VIRY.CZ

Zdravím, dlouhou dobu mám problém s PC, zřejmě zavirovaný. V počítačích se moc nevyznám tak jsem dle doporučení udělal test pomocí ComboFix a zde vkládám výsledek.

Děkuji za pomoc



ComboFix 13-10-15.02 - Martin 15.10.2013 12:14:05.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2325 [GMT 2:00]
Spuštěný z: c:\users\Martin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-15 do 2013-10-15 )))))))))))))))))))))))))))))))
.
.
2013-10-15 10:28 . 2013-10-15 10:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-15 10:28 . 2013-10-15 10:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-15 10:00 . 2013-10-15 10:00 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FBCFADC-B3D6-4EFD-9821-6B80CB094FF1}\offreg.dll
2013-10-15 09:47 . 2013-10-15 09:51 -------- d-----w- c:\program files (x86)\SpywareGuard
2013-10-15 09:31 . 2013-10-15 09:31 -------- d-----w- c:\programdata\Malwarebytes
2013-10-15 09:30 . 2013-10-15 09:56 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-15 09:30 . 2013-10-15 09:30 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-10-15 08:19 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FBCFADC-B3D6-4EFD-9821-6B80CB094FF1}\mpengine.dll
2013-10-14 10:18 . 2013-10-14 10:18 -------- d-----w- c:\programdata\McAfee
2013-10-11 18:15 . 2012-06-14 11:43 5096448 ----a-w- c:\windows\system32\RCoRes64.dat
2013-10-11 18:04 . 2013-10-15 09:30 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-10-11 17:43 . 2013-10-11 18:17 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-10-11 17:43 . 2013-10-11 17:43 -------- d-----w- c:\program files\Realtek
2013-10-11 17:10 . 2013-10-11 18:22 -------- d--h--w- c:\program files (x86)\Temp
2013-10-11 17:10 . 2000-01-01 00:00 1706640 ----a-w- c:\windows\RtlExUpd.dll
2013-10-11 17:09 . 2013-10-11 17:09 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-10-11 16:59 . 2013-10-11 16:59 -------- d-----w- c:\program files (x86)\DLLSuite
2013-10-11 16:44 . 2013-10-11 16:44 -------- d-----w- c:\program files (x86)\NirSoft
2013-10-11 14:30 . 2013-10-11 18:11 -------- d-----w- c:\program files\Microsoft Silverlight
2013-10-11 14:30 . 2013-10-11 18:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-10-11 14:24 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-10-11 14:24 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-10-11 14:23 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-10-11 14:23 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-10-11 14:23 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-10-11 14:23 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-10-11 14:23 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-10-11 14:23 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-10-11 14:23 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-10-10 09:21 . 2013-09-21 03:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-10 09:21 . 2013-09-21 03:30 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-10-10 09:21 . 2013-09-22 23:27 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-10-10 09:21 . 2013-09-22 22:54 526336 ----a-w- c:\windows\system32\ieui.dll
2013-10-10 09:21 . 2013-09-22 22:54 356864 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-10-09 16:07 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 16:07 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-09 16:06 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
2013-10-09 16:06 . 2013-06-06 05:49 14336 ----a-w- c:\windows\system32\dciman32.dll
2013-10-09 16:06 . 2013-06-06 03:30 368128 ----a-w- c:\windows\system32\atmfd.dll
2013-10-09 16:06 . 2013-06-06 03:01 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-10-09 16:06 . 2013-06-06 05:49 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-10-09 16:06 . 2013-06-06 05:47 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-10-09 16:06 . 2013-06-06 04:57 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2013-10-09 16:06 . 2013-06-06 04:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-10-09 16:06 . 2013-06-06 04:50 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2013-10-09 16:06 . 2013-06-06 03:01 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-10-09 16:05 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-09 16:05 . 2013-07-12 10:41 100864 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 16:05 . 2013-07-03 04:40 42496 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-09 16:04 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-09 16:04 . 2013-07-03 04:05 32896 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-09 16:04 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 16:04 . 2013-07-04 12:50 102400 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 16:04 . 2013-07-04 11:57 205824 ----a-w- c:\windows\SysWow64\WebClnt.dll
2013-10-09 16:04 . 2013-07-04 11:51 81920 ----a-w- c:\windows\SysWow64\davclnt.dll
2013-10-09 16:04 . 2013-07-04 10:11 140800 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 16:04 . 2013-09-14 01:10 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-09 16:04 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-09 16:04 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-10-09 16:04 . 2013-09-08 02:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-10-09 16:01 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 16:01 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 16:01 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 16:00 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 16:00 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 16:00 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 16:00 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 16:00 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 16:00 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 16:00 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-09 16:00 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-08 10:11 . 2013-10-08 10:11 -------- d-----w- c:\users\Martin\AppData\Local\Macromedia
