Prosím o kontorolu logu - Pád fps a prehrievanie GPU Vyřešeno

[deystan]

To malo byť zlepšenie len zle som prečital, ale ten pád fps trvá stále. A ten pack od winu neviem či som to niekedy inštaloval.

delfix log

# DelFix v10.7 - Logfile created 28/07/2014 at 13:29:56
# Updated 27/04/2014 by Xplode
# Username : David - DAVID-PC
# Operating System : Windows 7 Ultimate (32 bits)

~ Removing disinfection tools ...

Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.0.0.40_25.07.2014_18.40.35_log.txt
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #10 [Naplánovaný kontrolní bod | 07/25/2014 17:51:11]

New restore point created !

########## - EOF - ##########

[Reklama]

[jaro3]

Tak si ho doinstaluj , musíš ho mít ve win update. Nebo ručně.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[deystan]

Combofix log

ComboFix 14-07-29.01 - David . 07. 2014 14:35:46.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.2047.1337 [GMT 2:00]
Running from: d:\hijackthis\ComboFix.exe
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((( Files Created from 2014-06-28 to 2014-07-29 )))))))))))))))))))))))))))))))
.
.
2014-07-29 12:40 . 2014-07-29 12:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-25 16:09 . 2014-07-25 16:09 -------- d-----w- c:\windows\ERUNT
2014-07-24 18:20 . 2014-07-25 16:16 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-24 18:20 . 2014-07-24 18:20 -------- d-----w- c:\programdata\RogueKiller
2014-07-23 16:46 . 2014-07-27 17:33 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-23 16:45 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-23 16:45 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-23 16:45 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-23 16:45 . 2014-07-23 16:45 -------- d-----w- c:\programdata\Malwarebytes
2014-07-22 16:47 . 2012-11-20 14:13 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-07-22 16:47 . 2014-07-22 16:47 -------- d-----w- c:\programdata\Razer
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\program files\Microsoft.NET
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\windows\Migration
2014-07-21 16:01 . 2014-07-21 16:01 -------- d-----w- c:\program files\Defraggler
2014-07-21 13:59 . 2009-11-25 19:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-07-21 13:59 . 2009-11-25 19:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-07-21 13:59 . 2009-11-25 19:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-07-21 13:59 . 2009-11-25 19:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-07-21 13:59 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-07-21 12:21 . 2013-04-17 19:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\IObit
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2014-07-20 17:18 . 2014-07-20 17:18 -------- d-----w- c:\programdata\Riot Games
2014-07-07 14:56 . 2014-04-26 11:27 686896 ----a-w- c:\windows\system32\eed_sl.exe
2014-07-07 14:56 . 2014-04-26 11:27 2277376 ----a-w- c:\windows\system32\eed_ec.dll
2014-07-07 11:25 . 2014-07-25 19:38 -------- d-----w- c:\users\UpdatusUser
2014-07-07 11:25 . 2014-07-07 11:25 -------- d-----w- c:\programdata\NVIDIA
2014-07-07 11:25 . 2013-01-31 09:01 2859296 ----a-w- c:\windows\system32\nvsvc.dll
2014-07-07 11:25 . 2013-01-31 09:01 3970848 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-07 11:25 . 2013-01-31 09:00 634656 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-07 11:25 . 2013-01-31 09:00 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-07-07 11:25 . 2013-01-31 09:00 2557728 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-07 11:25 . 2013-01-31 09:00 108832 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-07 11:24 . 2013-02-19 19:33 53024 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-07 11:24 . 2014-07-07 11:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-07-07 11:24 . 2014-07-07 11:25 -------- d-----w- c:\program files\NVIDIA Corporation
