Prosim o kontrolu logu

[Spooner]

Tak se mi prave aktualizoval nod a zadna chyba ohledne firefox:infiltrace v pameti Dale musim rict ze je pc vazne svyznejsi a neni vubec zahlceny,OS se spousti rychleji a vubec vse je ted rychle,takze Zbeky vazne dekuju za tvuj cas a zes mi pomohl,jsem zvedav co bude dal

[Reklama]

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

DirLook::
c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

Folder::
c:\program files (x86)\Emsisoft Anti-Malware
c:\users\Martin\AppData\Local\Pando_Temp

File::
c:\users\Martin\AppData\Local\Temp\cpuz130\cpuz_x64.sys

Driver::
cpuz130

Firefox::
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9z2qzu3o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.6&q=

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Spooner]

ComboFix 12-07-14.01 - Martin 17.07.2012 13:42:56.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8190.6515 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\users\Martin\AppData\Local\Temp\cpuz130\cpuz_x64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Emsisoft Anti-Malware
c:\program files (x86)\Emsisoft Anti-Malware\Signatures\a2vers.dat
c:\users\Martin\AppData\Local\Pando_Temp
c:\users\Martin\AppData\Local\Pando_Temp\PMBInst.exe
c:\windows\srchasst\srchasm.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUZ130
-------\Service_cpuz130
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-17 do 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-07-17 11:51 . 2012-07-17 11:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-17 11:18 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D17797D9-915B-41A3-9A58-A230E9D32FDF}\mpengine.dll
2012-07-15 19:01 . 2012-07-17 11:50 -------- d-----w- c:\windows\srchasst
2012-07-15 14:27 . 2012-07-15 14:28 -------- d-----w- c:\users\Martin\AppData\Roaming\SPORE
2012-07-14 10:24 . 2012-07-14 10:24 -------- d-----w- c:\program files\ESET
2012-07-14 05:22 . 2012-07-14 05:22 -------- d-----w- c:\program files (x86)\14 Degrees East
2012-07-13 15:17 . 2012-07-13 15:17 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2012-07-13 15:16 . 2012-07-13 15:16 -------- d-----w- c:\programdata\Malwarebytes
2012-07-13 15:16 . 2012-07-13 15:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-13 15:16 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-10 17:51 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-10 17:46 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-10 17:45 . 2012-06-06 06:05 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2012-07-10 17:45 . 2012-06-06 06:05 1499136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2012-07-10 17:45 . 2012-06-06 05:05 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-10 17:45 . 2012-06-06 06:05 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2012-07-10 17:45 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2012-07-10 17:45 . 2012-06-06 06:05 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2012-07-10 17:45 . 2012-06-06 05:05 57344 ----a-w- c:\program files (x86)\Common Files\System\ado\msador15.dll
2012-07-10 17:45 . 2012-06-06 05:05 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2012-07-10 17:45 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2012-07-10 17:45 . 2012-06-06 05:03 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-07-10 17:45 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-07-10 17:45 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll
2012-07-10 17:45 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2012-07-09 06:33 . 2012-07-09 06:33 -------- d-----w- c:\users\Martin\AppData\Roaming\TuneUp Software
2012-07-09 06:33 . 2012-07-09 06:34 -------- d-----w- c:\programdata\TuneUp Software
2012-07-09 06:32 . 2012-07-09 06:32 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-07-09 06:32 . 2012-07-09 06:32 -------- d--h--w- c:\programdata\Common Files
2012-07-08 17:34 . 2012-07-08 17:34 -------- d-----w- c:\users\Martin\AppData\Roaming\EurekaLog
2012-07-06 16:49 . 2012-07-06 16:49 -------- d-----w- c:\programdata\ATI
2012-07-06 16:48 . 2012-07-06 16:48 -------- d-----w- c:\program files (x86)\AMD AVT
2012-07-06 16:48 . 2012-07-06 16:48 -------- d-----w- c:\program files (x86)\AMD APP
2012-07-06 16:48 . 2012-07-06 16:48 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-07-06 16:48 . 2012-07-06 16:48 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2012-07-06 16:27 . 2012-05-14 06:12 96896 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2012-07-06 16:27 . 2010-08-27 18:33 332800 ----a-w- c:\windows\system32\ATIODE.exe
2012-07-06 16:27 . 2009-06-22 15:34 51200 ----a-w- c:\windows\system32\ATIODCLI.exe
2012-07-06 16:27 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2012-07-06 16:27 . 2012-07-06 16:47 -------- d-----w- c:\program files\ATI Technologies
2012-07-04 06:47 . 2012-07-04 06:47 -------- d-----w- c:\windows\Sun
2012-07-04 05:35 . 2012-07-04 05:35 -------- d-----w- c:\users\Martin\AppData\Local\Google
2012-07-02 18:15 . 2012-07-02 18:15 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-06-26 10:41 . 2012-06-26 10:41 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-06-26 10:41 . 2012-06-26 10:41 75264 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-06-26 10:40 . 2012-06-26 10:40 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-06-26 10:40 . 2012-06-26 10:40 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-06-26 10:40 . 2012-06-26 10:40 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-06-26 10:40 . 2012-06-26 10:40 16457728 ----a-w- c:\windows\system32\amdocl64.dll
2012-06-26 10:39 . 2012-06-26 10:39 13008896 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-24 06:51 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-24 06:51 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-24 06:51 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-24 06:51 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 06:50 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-24 06:50 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-24 06:50 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 06:50 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-24 06:50 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-23 16:29 . 2012-06-23 16:29 -------- d-----w- c:\program files (x86)\Ubisoft
2012-06-23 15:06 . 2012-06-23 15:06 -------- d-----w- c:\windows\SysWow64\wbem\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-17 11:52 . 2010-08-15 15:24 25640 ----a-w- c:\windows\gdrv.sys