2013-10-07 12:29 . 2013-10-07 12:31 -------- d-----w- c:\users\Martin\AppData\Local\Mozilla
2013-10-07 12:29 . 2013-10-14 10:40 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-10-06 15:53 . 2013-10-14 16:24 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc
2013-10-06 15:53 . 2013-10-06 15:53 -------- d-----w- c:\program files (x86)\VideoLAN
2013-10-02 21:18 . 2013-10-02 21:18 -------- d-----w- c:\program files (x86)\AMD APP
2013-10-02 21:17 . 2013-10-02 21:17 -------- d-----w- c:\programdata\AMD
2013-10-02 21:17 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-10-02 21:17 . 2013-10-02 21:17 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-10-02 21:14 . 2000-01-01 00:00 16552 ----a-w- c:\windows\system32\drivers\AtiPcie64.sys
2013-10-02 21:14 . 2013-10-02 21:18 -------- d-----w- c:\program files\ATI Technologies
2013-10-02 21:14 . 2013-10-02 21:14 -------- d-----w- c:\program files\ATI
2013-10-02 20:52 . 2000-01-01 00:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-10-02 20:52 . 2000-01-01 00:00 676968 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-10-02 20:52 . 2000-01-01 00:00 107624 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-10-02 20:52 . 2013-10-11 17:51 -------- d-----w- c:\program files (x86)\Realtek
2013-10-02 20:52 . 2013-10-11 17:41 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-10-02 20:48 . 2013-10-02 20:48 -------- d-----w- c:\users\Martin\AppData\Local\SlimWare Utilities Inc
2013-10-02 16:56 . 2013-09-12 07:25 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-02 16:36 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-10-02 16:36 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-10-02 16:36 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-10-02 16:35 . 2013-10-02 16:35 -------- d-----w- c:\users\Martin\AppData\Local\NVIDIA
2013-09-30 15:36 . 2013-09-30 15:36 50 ----a-w- C:\user.js
2013-09-30 15:34 . 2013-10-11 11:25 -------- d-----w- c:\program files (x86)\JDownloader
2013-09-30 13:36 . 2013-09-30 13:36 -------- d-----w- c:\programdata\Oracle
2013-09-30 13:36 . 2013-09-30 13:36 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-30 13:35 . 2013-09-30 13:35 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-30 13:35 . 2013-09-30 13:35 -------- d-----w- c:\program files (x86)\Java
2013-09-29 15:31 . 2013-09-29 15:33 -------- d--h--w- c:\windows\msdownld.tmp
2013-09-29 14:16 . 2013-09-29 16:01 -------- d-----w- c:\programdata\WarThunder
2013-09-29 14:16 . 2013-09-29 14:16 -------- d-----w- c:\users\Martin\AppData\Local\WarThunder
2013-09-25 20:18 . 2013-09-25 20:18 -------- d-----w- c:\program files\CCleaner
2013-09-24 11:15 . 2013-09-24 11:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-09-24 11:09 . 2013-10-14 10:19 -------- d-----w- c:\users\Martin\AppData\Local\Adobe
2013-09-22 18:00 . 2013-09-22 18:00 -------- d-----w- c:\windows\SysWow64\Adobe
2013-09-22 17:59 . 2013-09-22 17:59 -------- d-----w- c:\users\Martin\AppData\Roaming\Unity
2013-09-22 17:45 . 2013-09-22 17:45 -------- d-----w- c:\users\Martin\AppData\Local\Unity
2013-09-20 13:43 . 2013-09-20 13:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-09-20 13:42 . 2013-09-27 09:22 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-09-20 13:39 . 2013-09-20 13:40 -------- d-----w- c:\windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-09-20 13:29 . 2013-09-20 13:29 -------- d-----w- c:\program files\Enigma Software Group
2013-09-20 13:28 . 2013-09-20 13:28 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-09-19 12:57 . 2013-09-19 12:57 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-09-17 20:22 . 2013-09-17 20:22 22102304 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-09-15 17:52 . 2013-09-17 18:53 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-09-15 17:51 . 2013-09-15 17:51 -------- d-----w- c:\windows\PCHEALTH
2013-09-15 17:50 . 2013-09-15 17:50 -------- d-----w- c:\program files\Microsoft Office
2013-09-15 17:49 . 2013-09-15 17:49 -------- d-----w- c:\users\Martin\AppData\Local\Microsoft Help
2013-09-15 17:49 . 2013-10-10 09:25 -------- d-----w- c:\programdata\Microsoft Help
2013-09-15 17:47 . 2013-09-15 17:47 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-14 10:18 . 2013-09-10 21:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-14 10:18 . 2013-09-10 21:49 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-30 13:35 . 2013-09-10 12:53 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-30 13:35 . 2013-09-10 12:53 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-25 23:46 . 2013-08-27 14:51 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-12 08:58 . 2013-09-01 18:38 15901448 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-09-12 08:58 . 2013-09-01 18:38 12947360 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-09-12 08:58 . 2013-09-01 18:38 2986672 ----a-w- c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2013-09-01 18:38 2630304 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-09-12 07:25 . 2013-09-01 18:43 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2013-09-01 18:43 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2013-09-01 18:43 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2013-09-01 18:43 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2013-09-01 18:43 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-09-08 10:18 . 2013-09-08 10:18 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-09-08 10:18 . 2013-09-08 10:18 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-09-08 10:18 . 2013-09-08 10:18 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-09-08 10:18 . 2013-09-08 10:18 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-09-08 10:18 . 2013-09-08 10:18 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-09-08 10:18 . 2013-09-08 10:18 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-09-08 10:18 . 2013-09-08 10:18 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-09-08 10:18 . 2013-09-08 10:18 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-09-08 10:18 . 