2014-07-07 11:18 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-07 11:18 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-07-07 11:18 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-07 11:18 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-07-07 11:18 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-07-07 11:18 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-07-07 11:18 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-07-07 11:18 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-07 11:18 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-07-07 10:13 . 2014-07-07 10:13 -------- d-----w- c:\program files\CCleaner
2014-07-07 10:10 . 2014-07-07 10:10 -------- d-----w- c:\program files\ESET
2014-07-07 10:03 . 2014-07-07 10:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 10:03 . 2014-07-07 10:03 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-07 10:03 . 2014-07-07 10:03 -------- d-----w- c:\windows\system32\Macromed
2014-07-07 10:02 . 2013-12-09 12:27 125248 ----a-r- c:\windows\Wiainst.exe
2014-07-07 10:02 . 2013-02-22 11:30 307200 ----a-w- c:\windows\system32\SaMinDrv.dll
2014-07-07 10:02 . 2013-02-22 11:30 102400 ----a-w- c:\windows\system32\SaImgFlt.dll
2014-07-07 10:02 . 2013-02-22 11:30 61440 ----a-w- c:\windows\system32\SaErHdlr.dll
2014-07-07 10:01 . 2014-07-07 10:01 -------- d-----w- c:\programdata\Samsung
2014-07-07 10:01 . 2013-07-28 09:40 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ssm4mpc.dll
2014-07-07 10:01 . 2013-11-14 02:57 212600 ----a-w- c:\windows\system32\SBuySupplies.exe
2014-07-07 10:01 . 2013-05-29 12:03 24064 ----a-w- c:\windows\system32\ssm4mlm.dll
2014-07-07 10:01 . 2013-05-29 12:03 158040 ----a-w- c:\windows\system32\ssm4mci.exe
2014-07-07 10:01 . 2013-05-29 12:03 65536 ----a-w- c:\windows\system32\ssm4mci.dll
2014-07-07 10:01 . 2013-06-28 14:36 94208 ----a-w- c:\windows\system32\Ssdevm.dll
2014-07-07 10:01 . 2013-06-02 02:38 53248 ----a-w- c:\windows\system32\Ssusbpn.dll
2014-07-07 10:00 . 2014-07-07 10:22 -------- d-----w- c:\program files\Samsung
2014-07-07 09:51 . 2014-07-07 11:06 -------- d-----w- c:\windows\Panther
2014-07-07 09:25 . 2014-06-17 00:57 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0FE1ED3-5C19-4C40-B555-2F66BB22F19A}\mpengine.dll
2014-07-07 09:25 . 2014-03-31 07:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-07 09:14 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-07-07 09:14 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-07-07 09:14 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-07-07 09:11 . 2014-07-22 16:43 -------- d-sh--w- c:\windows\Installer
2014-07-07 09:10 . 2014-07-29 12:29 -------- d-----w- c:\windows\system32\wbem\Performance
2014-07-07 09:06 . 2014-07-21 12:27 -------- d-----w- c:\users\David
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5075104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2014-02-24 1343408]
S2 RzKLService;RzKLService;d:\razer game booster\RzKLService.exe [2014-02-25 105448]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2013-04-30 5120]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Advanced SystemCare 6 - f:\advanced systemcare 6\ASCTray.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2014-07-29 14:43:57 - machine was rebooted
ComboFix-quarantined-files.txt 2014-07-29 12:43
.
Pre-Run: Volných bajtů: 39 289 790 464
Post-Run: Volných bajtů: 39 182 057 472
.
- - End Of File - - E54C034E048F863EAAFDE6828B16501C
A36C5E4F47E84449FF07ED3517B43A31

[Orcus]

Když píšem vypnout AV, tak ho prosím vypni.

AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

Takže ještě jednou a lépe.

