Prosím o preventívnu kontrolu logu Vyřešeno

[Jurajxxx]

Test dopadol takto:
https://www.virustotal.com/file/cbf7a04 ... 344095065/

[Reklama]

[jaro3]

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavache::
KillAll::

File::
c:\program files\Skype\Updater\Updater.exe

Driver::
SkypeUpdate

Firefox::
FF - ProfilePath - c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\tstw6p5u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 2832595&q=

RegNull::
[HKEY_USERS\S-1-5-21-980284151-1687861372-3465359882-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0FA75526-4A89-4CBF-8938-CD14FC1604E5}*]
@Allowed: (Read) (RestrictedCode)
"pafdplggkgccnofpdbfobepbcnmbjlkm"=hex:69,61,61,63,6c,62,69,61,66,6b,65,6a,66,
 61,68,65,70,6f,00,00
"oaldgdjfcahlgoojebpemgafkllfhb"=hex:69,61,61,63,6c,62,69,61,66,6b,65,6a,66,61,
 68,65,70,6f,00,00
.
[HKEY_USERS\S-1-5-21-980284151-1687861372-3465359882-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F59269D4-F82A-3E27-46EF-8D2A2D23EFCD}*]
"paghbndmianofliodfapegdbfomjgobc"=hex:6a,61,63,63,6e,69,63,6b,62,68,67,6c,6e,
 67,6b,65,61,66,65,70,00,00
"oaaolofalbpcnpcmdpehdjgfkmknoj"=hex:6a,61,63,63,6e,69,63,6b,62,68,67,6c,6e,67,
 6b,65,61,66,65,70,00,00
"pacibphmcolifflenakgfpbcofkfgemn"=hex:64,61,66,63,68,6d,64,66,00,fc
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegLock::
[HKEY_USERS\S-1-5-21-980284151-1687861372-3465359882-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0FA75526-4A89-4CBF-8938-CD14FC1604E5}*]
@Allowed: (Read) (RestrictedCode)
"pafdplggkgccnofpdbfobepbcnmbjlkm"=hex:69,61,61,63,6c,62,69,61,66,6b,65,6a,66,
 61,68,65,70,6f,00,00
"oaldgdjfcahlgoojebpemgafkllfhb"=hex:69,61,61,63,6c,62,69,61,66,6b,65,6a,66,61,
 68,65,70,6f,00,00
.
[HKEY_USERS\S-1-5-21-980284151-1687861372-3465359882-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F59269D4-F82A-3E27-46EF-8D2A2D23EFCD}*]
"paghbndmianofliodfapegdbfomjgobc"=hex:6a,61,63,63,6e,69,63,6b,62,68,67,6c,6e,
 67,6b,65,61,66,65,70,00,00
"oaaolofalbpcnpcmdpehdjgfkmknoj"=hex:6a,61,63,63,6e,69,63,6b,62,68,67,6c,6e,67,
 6b,65,61,66,65,70,00,00
"pacibphmcolifflenakgfpbcofkfgemn"=hex:64,61,66,63,68,6d,64,66,00,fc
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Jurajxxx]