2013-09-08 10:18 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-09-08 10:18 . 2013-09-08 10:18 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-09-08 10:18 . 2013-09-08 10:18 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-09-08 10:18 . 2013-09-08 10:18 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-09-08 10:18 . 2013-09-08 10:18 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-09-08 10:18 . 2013-09-08 10:18 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-09-08 10:18 . 2013-09-08 10:18 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-09-08 10:18 . 2013-09-08 10:18 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-09-08 10:18 . 2013-09-08 10:18 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-09-08 10:18 . 2013-09-08 10:18 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-09-08 10:18 . 2013-09-08 10:18 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-08 10:18 . 2013-09-08 10:18 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-09-08 10:18 . 2013-09-08 10:18 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-08 10:18 . 2013-09-08 10:18 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-08 10:18 . 2013-09-08 10:18 81408 ----a-w- c:\windows\system32\icardie.dll
2013-09-08 10:18 . 2013-09-08 10:18 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-09-08 10:18 . 2013-09-08 10:18 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-09-08 10:18 . 2013-09-08 10:18 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-09-08 10:18 . 2013-09-08 10:18 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-09-08 10:18 . 2013-09-08 10:18 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-09-08 10:18 . 2013-09-08 10:18 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-09-08 10:18 . 2013-09-08 10:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-08 10:18 . 2013-09-08 10:18 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-09-08 10:18 . 2013-09-08 10:18 441856 ----a-w- c:\windows\system32\html.iec
2013-09-08 10:18 . 2013-09-08 10:18 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-09-08 10:18 . 2013-09-08 10:18 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-08 10:18 . 2013-09-08 10:18 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-09-08 10:18 . 2013-09-08 10:18 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-09-08 10:18 . 2013-09-08 10:18 235008 ----a-w- c:\windows\system32\url.dll
2013-09-08 10:18 . 2013-09-08 10:18 216064 ----a-w- c:\windows\system32\msls31.dll
2013-09-08 10:18 . 2013-09-08 10:18 197120 ----a-w- c:\windows\system32\msrating.dll
2013-09-08 10:18 . 2013-09-08 10:18 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-08 10:18 . 2013-09-08 10:18 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-09-08 10:18 . 2013-09-08 10:18 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-08 10:18 . 2013-09-08 10:18 149504 ----a-w- c:\windows\system32\occache.dll
2013-09-08 10:18 . 2013-09-08 10:18 144896 ----a-w- c:\windows\system32\wextract.exe
2013-09-08 10:18 . 2013-09-08 10:18 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-09-08 10:18 . 2013-09-08 10:18 13824 ----a-w- c:\windows\system32\mshta.exe
2013-09-08 10:18 . 2013-09-08 10:18 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-09-08 10:18 . 2013-09-08 10:18 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-08 10:18 . 2013-09-08 10:18 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-09-08 10:18 . 2013-09-08 10:18 102912 ----a-w- c:\windows\system32\inseng.dll
2013-09-08 10:16 . 2013-09-08 10:16 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-09-08 10:16 . 2013-09-08 10:16 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-09-08 10:16 . 2013-09-08 10:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-09-08 10:16 . 2013-09-08 10:16 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-09-08 10:16 . 2013-09-08 10:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-09-08 10:16 . 2013-09-08 10:16 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-09-08 10:16 . 2013-09-08 10:16 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-09-08 10:16 . 2013-09-08 10:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-09-08 10:16 . 2013-09-08 10:16 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-09-08 10:16 . 2013-09-08 10:16 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-09-08 10:16 . 2013-09-08 10:16 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-08 10:16 . 2013-09-08 10:16 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-09-08 10:16 . 2013-09-08 10:16 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-09-08 10:16 . 2013-09-08 10:16 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-09-08 10:16 . 2013-09-08 10:16 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-09-08 10:16 . 2013-09-08 10:16 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-08 10:16 . 2013-09-08 10:16 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2;C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w;C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 10:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.funmoods.com/?f=1&a=ddrnw
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l93piv7z.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL -
FF - ExtSQL: 2013-09-11 13:16; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-10-07 14:36; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l93piv7z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-9.2]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-9.2\" -D \"C:/Program Files (x86)/PostgreSQL/9.2/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-9.2]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-9.2\" -D \"C:/Program Files (x86)/PostgreSQL/9.2/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-15 12:35:34
ComboFix-quarantined-files.txt 2013-10-15 10:35
.
Před spuštěním: Volných bajtů: 42 929 909 760
Po spuštění: Volných bajtů: 42 742 886 400
.
- - End Of File - - 349554B38BD864C118F5DB1857E4B4FA
A36C5E4F47E84449FF07ED3517B43A31