[deystan]

pardon nevšimol som si toho

tu je druhy log

ComboFix 14-07-29.01 - David . 07. 2014 19:20:36.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.2047.1656 [GMT 2:00]
Running from: d:\hijackthis\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-06-28 to 2014-07-29 )))))))))))))))))))))))))))))))
.
.
2014-07-29 17:25 . 2014-07-29 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-29 13:00 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2014-07-29 13:00 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-07-29 13:00 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll
2014-07-29 13:00 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-07-29 13:00 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2014-07-29 12:59 . 2012-11-09 04:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-25 16:09 . 2014-07-25 16:09 -------- d-----w- c:\windows\ERUNT
2014-07-24 18:20 . 2014-07-25 16:16 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-24 18:20 . 2014-07-24 18:20 -------- d-----w- c:\programdata\RogueKiller
2014-07-23 16:46 . 2014-07-27 17:33 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-23 16:45 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-23 16:45 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-23 16:45 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-23 16:45 . 2014-07-23 16:45 -------- d-----w- c:\programdata\Malwarebytes
2014-07-22 16:47 . 2012-11-20 14:13 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-07-22 16:47 . 2014-07-22 16:47 -------- d-----w- c:\programdata\Razer
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\program files\Microsoft.NET
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\windows\Migration
2014-07-21 16:01 . 2014-07-21 16:01 -------- d-----w- c:\program files\Defraggler
2014-07-21 13:59 . 2009-11-25 19:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-07-21 13:59 . 2009-11-25 19:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-07-21 13:59 . 2009-11-25 19:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-07-21 13:59 . 2009-11-25 19:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-07-21 13:59 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-07-21 12:21 . 2013-04-17 19:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\IObit
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2014-07-20 17:18 . 2014-07-20 17:18 -------- d-----w- c:\programdata\Riot Games
2014-07-07 14:56 . 2014-04-26 11:27 686896 ----a-w- c:\windows\system32\eed_sl.exe
2014-07-07 14:56 . 2014-04-26 11:27 2277376 ----a-w- c:\windows\system32\eed_ec.dll
2014-07-07 11:25 . 2014-07-25 19:38 -------- d-----w- c:\users\UpdatusUser
2014-07-07 11:25 . 2014-07-07 11:25 -------- d-----w- c:\programdata\NVIDIA
2014-07-07 11:25 . 2013-01-31 09:01 2859296 ----a-w- c:\windows\system32\nvsvc.dll
2014-07-07 11:25 . 2013-01-31 09:01 3970848 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-07 11:25 . 2013-01-31 09:00 634656 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-07 11:25 . 2013-01-31 09:00 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-07-07 11:25 . 2013-01-31 09:00 2557728 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-07 11:25 . 2013-01-31 09:00 108832 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-07 11:24 . 2013-02-19 19:33 53024 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-07 11:24 . 2014-07-07 11:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-07-07 11:24 . 2014-07-07 11:25 -------- d-----w- c:\program files\NVIDIA Corporation
2014-07-07 11:18 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-07 11:18 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-07-07 11:18 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-07 11:18 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-07-07 11:18 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-07-07 11:18 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-07-07 11:18 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-07-07 11:18 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-07 11:18 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-07-07 10:13 . 2014-07-07 10:13 -------- d-----w- c:\program files\CCleaner
2014-07-07 10:10 . 2014-07-07 10:10 -------- d-----w- c:\program files\ESET
2014-07-07 10:03 . 2014-07-07 10:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 10:03 . 2014-07-07 10:03 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-07 10:03 . 2014-07-07 10:03 -------- d-----w- c:\windows\system32\Macromed
2014-07-07 10:02 . 2013-12-09 12:27 125248 ----a-r- c:\windows\Wiainst.exe
2014-07-07 10:02 . 2013-02-22 11:30 307200 ----a-w- c:\windows\system32\SaMinDrv.dll
2014-07-07 10:02 . 2013-02-22 11:30 102400 ----a-w- c:\windows\system32\SaImgFlt.dll
2014-07-07 10:02 . 2013-02-22 11:30 61440 ----a-w- c:\windows\system32\SaErHdlr.dll
2014-07-07 10:01 . 2014-07-07 10:01 -------- d-----w- c:\programdata\Samsung
2014-07-07 10:01 . 2013-07-28 09:40 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ssm4mpc.dll
2014-07-07 10:01 . 2013-11-14 02:57 212600 ----a-w- c:\windows\system32\SBuySupplies.exe
2014-07-07 10:01 . 2013-05-29 12:03 24064 ----a-w- c:\windows\system32\ssm4mlm.dll
2014-07-07 10:01 . 2013-05-29 12:03 158040 ----a-w- c:\windows\system32\ssm4mci.exe
2014-07-07 10:01 . 2013-05-29 12:03 65536 ----a-w- c:\windows\system32\ssm4mci.dll
2014-07-07 10:01 . 2013-06-28 14:36 94208 ----a-w- c:\windows\system32\Ssdevm.dll
2014-07-07 10:01 . 2013-06-02 02:38 53248 ----a-w- c:\windows\system32\Ssusbpn.dll
2014-07-07 10:00 . 2014-07-07 10:22 -------- d-----w- c:\program files\Samsung
2014-07-07 09:51 . 2014-07-07 11:06 -------- d-----w- c:\windows\Panther
2014-07-07 09:25 . 2014-06-17 00:57 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0FE1ED3-5C19-4C40-B555-2F66BB22F19A}\mpengine.dll
2014-07-07 09:25 . 2014-03-31 07:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-07 09:14 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-07-07 09:14 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-07-07 09:14 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-07-07 09:11 . 2014-07-22 16:43 -------- d-sh--w- c:\windows\Installer
2014-07-07 09:10 . 2014-07-29 13:10 -------- d-----w- c:\windows\system32\wbem\Performance
2014-07-07 09:06 . 2014-07-21 12:27 -------- d-----w- c:\users\David
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5075104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2014-02-24 1343408]
S2 RzKLService;RzKLService;d:\razer game booster\RzKLService.exe [2014-02-25 105448]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2013-04-30 5120]
.
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-07-29 19:26:42
ComboFix-quarantined-files.txt 2014-07-29 17:26
ComboFix2.txt 2014-07-29 12:43
.
Pre-Run: Volných bajtů: 40 036 782 080
Post-Run: Volných bajtů: 39 994 478 592
.
- - End Of File - - FA1CF5724B5CADD5ACD3ABC1B443270A
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
ClearJavaCache::