2012-07-16 17:42 . 2012-04-06 15:28 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-07-16 17:42 . 2011-07-30 06:50 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-07-16 17:42 . 2011-07-29 20:06 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-07-12 08:14 . 2012-04-05 16:04 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-12 08:14 . 2011-05-20 22:06 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-02 05:45 . 2012-07-10 17:46 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-10 17:46 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-05-31 10:25 . 2010-08-14 15:42 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-10 14:35 . 2012-05-10 14:35 43520 ----a-w- c:\windows\system32\kdbsdk64.dll
2012-05-10 14:35 . 2012-05-10 14:35 29184 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2012-05-04 11:06 . 2012-06-13 04:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 11:00 . 2012-06-13 10:22 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-05-04 10:03 . 2012-06-13 04:03 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 04:03 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-04 09:59 . 2012-06-13 10:22 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-05-01 05:40 . 2012-06-13 04:03 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 04:03 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 04:03 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 04:03 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 04:03 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 04:02 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 04:02 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 04:02 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 04:02 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 04:02 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 04:02 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} ----
.
2012-07-09 06:32 . 2012-07-09 06:32 24043520 ----a-w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}\{D3742F82-1C1A-4DCC-ABBD-0E831C0185CC}.msi
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-14_19.01.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-15 15:01 . 2012-07-17 11:17 81516 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-17 11:55 46764 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-08-15 14:55 . 2012-07-17 11:55 20930 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-133777939-1043634711-2511891636-1001_UserData.bin
+ 2012-07-17 11:52 . 2012-07-17 11:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-14 19:00 . 2012-07-14 19:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-14 19:00 . 2012-07-14 19:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-17 11:52 . 2012-07-17 11:52 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-08-21 15:19 . 2012-07-15 05:48 624252 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 05:01 . 2012-07-14 18:59 257016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-17 11:51 257016 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-04-22 14:32 . 2012-07-17 11:51 16523660 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-133777939-1043634711-2511891636-1001-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-08-04 346320]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-09-25 106496]
"SCVDevService"="c:\program files (x86)\SCV Transcoding Tool\SCVDevService.exe" [2009-08-26 294912]
"P17RunE"="P17RunE.dll" [2007-04-09 14848]
"SPIRunE"="SPIRunE.dll" [2007-05-09 18432]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-26 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 atitray;atitray;c:\program files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys [x]
R1 EIO64;EIO Driver;c:\windows\system32\DRIVERS\EIO64.sys [x]
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
R3 AmdTools64;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools64.sys [2008-04-28 47160]
R3 atillk64;atillk64;c:\program files (x86)\AMD GPU Clock Tool\atillk64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-09-28 79360]
R3 EraserUtilDrv10920;EraserUtilDrv10920;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv10920.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-05-10 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-05-10 30528]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 t3;Sound Blaster X-Fi Xtreme Audio (Vista);c:\windows\system32\drivers\t3.sys [2008-01-29 629760]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-14 1255736]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 hotcore3;hotcore3;c:\windows\SysWOW64\drivers\hotcore3.sys [2008-01-21 36368]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-14 834544]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-06-26 361984]
S2 AMD FusionUtility Service;AMD FusionUtility Service;c:\program files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files (x86)\AMD\Reservation Manager\AMD Reservation Manager.exe [2010-04-14 140160]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [2010-07-09 21480]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-02-07 8704]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2009-08-06 65536]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-09-25 73728]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-09-25 178688]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-08-20 239616]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 08:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"combofix"="c:\combofix\CF26493.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\9z2qzu3o.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-133777939-1043634711-2511891636-1001\Software\SecuROM\License information*]
"datasecu"=hex:be,bc,53,4a,6d,f1,71,cb,f2,1d,45,95,22,2d,69,1a,9f,20,cb,6a,cb,
4f,b9,38,18,34,2f,10,dc,15,7f,18,09,1f,ff,c2,40,b5,0d,bf,88,ec,b4,5a,7d,ca,\
"rkeysecu"=hex:88,ed,e8,e5,ce,65,dc,34,a1,e9,9a,5e,3a,1b,48,c0
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\crypserv.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
.
**************************************************************************
.
Celkový čas: 2012-07-17 13:58:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-17 11:58
ComboFix2.txt 2012-07-15 09:13
ComboFix3.txt 2012-07-14 19:06
.
Před spuštěním: Volných bajtů: 150 187 225 088
Po spuštění: Volných bajtů: 150 485 889 024
.
- - End Of File - - AAE5F6CA3B0194B79F07D622D4BA7F50

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\program files (x86)\Skype\Updater\Updater.exe

Driver::
SkypeUpdate

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

stáhni SuperAntiSpyware
aktualizuj databázi , proveď sken a následně nákazy smaž
Pak zase odinstaluj.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.