martin89ss píše:Zdravím

Zdravím.

martin89ss píše:V počítačích se moc nevyznám tak jsem dle doporučení udělal test pomocí ComboFix a zde vkládám výsledek

No a když se v tom nevyznám tak si tam jen tak nepouštím ComoFix, on totiž není dětská hračka, stačí chyba a máš po systému.


Přes Odebrat programy odinstaluj :

McAfee
Spybot - SD
Spybot - SD 2


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Tak hotovo

Tady je výsledek

ComboFix 13-10-15.02 - Martin 15.10.2013 13:11:14.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2910 [GMT 2:00]
Spuštěný z: c:\users\Martin\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\SysWOW64\mstsc.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.22252_none_b6b33b7d8557de1f\mstsc.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-15 do 2013-10-15 )))))))))))))))))))))))))))))))
.
.
2013-10-15 11:26 . 2013-10-15 11:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-15 11:26 . 2013-10-15 11:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-15 09:47 . 2013-10-15 09:51 -------- d-----w- c:\program files (x86)\SpywareGuard
2013-10-15 09:31 . 2013-10-15 09:31 -------- d-----w- c:\programdata\Malwarebytes
2013-10-15 09:30 . 2013-10-15 09:56 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-15 09:30 . 2013-10-15 09:30 116440 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2013-10-15 08:19 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4FBCFADC-B3D6-4EFD-9821-6B80CB094FF1}\mpengine.dll
2013-10-14 10:18 . 2013-10-14 10:18 -------- d-----w- c:\programdata\McAfee
2013-10-11 18:15 . 2012-06-14 11:43 5096448 ----a-w- c:\windows\system32\RCoRes64.dat
2013-10-11 18:04 . 2013-10-15 09:30 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-10-11 17:43 . 2013-10-11 18:17 -------- d-----w- c:\windows\SysWow64\RTCOM
2013-10-11 17:43 . 2013-10-11 17:43 -------- d-----w- c:\program files\Realtek
2013-10-11 17:10 . 2013-10-11 18:22 -------- d--h--w- c:\program files (x86)\Temp
2013-10-11 17:10 . 2000-01-01 00:00 1706640 ----a-w- c:\windows\RtlExUpd.dll
2013-10-11 17:09 . 2013-10-11 17:09 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-10-11 16:59 . 2013-10-11 16:59 -------- d-----w- c:\program files (x86)\DLLSuite
2013-10-11 16:44 . 2013-10-11 16:44 -------- d-----w- c:\program files (x86)\NirSoft
2013-10-11 14:30 . 2013-10-11 18:11 -------- d-----w- c:\program files\Microsoft Silverlight
2013-10-11 14:30 . 2013-10-11 18:11 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-10-11 14:24 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-10-11 14:24 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-10-11 14:23 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-10-11 14:23 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-10-11 14:23 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-10-11 14:23 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-10-11 14:23 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-10-11 14:23 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-10-11 14:23 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-10-10 09:21 . 2013-09-21 03:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-10 09:21 . 2013-09-21 03:30 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-10-10 09:21 . 2013-09-22 23:27 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
2013-10-10 09:21 . 2013-09-22 22:54 526336 ----a-w- c:\windows\system32\ieui.dll
2013-10-10 09:21 . 2013-09-22 22:54 356864 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-10-09 16:07 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2013-10-09 16:07 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2013-10-09 16:06 . 2013-06-06 05:50 41472 ----a-w- c:\windows\system32\lpk.dll
2013-10-09 16:06 . 2013-06-06 05:49 14336 ----a-w- c:\windows\system32\dciman32.dll
2013-10-09 16:06 . 2013-06-06 03:30 368128 ----a-w- c:\windows\system32\atmfd.dll
2013-10-09 16:06 . 2013-06-06 03:01 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-10-09 16:06 . 2013-06-06 05:49 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-10-09 16:06 . 2013-06-06 05:47 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-10-09 16:06 . 2013-06-06 04:57 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2013-10-09 16:06 . 2013-06-06 04:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-10-09 16:06 . 2013-06-06 04:50 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2013-10-09 16:06 . 2013-06-06 03:01 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-10-09 16:05 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-09 16:05 . 2013-07-12 10:41 100864 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-09 16:05 . 2013-07-03 04:40 42496 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-09 16:04 . 2013-07-03 04:05 76800 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-09 16:04 . 2013-07-03 04:05 32896 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-09 16:04 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-09 16:04 . 2013-07-04 12:50 102400 ----a-w- c:\windows\system32\davclnt.dll
2013-10-09 16:04 . 2013-07-04 11:57 205824 ----a-w- c:\windows\SysWow64\WebClnt.dll
2013-10-09 16:04 . 2013-07-04 11:51 81920 ----a-w- c:\windows\SysWow64\davclnt.dll
2013-10-09 16:04 . 2013-07-04 10:11 140800 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-09 16:04 . 2013-09-14 01:10 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-09 16:04 . 2013-09-08 02:30 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-09 16:04 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-10-09 16:04 . 2013-09-08 02:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-10-09 16:01 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 16:01 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 16:01 . 2013-08-01 12:09 983488 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-10-09 16:00 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-10-09 16:00 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-09 16:00 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-09 16:00 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-09 16:00 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-09 16:00 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-09 16:00 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-09 16:00 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-08 10:11 . 2013-10-08 10:11 -------- d-----w- c:\users\Martin\AppData\Local\Macromedia