DirLook::
c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[deystan]

ComboFix log

ComboFix 14-07-29.01 - David . 07. 2014 13:56:31.3.1 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.3071.2312 [GMT 2:00]
Running from: d:\hijackthis\ComboFix.exe
Command switches used :: c:\users\David\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2014-06-28 to 2014-07-30 )))))))))))))))))))))))))))))))
.
.
2014-07-30 12:00 . 2014-07-30 12:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-29 13:00 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2014-07-29 13:00 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-07-29 13:00 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll
2014-07-29 13:00 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-07-29 13:00 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2014-07-29 12:59 . 2012-11-09 04:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-25 16:09 . 2014-07-25 16:09 -------- d-----w- c:\windows\ERUNT
2014-07-24 18:20 . 2014-07-25 16:16 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-24 18:20 . 2014-07-24 18:20 -------- d-----w- c:\programdata\RogueKiller
2014-07-23 16:46 . 2014-07-27 17:33 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-23 16:45 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-23 16:45 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-23 16:45 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-23 16:45 . 2014-07-23 16:45 -------- d-----w- c:\programdata\Malwarebytes
2014-07-22 16:47 . 2012-11-20 14:13 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-07-22 16:47 . 2014-07-22 16:47 -------- d-----w- c:\programdata\Razer
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\program files\Microsoft.NET
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\windows\Migration
2014-07-21 16:01 . 2014-07-21 16:01 -------- d-----w- c:\program files\Defraggler
2014-07-21 13:59 . 2009-11-25 19:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-07-21 13:59 . 2009-11-25 19:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-07-21 13:59 . 2009-11-25 19:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-07-21 13:59 . 2009-11-25 19:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-07-21 13:59 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-07-21 12:21 . 2013-04-17 19:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\IObit
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2014-07-20 17:18 . 2014-07-20 17:18 -------- d-----w- c:\programdata\Riot Games
2014-07-07 14:56 . 2014-04-26 11:27 686896 ----a-w- c:\windows\system32\eed_sl.exe
2014-07-07 14:56 . 2014-04-26 11:27 2277376 ----a-w- c:\windows\system32\eed_ec.dll
2014-07-07 11:25 . 2014-07-25 19:38 -------- d-----w- c:\users\UpdatusUser
2014-07-07 11:25 . 2014-07-07 11:25 -------- d-----w- c:\programdata\NVIDIA
2014-07-07 11:25 . 2013-01-31 09:01 2859296 ----a-w- c:\windows\system32\nvsvc.dll
2014-07-07 11:25 . 2013-01-31 09:01 3970848 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-07 11:25 . 2013-01-31 09:00 634656 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-07 11:25 . 2013-01-31 09:00 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-07-07 11:25 . 2013-01-31 09:00 2557728 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-07 11:25 . 2013-01-31 09:00 108832 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-07 11:24 . 2013-02-19 19:33 53024 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-07 11:24 . 2014-07-07 11:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-07-07 11:24 . 2014-07-07 11:25 -------- d-----w- c:\program files\NVIDIA Corporation
2014-07-07 11:18 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-07 11:18 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-07-07 11:18 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-07 11:18 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-07-07 11:18 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-07-07 11:18 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-07-07 11:18 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-07-07 11:18 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-07 11:18 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-07-07 10:13 . 2014-07-07 10:13 -------- d-----w- c:\program files\CCleaner
2014-07-07 10:10 . 2014-07-07 10:10 -------- d-----w- c:\program files\ESET
2014-07-07 10:03 . 2014-07-07 10:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 10:03 . 2014-07-07 10:03 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-07 10:03 . 2014-07-07 10:03 -------- d-----w- c:\windows\system32\Macromed
2014-07-07 10:02 . 2013-12-09 12:27 125248 ----a-r- c:\windows\Wiainst.exe
2014-07-07 10:02 . 2013-02-22 11:30 307200 ----a-w- c:\windows\system32\SaMinDrv.dll
2014-07-07 10:02 . 2013-02-22 11:30 102400 ----a-w- c:\windows\system32\SaImgFlt.dll
2014-07-07 10:02 . 2013-02-22 11:30 61440 ----a-w- c:\windows\system32\SaErHdlr.dll
2014-07-07 10:01 . 2014-07-07 10:01 -------- d-----w- c:\programdata\Samsung
2014-07-07 10:01 . 2013-07-28 09:40 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ssm4mpc.dll
2014-07-07 10:01 . 2013-11-14 02:57 212600 ----a-w- c:\windows\system32\SBuySupplies.exe
2014-07-07 10:01 . 2013-05-29 12:03 24064 ----a-w- c:\windows\system32\ssm4mlm.dll
2014-07-07 10:01 . 2013-05-29 12:03 158040 ----a-w- c:\windows\system32\ssm4mci.exe
2014-07-07 10:01 . 2013-05-29 12:03 65536 ----a-w- c:\windows\system32\ssm4mci.dll
2014-07-07 10:01 . 2013-06-28 14:36 94208 ----a-w- c:\windows\system32\Ssdevm.dll
2014-07-07 10:01 . 2013-06-02 02:38 53248 ----a-w- c:\windows\system32\Ssusbpn.dll
2014-07-07 10:00 . 2014-07-07 10:22 -------- d-----w- c:\program files\Samsung
2014-07-07 09:51 . 2014-07-07 11:06 -------- d-----w- c:\windows\Panther
2014-07-07 09:25 . 2014-06-17 00:57 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0FE1ED3-5C19-4C40-B555-2F66BB22F19A}\mpengine.dll
2014-07-07 09:25 . 2014-03-31 07:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-07 09:14 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-07-07 09:14 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-07-07 09:14 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-07-07 09:11 . 2014-07-22 16:43 -------- d-sh--w- c:\windows\Installer
2014-07-07 09:10 . 2014-07-30 11:59 -------- d-----w- c:\windows\system32\wbem\Performance
2014-07-07 09:06 . 2014-07-21 12:27 -------- d-----w- c:\users\David
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5075104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
R1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2014-02-24 1343408]
R2 RzKLService;RzKLService;d:\razer game booster\RzKLService.exe [2014-02-25 105448]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2013-04-30 5120]
.
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
.
Completion time: 2014-07-30 14:01:45
ComboFix-quarantined-files.txt 2014-07-30 12:01
ComboFix2.txt 2014-07-29 17:26
ComboFix3.txt 2014-07-29 12:43
.
Pre-Run: Volných bajtů: 38 167 126 016
Post-Run: Volných bajtů: 38 052 311 040
.
- - End Of File - - 0AE9510384F476597A43A953EDB03570
A36C5E4F47E84449FF07ED3517B43A31