ComboFix 12-07-31.05 - Juraj . 08. 2012 11:46:02.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1029.18.3071.1883 [GMT 2:00]
Running from: c:\users\Juraj\Desktop\ComboFix.exe
Command switches used :: c:\users\Juraj\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
FILE ::
"c:\program files\Skype\Updater\Updater.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2012-07-05 to 2012-08-05 )))))))))))))))))))))))))))))))
.
.
2012-08-05 09:54 . 2012-08-05 09:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-05 09:46 . 2012-08-05 09:46 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B39F103C-00D0-43CB-90D5-8DB0B7D5464E}\offreg.dll
2012-08-03 08:11 . 2012-08-05 09:57 -------- d-----w- c:\users\Juraj\AppData\Local\temp
2012-08-03 07:28 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B39F103C-00D0-43CB-90D5-8DB0B7D5464E}\mpengine.dll
2012-08-03 07:24 . 2012-08-03 07:24 -------- d-----w- c:\users\Juraj\AppData\Local\Ahead
2012-08-02 22:28 . 2012-08-02 22:28 -------- d-----w- c:\users\Juraj\AppData\Roaming\Malwarebytes
2012-08-02 22:28 . 2012-08-02 22:28 -------- d-----w- c:\programdata\Malwarebytes
2012-08-02 22:28 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-02 21:49 . 2012-08-02 21:49 388096 ----a-r- c:\users\Juraj\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-02 14:15 . 2012-08-03 15:20 -------- dc----w- c:\users\Juraj\AppData\Local\MigWiz
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\programdata\ATI
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\program files\AMD AVT
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\program files\AMD APP
2012-08-01 20:30 . 2012-08-01 20:30 -------- d-----w- c:\program files\Common Files\ATI Technologies
2012-08-01 20:27 . 2012-08-01 20:30 -------- d-----w- c:\program files\ATI Technologies
2012-08-01 20:27 . 2012-08-01 20:27 -------- d-----w- c:\program files\ATI
2012-07-30 13:26 . 2012-07-30 13:26 -------- d-----w- c:\users\Juraj\AppData\Local\AMD
2012-07-30 13:23 . 2012-07-30 13:23 -------- d-----w- c:\users\Juraj\AppData\Roaming\ATI
2012-07-30 13:23 . 2012-07-30 13:23 -------- d-----w- c:\users\Juraj\AppData\Local\ATI
2012-07-30 12:29 . 2012-08-01 20:30 -------- d-----w- c:\programdata\AMD
2012-07-30 12:28 . 2010-02-18 07:18 37944 ----a-w- c:\windows\system32\drivers\amdiox86.sys
2012-07-30 12:27 . 2012-07-30 12:27 -------- d-----w- C:\AMD
2012-07-28 16:57 . 2004-07-14 13:36 57344 ----a-w- c:\windows\system32\ico.exe
2012-07-20 16:42 . 2012-07-20 16:42 -------- d-----w- c:\users\Juraj\temp
2012-07-17 11:47 . 2012-07-21 18:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2012-07-14 08:51 . 2009-11-06 14:32 420352 ----a-w- c:\windows\system32\pwNative.exe
2012-07-14 08:51 . 2009-11-04 09:47 16456 ----a-w- c:\windows\system32\pwdrvio.sys
2012-07-14 08:51 . 2009-11-04 09:47 11088 ----a-w- c:\windows\system32\pwdspio.sys
2012-07-11 09:34 . 2012-06-12 02:40 2345984 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 22:01 . 2012-04-14 10:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 22:01 . 2011-05-17 05:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-04 06:58 . 2012-07-04 06:58 10070016 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-04 06:35 . 2012-07-04 06:35 19586048 ----a-w- c:\windows\system32\atioglxx.dll
2012-07-04 06:27 . 2012-07-04 06:27 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-04 06:27 . 2012-07-04 06:27 918528 ----a-w- c:\windows\system32\aticfx32.dll
2012-07-04 06:21 . 2012-07-04 06:21 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-04 06:21 . 2012-07-04 06:21 453632 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-04 06:20 . 2012-07-04 06:20 217088 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-04 06:19 . 2012-07-04 06:19 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2012-07-04 06:19 . 2012-07-04 06:19 20992 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-04 06:19 . 2012-07-04 06:19 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2012-07-04 06:18 . 2009-08-18 01:31 6811648 ----a-w- c:\windows\system32\atidxx32.dll
2012-07-04 05:36 . 2012-07-04 05:36 1960960 ----a-w- c:\windows\system32\atiumdmv.dll
2012-07-04 05:35 . 2009-08-18 01:20 6245888 ----a-w- c:\windows\system32\atiumdag.dll
2012-07-04 05:28 . 2009-08-18 01:05 4749312 ----a-w- c:\windows\system32\atiumdva.dll
2012-07-04 05:11 . 2012-07-04 05:11 56832 ----a-w- c:\windows\system32\atimpc32.dll
2012-07-04 05:11 . 2012-07-04 05:11 56832 ----a-w- c:\windows\system32\amdpcom32.dll
2012-07-04 05:11 . 2012-07-04 05:11 364544 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-04 05:11 . 2012-07-04 05:11 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-04 05:11 . 2012-07-04 05:11 33280 ----a-w- c:\windows\system32\atigktxx.dll
2012-07-04 05:10 . 2012-07-04 05:10 290304 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-04 05:09 . 2012-07-04 05:09 42496 ----a-w- c:\windows\system32\atiuxpag.dll
2012-07-04 05:09 . 2012-07-04 05:09 32768 ----a-w- c:\windows\system32\atiu9pag.dll
2012-07-04 05:09 . 2012-07-04 05:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-04 05:04 . 2012-07-04 05:04 46080 ----a-w- c:\windows\system32\aticalrt.dll
2012-07-04 05:04 . 2012-07-04 05:04 44544 ----a-w- c:\windows\system32\aticalcl.dll
2012-07-04 04:59 . 2012-07-04 04:59 13402112 ----a-w- c:\windows\system32\aticaldd.dll
2012-07-04 00:32 . 2012-07-04 00:32 159232 ----a-w- c:\windows\system32\clinfo.exe
2012-07-01 17:36 . 2012-07-01 17:36 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-06-11 11:50 . 2012-06-11 11:50 65024 ----a-w- c:\windows\system32\OpenVideo.dll
2012-06-11 11:50 . 2012-06-11 11:50 56320 ----a-w- c:\windows\system32\OVDecode.dll
2012-06-11 11:49 . 2012-06-11 11:49 13008896 ----a-w- c:\windows\system32\amdocl.dll
2012-06-11 11:48 . 2012-06-11 11:48 50176 ----a-w- c:\windows\system32\OpenCL.dll
2012-06-02 22:19 . 2012-06-22 10:51 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 10:51 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 10:50 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 10:50 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:19 . 2012-06-22 10:51 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:12 . 2012-06-22 10:51 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12 . 2012-06-22 10:50 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 10:50 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:12 . 2012-06-22 10:50 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 04:40 . 2012-07-11 06:15 225280 ----a-w- c:\windows\system32\schannel.dll
2012-05-31 10:25 . 2010-12-25 09:28 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-17 20:42 . 2012-02-23 17:49 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264]
"Mouse Suite 98 Daemon"="ICO.EXE" [2004-07-14 57344]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
"Malwarebytes' Anti-Malware"="d:\malwarebytes' anti-malware\mbamgui.exe" [2012-07-03 462920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
ESET NOD32 Antivirus.lnk - c:\program files\ESET\ESET NOD32 Antivirus\egui.exe [2011-9-22 3080264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2011-09-22 11:03 3080264 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
R1 bbcap;bbcap;c:\windows\system32\DRIVERS\bbcap.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Juraj\AppData\Local\Temp\ALSysIO.sys [x]
R3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys [x]
R3 PAC207;SoC PC-Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 MBAMService;MBAMService;d:\malwarebytes' anti-malware\mbamservice.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 22:01]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - d:\micros~1\Office12\EXCEL.EXE/3000
IE: {{09E90109-A9AA-4980-BCEF-76F8D924E902}
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
TCP: DhcpNameServer = 192.168.100.1
FF - ProfilePath - c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\tstw6p5u.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4708)
c:\windows\System32\pelscrll.dll
c:\windows\System32\PELCOMM.dll
c:\windows\System32\PELHOOKS.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\System32\LEXBCES.EXE
c:\windows\System32\LEXPPS.EXE
c:\windows\system32\taskhost.exe
c:\program files\IObit\Advanced SystemCare 5\PMonitor.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\ico.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\windows\System32\Pelmiced.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2012-08-05 12:03:07 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-05 10:03
ComboFix2.txt 2012-08-03 08:11
.
Pre-Run: Volných bajtů: 13 124 456 448
Post-Run: Volných bajtů: 12 793 683 968
.
- - End Of File - - 9BAA150AE00CE21E4E312A5222256A9E