2013-10-07 12:29 . 2013-10-07 12:31 -------- d-----w- c:\users\Martin\AppData\Local\Mozilla
2013-10-07 12:29 . 2013-10-14 10:40 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-10-06 15:53 . 2013-10-14 16:24 -------- d-----w- c:\users\Martin\AppData\Roaming\vlc
2013-10-06 15:53 . 2013-10-06 15:53 -------- d-----w- c:\program files (x86)\VideoLAN
2013-10-02 21:18 . 2013-10-02 21:18 -------- d-----w- c:\program files (x86)\AMD APP
2013-10-02 21:17 . 2013-10-02 21:17 -------- d-----w- c:\programdata\AMD
2013-10-02 21:17 . 2010-02-18 07:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2013-10-02 21:17 . 2013-10-02 21:17 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-10-02 21:14 . 2000-01-01 00:00 16552 ----a-w- c:\windows\system32\drivers\AtiPcie64.sys
2013-10-02 21:14 . 2013-10-02 21:18 -------- d-----w- c:\program files\ATI Technologies
2013-10-02 21:14 . 2013-10-02 21:14 -------- d-----w- c:\program files\ATI
2013-10-02 20:52 . 2000-01-01 00:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-10-02 20:52 . 2000-01-01 00:00 676968 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-10-02 20:52 . 2000-01-01 00:00 107624 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-10-02 20:52 . 2013-10-11 17:51 -------- d-----w- c:\program files (x86)\Realtek
2013-10-02 20:52 . 2013-10-11 17:41 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2013-10-02 20:48 . 2013-10-02 20:48 -------- d-----w- c:\users\Martin\AppData\Local\SlimWare Utilities Inc
2013-10-02 16:56 . 2013-09-12 07:25 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-10-02 16:36 . 2013-08-20 13:33 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-10-02 16:36 . 2013-08-20 13:32 29984 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-10-02 16:36 . 2013-08-20 13:32 28448 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-10-02 16:35 . 2013-10-02 16:35 -------- d-----w- c:\users\Martin\AppData\Local\NVIDIA
2013-09-30 15:36 . 2013-09-30 15:36 50 ----a-w- C:\user.js
2013-09-30 15:34 . 2013-10-11 11:25 -------- d-----w- c:\program files (x86)\JDownloader
2013-09-30 13:36 . 2013-09-30 13:36 -------- d-----w- c:\programdata\Oracle
2013-09-30 13:36 . 2013-09-30 13:36 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-09-30 13:35 . 2013-09-30 13:35 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-30 13:35 . 2013-09-30 13:35 -------- d-----w- c:\program files (x86)\Java
2013-09-29 15:31 . 2013-09-29 15:33 -------- d--h--w- c:\windows\msdownld.tmp
2013-09-29 14:16 . 2013-09-29 16:01 -------- d-----w- c:\programdata\WarThunder
2013-09-29 14:16 . 2013-09-29 14:16 -------- d-----w- c:\users\Martin\AppData\Local\WarThunder
2013-09-25 20:18 . 2013-09-25 20:18 -------- d-----w- c:\program files\CCleaner
2013-09-24 11:15 . 2013-09-24 11:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-09-24 11:09 . 2013-10-14 10:19 -------- d-----w- c:\users\Martin\AppData\Local\Adobe
2013-09-22 18:00 . 2013-09-22 18:00 -------- d-----w- c:\windows\SysWow64\Adobe
2013-09-22 17:59 . 2013-09-22 17:59 -------- d-----w- c:\users\Martin\AppData\Roaming\Unity
2013-09-22 17:45 . 2013-09-22 17:45 -------- d-----w- c:\users\Martin\AppData\Local\Unity
2013-09-20 13:43 . 2013-09-20 13:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-09-20 13:42 . 2013-09-27 09:22 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-09-20 13:39 . 2013-09-20 13:40 -------- d-----w- c:\windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-09-20 13:29 . 2013-09-20 13:29 -------- d-----w- c:\program files\Enigma Software Group
2013-09-20 13:28 . 2013-09-20 13:28 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-09-19 12:57 . 2013-09-19 12:57 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-09-17 20:22 . 2013-09-17 20:22 22102304 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-09-15 17:52 . 2013-09-17 18:53 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-09-15 17:51 . 2013-09-15 17:51 -------- d-----w- c:\windows\PCHEALTH
2013-09-15 17:50 . 2013-09-15 17:50 -------- d-----w- c:\program files\Microsoft Office
2013-09-15 17:49 . 2013-09-15 17:49 -------- d-----w- c:\users\Martin\AppData\Local\Microsoft Help
2013-09-15 17:49 . 2013-10-10 09:25 -------- d-----w- c:\programdata\Microsoft Help
2013-09-15 17:47 . 2013-09-15 17:47 -------- d-----r- C:\MSOCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-14 10:18 . 2013-09-10 21:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-14 10:18 . 2013-09-10 21:49 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-30 13:35 . 2013-09-10 12:53 790440 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-09-30 13:35 . 2013-09-10 12:53 868264 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-09-25 23:46 . 2013-08-27 14:51 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-09-12 08:58 . 2013-09-01 18:38 15901448 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-09-12 08:58 . 2013-09-01 18:38 12947360 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-09-12 08:58 . 2013-09-01 18:38 2986672 ----a-w- c:\windows\system32\nvapi64.dll
2013-09-12 08:58 . 2013-09-01 18:38 2630304 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-09-12 07:25 . 2013-09-01 18:43 6599968 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 07:25 . 2013-09-01 18:43 3452192 ----a-w- c:\windows\system32\nvsvc64.dll
2013-09-12 07:25 . 2013-09-01 18:43 920864 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 07:25 . 2013-09-01 18:43 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 07:25 . 2013-09-01 18:43 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-09-08 10:18 . 2013-09-08 10:18 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-09-08 10:18 . 2013-09-08 10:18 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-09-08 10:18 . 2013-09-08 10:18 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-09-08 10:18 . 2013-09-08 10:18 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-09-08 10:18 . 2013-09-08 10:18 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-09-08 10:18 . 2013-09-08 10:18 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-09-08 10:18 . 2013-09-08 10:18 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-09-08 10:18 . 2013-09-08 10:18 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-09-08 10:18 . 2013-09-08 10:18 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-09-08 10:18 . 2013-09-08 10:18 204800 ----a-w- c:\windows\SysWow64\webcheck.dll