HijackThis log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:04:37, on 30. 7. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchFilterHost.exe
D:\hijackthis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: RzKLService - Razer Inc. - D:\Razer Game Booster\RzKLService.exe

--
End of file - 1728 bytes

aswMBR

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-30 14:03:24
-----------------------------
14:03:24.667 OS Version: Windows 6.1.7600
14:03:24.667 Number of processors: 1 586 0x5F02
14:03:24.667 ComputerName: DAVID-PC UserName: David
14:03:29.511 Initialize success
14:03:29.574 VM: initialized successfully
14:03:29.605 VM: Amd CPU virtualization not supported
14:03:38.124 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
14:03:38.124 Disk 0 Vendor: WDC_WD16 10.0 Size: 152627MB BusType: 3
14:03:38.311 Disk 0 MBR read successfully
14:03:38.311 Disk 0 MBR scan
14:03:38.311 Disk 0 Windows 7 default MBR code
14:03:38.327 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:03:38.327 Disk 0 Boot: NTFS code=2
14:03:38.358 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 49900 MB offset 206848
14:03:38.374 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 102625 MB offset 102402048
14:03:38.389 Disk 0 scanning sectors +312578048
14:03:38.452 Disk 0 scanning C:\Windows\system32\drivers
14:03:43.764 Service scanning
14:03:57.905 Modules scanning
14:04:09.733 Disk 0 trace - called modules:
14:04:09.749 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys
14:04:09.764 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e52338]
14:04:09.764 3 CLASSPNP.SYS[8afc259e] -> nt!IofCallDriver -> [0x84fc25e8]
14:04:09.780 5 ACPI.sys[82f9a3b2] -> nt!IofCallDriver -> \Device\0000005e[0x85874030]
14:04:09.780 Scan finished successfully
14:04:15.061 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
14:04:15.061 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"

[Orcus]

Ve skriptu od jara3 byl překlep, zkus jej provést prosím ještě jednou.

[deystan]

Tu je druhý :)