[Jurajxxx]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-05 12:09:55
-----------------------------
12:09:55.157 OS Version: Windows 6.1.7601 Service Pack 1
12:09:55.157 Number of processors: 1 586 0x7F01
12:09:55.157 ComputerName: JURAJ-PC UserName: Juraj
12:10:06.685 Initialize success
12:10:17.086 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
12:10:17.086 Disk 0 Vendor: Hitachi_ P21O Size: 76319MB BusType: 3
12:10:17.101 Disk 0 MBR read successfully
12:10:17.101 Disk 0 MBR scan
12:10:17.117 Disk 0 Windows 7 default MBR code
12:10:17.117 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 35843 MB offset 63
12:10:17.117 Disk 0 Partition - 00 0F Extended LBA 40472 MB offset 73408139
12:10:17.148 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 40472 MB offset 73408202
12:10:17.148 Disk 0 scanning sectors +156296322
12:10:17.179 Disk 0 scanning C:\Windows\system32\drivers
12:10:24.074 Service scanning
12:10:50.719 Modules scanning
12:11:00.360 Disk 0 trace - called modules:
12:11:00.376 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys
12:11:00.906 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86382030]
12:11:00.922 3 CLASSPNP.SYS[8b38f59e] -> nt!IofCallDriver -> [0x853bf700]
12:11:00.922 5 ACPI.sys[833a53d4] -> nt!IofCallDriver -> \Device\00000063[0x86094770]
12:11:00.937 Scan finished successfully
12:11:16.631 Disk 0 MBR has been saved successfully to "C:\Users\Juraj\Desktop\MBR.dat"
12:11:16.646 The log file has been saved successfully to "C:\Users\Juraj\Desktop\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Jurajxxx]

Všetko je ok tak diki za ochotu