2013-09-08 10:18 . 2013-09-08 10:18 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-09-08 10:18 . 2013-09-08 10:18 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-09-08 10:18 . 2013-09-08 10:18 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-09-08 10:18 . 2013-09-08 10:18 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-09-08 10:18 . 2013-09-08 10:18 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-09-08 10:18 . 2013-09-08 10:18 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-09-08 10:18 . 2013-09-08 10:18 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-09-08 10:18 . 2013-09-08 10:18 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-09-08 10:18 . 2013-09-08 10:18 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-08 10:18 . 2013-09-08 10:18 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-09-08 10:18 . 2013-09-08 10:18 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-08 10:18 . 2013-09-08 10:18 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-08 10:18 . 2013-09-08 10:18 81408 ----a-w- c:\windows\system32\icardie.dll
2013-09-08 10:18 . 2013-09-08 10:18 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-09-08 10:18 . 2013-09-08 10:18 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-09-08 10:18 . 2013-09-08 10:18 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-09-08 10:18 . 2013-09-08 10:18 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-09-08 10:18 . 2013-09-08 10:18 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-09-08 10:18 . 2013-09-08 10:18 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-09-08 10:18 . 2013-09-08 10:18 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-08 10:18 . 2013-09-08 10:18 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-09-08 10:18 . 2013-09-08 10:18 441856 ----a-w- c:\windows\system32\html.iec
2013-09-08 10:18 . 2013-09-08 10:18 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-09-08 10:18 . 2013-09-08 10:18 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-08 10:18 . 2013-09-08 10:18 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-09-08 10:18 . 2013-09-08 10:18 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-09-08 10:18 . 2013-09-08 10:18 235008 ----a-w- c:\windows\system32\url.dll
2013-09-08 10:18 . 2013-09-08 10:18 216064 ----a-w- c:\windows\system32\msls31.dll
2013-09-08 10:18 . 2013-09-08 10:18 197120 ----a-w- c:\windows\system32\msrating.dll
2013-09-08 10:18 . 2013-09-08 10:18 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-08 10:18 . 2013-09-08 10:18 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-09-08 10:18 . 2013-09-08 10:18 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-08 10:18 . 2013-09-08 10:18 149504 ----a-w- c:\windows\system32\occache.dll
2013-09-08 10:18 . 2013-09-08 10:18 144896 ----a-w- c:\windows\system32\wextract.exe
2013-09-08 10:18 . 2013-09-08 10:18 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-09-08 10:18 . 2013-09-08 10:18 13824 ----a-w- c:\windows\system32\mshta.exe
2013-09-08 10:18 . 2013-09-08 10:18 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-09-08 10:18 . 2013-09-08 10:18 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-08 10:18 . 2013-09-08 10:18 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-09-08 10:18 . 2013-09-08 10:18 102912 ----a-w- c:\windows\system32\inseng.dll
2013-09-08 10:16 . 2013-09-08 10:16 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-09-08 10:16 . 2013-09-08 10:16 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-09-08 10:16 . 2013-09-08 10:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-09-08 10:16 . 2013-09-08 10:16 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-09-08 10:16 . 2013-09-08 10:16 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-09-08 10:16 . 2013-09-08 10:16 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-09-08 10:16 . 2013-09-08 10:16 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-09-08 10:16 . 2013-09-08 10:16 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-09-08 10:16 . 2013-09-08 10:16 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-09-08 10:16 . 2013-09-08 10:16 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-09-08 10:16 . 2013-09-08 10:16 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-08 10:16 . 2013-09-08 10:16 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-09-08 10:16 . 2013-09-08 10:16 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-08 10:16 . 2013-09-08 10:16 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-09-08 10:16 . 2013-09-08 10:16 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-09-08 10:16 . 2013-09-08 10:16 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-09-08 10:16 . 2013-09-08 10:16 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-08 10:16 . 2013-09-08 10:16 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 postgresql-9.2;postgresql-9.2 - PostgreSQL Server 9.2;C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w;C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N postgresql-9.2 -D C:/Program Files (x86)/PostgreSQL/9.2/data -w [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10 10:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.funmoods.com/?f=1&a=ddrnw
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l93piv7z.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - ExtSQL: 2013-09-11 13:16; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-10-07 14:36; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l93piv7z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-9.2]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-9.2\" -D \"C:/Program Files (x86)/PostgreSQL/9.2/data\" -w"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\postgresql-9.2]
"ImagePath"="C:/Program Files (x86)/PostgreSQL/9.2/bin/pg_ctl.exe runservice -N \"postgresql-9.2\" -D \"C:/Program Files (x86)/PostgreSQL/9.2/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\PostgreSQL\9.2\bin\pg_ctl.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
c:\program files (x86)\PostgreSQL\9.2\bin\postgres.exe
.
**************************************************************************
.
Celkový čas: 2013-10-15 13:35:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-15 11:35
ComboFix2.txt 2013-10-15 10:35
.
Před spuštěním: Volných bajtů: 42 995 806 208
Po spuštění: Volných bajtů: 42 657 374 208
.
- - End Of File - - 658A6203A71D95ED14836746ECDE60B7
A36C5E4F47E84449FF07ED3517B43A31