ComboFix 14-07-29.01 - David . 07. 2014 22:01:42.4.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1029.18.3071.2531 [GMT 2:00]
Running from: d:\hijackthis\ComboFix.exe
Command switches used :: c:\users\David\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-06-28 to 2014-07-30 )))))))))))))))))))))))))))))))
.
.
2014-07-30 20:06 . 2014-07-30 20:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-29 13:00 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2014-07-29 13:00 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2014-07-29 13:00 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll
2014-07-29 13:00 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2014-07-29 13:00 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2014-07-29 12:59 . 2012-11-09 04:49 2048 ----a-w- c:\windows\system32\tzres.dll
2014-07-25 16:09 . 2014-07-25 16:09 -------- d-----w- c:\windows\ERUNT
2014-07-24 18:20 . 2014-07-25 16:16 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-07-24 18:20 . 2014-07-24 18:20 -------- d-----w- c:\programdata\RogueKiller
2014-07-23 16:46 . 2014-07-27 17:33 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-23 16:45 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-23 16:45 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-23 16:45 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-23 16:45 . 2014-07-23 16:45 -------- d-----w- c:\programdata\Malwarebytes
2014-07-22 16:47 . 2012-11-20 14:13 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2014-07-22 16:47 . 2012-11-20 14:13 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2014-07-22 16:47 . 2014-07-22 16:47 -------- d-----w- c:\programdata\Razer
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\program files\Microsoft.NET
2014-07-22 16:39 . 2014-07-22 16:39 -------- d-----w- c:\windows\Migration
2014-07-21 16:01 . 2014-07-21 16:01 -------- d-----w- c:\program files\Defraggler
2014-07-21 13:59 . 2009-11-25 19:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-07-21 13:59 . 2009-11-25 19:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-07-21 13:59 . 2009-11-25 19:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-07-21 13:59 . 2009-11-25 19:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-07-21 13:59 . 2009-11-25 19:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-07-21 12:21 . 2013-04-17 19:20 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\IObit
2014-07-21 12:18 . 2014-07-21 12:18 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2014-07-20 17:18 . 2014-07-20 17:18 -------- d-----w- c:\programdata\Riot Games
2014-07-07 14:56 . 2014-04-26 11:27 686896 ----a-w- c:\windows\system32\eed_sl.exe
2014-07-07 14:56 . 2014-04-26 11:27 2277376 ----a-w- c:\windows\system32\eed_ec.dll
2014-07-07 11:25 . 2014-07-25 19:38 -------- d-----w- c:\users\UpdatusUser
2014-07-07 11:25 . 2014-07-07 11:25 -------- d-----w- c:\programdata\NVIDIA
2014-07-07 11:25 . 2013-01-31 09:01 2859296 ----a-w- c:\windows\system32\nvsvc.dll
2014-07-07 11:25 . 2013-01-31 09:01 3970848 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-07 11:25 . 2013-01-31 09:00 634656 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-07 11:25 . 2013-01-31 09:00 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-07-07 11:25 . 2013-01-31 09:00 2557728 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-07 11:25 . 2013-01-31 09:00 108832 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-07 11:24 . 2013-02-19 19:33 53024 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-07 11:24 . 2014-07-07 11:24 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-07-07 11:24 . 2014-07-07 11:25 -------- d-----w- c:\program files\NVIDIA Corporation
