-25 08:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-02 08:23 . 2010-10-04 13:57 280736 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-09-28 08:14 . 2011-09-05 11:33 138056 ----a-w- c:\users\Rambo\AppData\Roaming\PnkBstrK.sys
2011-09-28 08:14 . 2011-09-05 11:28 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2006-05-03 09:06 163328 --sha-r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 31232 --sha-r- c:\windows\System32\msfDX.dll
2008-03-16 12:30 216064 --sha-r- c:\windows\System32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2011-02-26 03:04 930672 ----a-w- c:\program files\kikin\ie_kikin.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files\Origin\Origin.exe" [2011-09-23 27763336]
"NetLimiter"="c:\program files\NetLimiter 3\NLClientApp.exe" [2011-03-21 1839104]
"Game Fire"="d:\program files\Smart PC Utilities\Game Fire\GFTray.exe" [2011-08-14 40448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-12-07 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre]
2009-09-03 09:30 61440 ----a-w- c:\genius\ioCentre\gTaskBar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-09-03 14:15 9726568 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-09-04 23:46 2424560 ----a-w- d:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
2007-09-27 02:05 734264 ----a-w- c:\program files\Microsoft Xbox 360 Accessories\XBoxStat.exe
.
R1 SASKUTIL;SASKUTIL;c:\users\Rambo\AppData\Local\Temp\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2009-11-06 106880]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-07-15 101904]
R3 ATP;Comodo EasyVPN Miniport Driver; [x]
R3 cpuz130;cpuz130;c:\users\Rambo\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [2009-06-30 17408]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 netr73;RT73 USB - ovladač karty pro bezdrátovou síť LAN pro systém Windows Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-07-13 545792]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 5230088]
R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-07-19 104752]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-07-28 176128]
R4 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe [2010-03-11 12288]
R4 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [2011-03-21 5281672]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-12-07 12880]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-07-19 158000]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-07-19 93488]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-12-07 116608]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-28 291840]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-01 1526080]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-07-28 8396800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-07-28 247296]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [2009-11-02 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [2009-11-02 11520]
S3 netr28u;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys [2011-03-21 5230088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-07-19 116016]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{1D2DA63E-DFE9-4A34-900F-D2A9D2BA2F26}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{1D2DA63E-DFE9-4A34-900F-D2A9D2BA2F26}\7554254435: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{1D2DA63E-DFE9-4A34-900F-D2A9D2BA2F26}\7556274637: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{377088FD-2771-4E5E-8C65-97FD4D7384C5}: NameServer = 156.154.70.25,156.154.71.25
TCP: Interfaces\{678A4A7F-52D7-4A1E-8A3E-A8E19C8D7FED}: NameServer = 156.154.70.25,156.154.71.25
FF - ProfilePath - c:\users\Rambo\AppData\Roaming\Mozilla\Firefox\Profiles\svq7ewal.default\
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\Mozilla Firefox\extensions\quickstores@quickstores.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Battlefield Play4Free: battlefieldplay4free@ea.com - %profile%\extensions\battlefieldplay4free@ea.com
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de
FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: kikin plugin: {AA994882-F391-4d2e-806F-8908DA4814ED} - %profile%\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
FF - Ext: DigitalPowered Community Toolbar: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - %profile%\extensions\{b317125e-2f10-4388-bf1f-2c31c6cd89ed}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
FF - Ext: Softonic-Eng7 Community Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3652)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Auslogics\Auslogics BoostSpeed Special Edition\BoostSpeed.exe
c:\program files\NetLimiter 3\nlsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-12-08 17:31:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-08 16:31
ComboFix2.txt 2011-12-07 17:30
.
Před spuštěním: Volných bajtů: 27 041 546 240
Po spuštění: Volných bajtů: 26 990 305 280
.
- - End Of File - - 89193821DC7BF36D74815E81792BDCB7

Avast odinstalujte pomoci removeru http://files.avast.com/files/eng/aswclear.exe

Pak stahnete Avast znovu a nainstalujte http://www.avast.com/cs-cz/free-antivirus-download

Nasledne napiste jak se chova PC

Tak podle všech výše popsaných kroků jsem zjistil, že moje PC je stabilnější a rychlejší. Dokonce i můj PING se docela stabilizoval. Za tohle všechno vám hodně děkuju hodně jste mi pomohl
Ještě bych se chtěl zeptat ohledně pingu. Já měřím rychlost mého internetu na http://speedtest.net/
Dřív jsem tam naměřil ping nad 50 odezvu ještě než jsem začal postupovat podle instrukcí popsáno výše. Teď naměřím normálně 45 odezvu. Zjistil jsem, že dokážu naměřit lepší ping v nouzovém režimu windowsu až 35 odezvu. Moc nerozumí tomu čím je to způsobené. A jestli by to nešlo nějak zlepšit?
Pokud by to šlo

ping urcuje hodne i poskytovatel...

v NR nebezi bezp. soft atd, ale tohle neni nejak markantni rozdil co uvadite. Zkuste jeste zakricet na poskytovatele, ze mate zvyseny ping, ale mozna jste daleko od ustredny

S poskytovatel jsem to dvakrát probíral. Vůbec mě nepomohl. On mě tvrdil, že nelze můj ping zlepšit. Pouze můžou pomoct pokud budu mít nízkou rychlost stahování a odesílání dat. Ping prý negarantují. Ale jinak ping prý nezlepšej. Ani nechtěl prozradit jaká je vzdálenost mezi ústřednou a mnou.

Pak uz bohuzel nevim co dale kdyz provider nechce jednat, leda pohrozit zmenou\odchodem od nej...

Na havet by melo byt cisto...

Nevadí snad se bude hrát líp po internetu než před tím. Ještě jsem neměl moc čas. Tak uvidím o víkendu jestli to bude lepší než před tím co jsem měl větší odezvu nad 50. Ještě jednou děkuji moc za váš čas

Nemate zac, rad jsem pomohl Zase nekdy

Ještě bych se chtěl zeptat co způsobovalo problémy, že jsem měl pomalejší pc + moje odezva byla zvýšená?
Co bych měl pro to udělat, abych v budoucnu neměl podobné problémy?

Byla tam nejaka havet ktera si rada povida s okolim = vytezuje sit. Pak tam bylo hodne zbytecnosti spoustenych po startu

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Dulezite je pouzivat rozum pri prohlizeni netu = neklikat na kdejakou blikajici a skakajici blbinu, nenavstevovat pochybne stranky webu (porno, warez atd). Zkratka at nejsou prsty rychlejsi nez rozum