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po té proběhne sken a po jeho skončení klikni na Report a to co na Tebe vypadne mi sem zkopíruj.

Výsledek z OTM

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
C:\WINDOWS\System32\SET58F7.tmp moved successfully.
C:\WINDOWS\86CA3695A4124BAE92B649A60C2AC663.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
c:\programdata\McAfee\MCLOGS\PartnerCustom folder moved successfully.
c:\programdata\McAfee\MCLOGS folder moved successfully.
c:\programdata\McAfee folder moved successfully.
c:\programdata\Spybot - Search & Destroy\Quarantine folder moved successfully.
c:\programdata\Spybot - Search & Destroy\Logs folder moved successfully.
c:\programdata\Spybot - Search & Destroy\Cleaning folder moved successfully.
c:\programdata\Spybot - Search & Destroy folder moved successfully.
c:\program files (x86)\Spybot - Search & Destroy 2 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martin
->Temp folder emptied: 41789 bytes
->Temporary Internet Files folder emptied: 14358487 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19495590 bytes
->Flash cache emptied: 1877 bytes

User: Public
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 15053264 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 37476 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43274148 bytes
RecycleBin emptied: 179240 bytes

Total Files Cleaned = 88,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 10152013_140220

Files moved on Reboot...
C:\Users\Martin\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\_avast_\Webshlock.txt moved successfully.
C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

Registry entries deleted on Reboot...