2014-07-07 11:18 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-07 11:18 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-07-07 11:18 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-07 11:18 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-07-07 11:18 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-07-07 11:18 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-07-07 11:18 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-07-07 11:18 . 2012-06-02 13:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-07-07 11:18 . 2012-06-02 13:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-07-07 10:13 . 2014-07-07 10:13 -------- d-----w- c:\program files\CCleaner
2014-07-07 10:10 . 2014-07-07 10:10 -------- d-----w- c:\program files\ESET
2014-07-07 10:03 . 2014-07-07 10:03 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-07 10:03 . 2014-07-07 10:03 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-07 10:03 . 2014-07-07 10:03 -------- d-----w- c:\windows\system32\Macromed
2014-07-07 10:02 . 2013-12-09 12:27 125248 ----a-r- c:\windows\Wiainst.exe
2014-07-07 10:02 . 2013-02-22 11:30 307200 ----a-w- c:\windows\system32\SaMinDrv.dll
2014-07-07 10:02 . 2013-02-22 11:30 102400 ----a-w- c:\windows\system32\SaImgFlt.dll
2014-07-07 10:02 . 2013-02-22 11:30 61440 ----a-w- c:\windows\system32\SaErHdlr.dll
2014-07-07 10:01 . 2014-07-07 10:01 -------- d-----w- c:\programdata\Samsung
2014-07-07 10:01 . 2013-07-28 09:40 28672 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\ssm4mpc.dll
2014-07-07 10:01 . 2013-11-14 02:57 212600 ----a-w- c:\windows\system32\SBuySupplies.exe
2014-07-07 10:01 . 2013-05-29 12:03 24064 ----a-w- c:\windows\system32\ssm4mlm.dll
2014-07-07 10:01 . 2013-05-29 12:03 158040 ----a-w- c:\windows\system32\ssm4mci.exe
2014-07-07 10:01 . 2013-05-29 12:03 65536 ----a-w- c:\windows\system32\ssm4mci.dll
2014-07-07 10:01 . 2013-06-28 14:36 94208 ----a-w- c:\windows\system32\Ssdevm.dll
2014-07-07 10:01 . 2013-06-02 02:38 53248 ----a-w- c:\windows\system32\Ssusbpn.dll
2014-07-07 10:00 . 2014-07-07 10:22 -------- d-----w- c:\program files\Samsung
2014-07-07 09:51 . 2014-07-07 11:06 -------- d-----w- c:\windows\Panther
2014-07-07 09:25 . 2014-06-17 00:57 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0FE1ED3-5C19-4C40-B555-2F66BB22F19A}\mpengine.dll
2014-07-07 09:25 . 2014-03-31 07:35 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-07 09:14 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2014-07-07 09:14 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2014-07-07 09:14 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2014-07-07 09:14 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2014-07-07 09:11 . 2014-07-22 16:43 -------- d-sh--w- c:\windows\Installer
2014-07-07 09:10 . 2014-07-30 16:52 -------- d-----w- c:\windows\system32\wbem\Performance
2014-07-07 09:06 . 2014-07-21 12:27 -------- d-----w- c:\users\David
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5075104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 49240]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 188808]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 134248]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 37416]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2014-02-24 1343408]
S2 RzKLService;RzKLService;d:\razer game booster\RzKLService.exe [2014-02-25 105448]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2013-04-30 5120]
.
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
.
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2014-07-30 22:09:23 - machine was rebooted
ComboFix-quarantined-files.txt 2014-07-30 20:09
ComboFix2.txt 2014-07-29 17:26
ComboFix3.txt 2014-07-29 12:43
.
Pre-Run: Volných bajtů: 38 168 989 696
Post-Run: Volných bajtů: 37 966 503 936
.
- - End Of File - - A02FC43BCD1D76CACA8A5F824C3EC4BE
A36C5E4F47E84449FF07ED3517B43A31

[Orcus]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

Folder::
c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[jaro3]

+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[deystan]

aswMBR log som už posielal :)

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-07-30 14:03:24
-----------------------------
14:03:24.667 OS Version: Windows 6.1.7600
14:03:24.667 Number of processors: 1 586 0x5F02
14:03:24.667 ComputerName: DAVID-PC UserName: David
14:03:29.511 Initialize success
14:03:29.574 VM: initialized successfully
14:03:29.605 VM: Amd CPU virtualization not supported
14:03:38.124 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005e
14:03:38.124 Disk 0 Vendor: WDC_WD16 10.0 Size: 152627MB BusType: 3
14:03:38.311 Disk 0 MBR read successfully
14:03:38.311 Disk 0 MBR scan
14:03:38.311 Disk 0 Windows 7 default MBR code
14:03:38.327 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:03:38.327 Disk 0 Boot: NTFS code=2
14:03:38.358 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 49900 MB offset 206848
14:03:38.374 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 102625 MB offset 102402048
14:03:38.389 Disk 0 scanning sectors +312578048
14:03:38.452 Disk 0 scanning C:\Windows\system32\drivers
14:03:43.764 Service scanning
14:03:57.905 Modules scanning
14:04:09.733 Disk 0 trace - called modules:
14:04:09.749 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys
14:04:09.764 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e52338]
14:04:09.764 3 CLASSPNP.SYS[8afc259e] -> nt!IofCallDriver -> [0x84fc25e8]
14:04:09.780 5 ACPI.sys[82f9a3b2] -> nt!IofCallDriver -> \Device\0000005e[0x85874030]
14:04:09.780 Scan finished successfully
14:04:15.061 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
14:04:15.061 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"