Výsledek z AWCleaner

# AdwCleaner v3.007 - Report created 15/10/2013 at 14:14:28
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\ProgramData\savenShAre

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Found : HKLM\Software\SP Global
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.funmoods.com/?f=1&a=ddrnw

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l93piv7z.default\prefs.js ]

Line Found : user_pref("aol_toolbar.default.homepage.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R0].txt - [4496 octets] - [15/10/2013 14:14:28]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4556 octets] ##########

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Znovu spusť AdwCleaner ale tentokrát klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zase zkopíruj Report.

# AdwCleaner v3.007 - Report created 15/10/2013 at 14:22:07
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\savenShAre

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l93piv7z.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

*************************

AdwCleaner[R0].txt - [4708 octets] - [15/10/2013 14:14:28]
AdwCleaner[S0].txt - [4496 octets] - [15/10/2013 14:22:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4556 octets] ##########

Bezva uklizeno, jaký je stav PC, respektive je s ním ještě nějaký problém ?

Zatím se to zdá být v pořádku. Uvidíme za pár dní jak to bude běžet. Určitě dám vědět. Díky

Tak zase nic, před chvíli modrá smrt

==================================================
Dump File : 101513-21484-01.dmp
Crash Time : 15.10.2013 17:34:06
Bug Check String : MEMORY_MANAGEMENT
Bug Check Code : 0x0000001a
Parameter 1 : 00000000`00000031
Parameter 2 : fffffa80`05d63850
Parameter 3 : fffff880`0d202000
Parameter 4 : fffff8a0`0aef3474
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18247 (win7sp1_gdr.130828-1532)
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\101513-21484-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 291 472
Dump File Time : 15.10.2013 17:35:29
==================================================

bump

martin89ss píše:bump

Tímto si nepomůžeš, nejsem tady nonstop.

Šmejdy tam nemáš tak budem hledat chybu jinde.

Prvně se zeptám, všechny ovladače máš aktuální ?


Stáhni HD Tune a otestuj HDD.

Benchmark - Test disku Klikni na tlačítko Start a vyčkej dokud se nezaplní celý graf. Poté se dozvíš přenosovou rychlost a přístupový čas pevného disku.

Info Přesná kapacita, souborový systém, podporované funkce, verze firmware, sériové číslo a typ zapojení disků.

Health - Kondice Seznam důležitých parametrů a jejich hodnoty. Ideální je mít všude OK.

Když je nějaká položka žlutá pravděpodobně brzy změní status na failed. Když je červená má status failed, to by znamenalo výměnu disku.

Error Scan - Hledání chyb Klikni na tlačítko Start a program prozkoumá disk zda na něm nejsou vadné bloky.

Pokud na konci testu jsou všechny zelené, je vše v pořádku. Když je byť jeden z nich červený, doporučuji zazálohovat data a počítat s výměnou disku.

Teplota Teploměr nahoře a číslo vedle něj znázorňují teplotu disku. Normální hodnota je pod 50°C. Teplota ale nesmí přesáhnout 60°C, program upozorní když dosáhne hranice 55°C.


Stáhni MEMTEST

soubor rozbal a spusť exe soubor.

Připoj flashdisk pozor vše co na něm je bude smazáno !,

v okénku Select your USB Flash Drive vyber tento disk a dej Create.

Během chvilky se Memtest nainstaluje.

Flashdisk nech v USB, restartuj PC a nabootuj z něj.

Před tím samozřemě musíš v Bios Setup do kterého se dostaneš při restartu mačkáním klávesy :

* DEL
* F2
* F1
* F10

záleží na PC, ale vždy je to na monitoru napsáno,

otevři nabídku ADVANCED BIOS FEATURES a vyhledej Boot Devices 0 až 4 nebo Boot Sequence.

Na první místo nastav Flashdisk,

na druhé pevný disk HDD, u obou položek bývá napsán i výrobce.

Stisknutím Save většinou je to F10 a potvrzením Entrem uložíš nastavení,

pak ještě stisknutím Save and Exit se dostaneš z Biosu.

Test nech projet minimálně jednou, ideálně však několikrát třeba přes noc a s každým RAM modulem zvlášť.


Pak dej vědět jak všechny testy dopadli.

HD TUNE:

Položka Spin Retry Count byla žlutá

Error Scan v pořádku

Teplota pod 50

MEMTEST:

Jde někde najít ten report z toho testu?
Po asi 3 a půl hodinách jsem to vypl a mě jsem tam asi 4 500 errorů