pomalý systém - prosím o kontrolu

[memphisto]

Combofixem to nebylo. Ten smazal pouze nepotřebné položky v registru.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Reklama]

[quinter]

ComboFix 11-01-12.04 - Tony 13.01.2011 19:32:34.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4061.3164 [GMT 1:00]
Spuštěný z: c:\users\Tony\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tony\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-13 do 2011-01-13 )))))))))))))))))))))))))))))))
.

2011-01-13 18:36 . 2011-01-13 18:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-13 18:36 . 2011-01-13 18:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-01-12 11:53 . 2011-01-12 11:53 -------- d-----w- c:\users\Tony\AppData\Roaming\Avira
2011-01-12 11:52 . 2011-01-12 11:52 -------- d-----w- c:\programdata\Avira
2011-01-12 11:52 . 2011-01-12 11:52 -------- d-----w- c:\program files (x86)\Avira
2011-01-12 11:52 . 2010-12-13 07:40 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-12 11:52 . 2010-12-13 07:40 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-12 10:35 . 2011-01-12 10:35 -------- d-----w- c:\users\Tony\AppData\Local\ATI
2011-01-12 07:55 . 2010-04-28 10:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2011-01-12 07:55 . 2010-04-27 00:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2011-01-12 07:55 . 2010-04-08 09:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2011-01-12 07:55 . 2010-04-01 13:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2011-01-12 07:55 . 2009-02-05 01:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2011-01-12 07:11 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 07:11 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 07:11 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 07:11 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 07:11 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 07:11 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-12 07:11 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-12 07:11 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-12 07:11 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-12 07:11 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-10 18:51 . 2011-01-10 18:51 -------- d-----w- c:\programdata\ATI
2011-01-10 18:51 . 2011-01-10 18:51 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-01-10 18:50 . 2011-01-10 18:51 -------- d-----w- c:\program files\ATI Technologies
2011-01-10 18:27 . 2011-01-10 18:27 -------- d-----w- c:\program files\ATI
2011-01-10 17:58 . 2011-01-10 18:37 -------- d-----w- c:\program files (x86)\Driver Sweeper
2010-12-23 14:07 . 2010-12-23 14:07 -------- d-----w- C:\extensions

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 17:54 . 2010-12-04 17:32 4484 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-13 12:30 . 2009-12-22 00:44 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-01-13 12:30 . 2009-12-22 00:44 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-01-13 12:29 . 2009-12-22 00:44 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-01-08 20:03 . 2009-12-22 00:44 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-12-20 17:09 . 2010-03-12 21:29 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2009-12-22 17:57 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-19 09:41 . 2009-12-21 10:43 270720 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((( SnapShot@2011-01-13_17.00.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-21 13:14 . 2011-01-13 17:52 81458 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-09-21 13:14 . 2011-01-13 16:51 81458 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-01-13 16:51 54952 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-13 17:52 54952 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-20 19:14 . 2011-01-13 17:52 29196 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4154602735-317559753-901735074-1000_UserData.bin
- 2009-12-20 14:53 . 2011-01-12 12:29 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-20 14:53 . 2011-01-13 18:18 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-05 15:04 . 2011-01-13 18:18 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-12-05 15:04 . 2011-01-12 12:29 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-13 18:18 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-12 12:29 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-20 16:11 . 2011-01-13 18:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-20 16:11 . 2011-01-13 16:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-20 16:11 . 2011-01-13 16:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-12-20 16:11 . 2011-01-13 18:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-01-13 18:37 . 2011-01-13 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-01-13 16:49 . 2011-01-13 16:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-13 18:37 . 2011-01-13 18:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-01-13 16:49 . 2011-01-13 16:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-20 16:27 . 2011-01-13 17:56 499412 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2011-01-13 13:27 402396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-01-13 18:36 402396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34 . 2011-01-12 12:29 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-13 17:02 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-12-04 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]

c:\users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R3 cpuz130;cpuz130;c:\users\Tony\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
R3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\DRIVERS\hidusbf.sys [2010-02-06 7808]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-21 834544]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 450048]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="%ProgramFiles%\TOSHIBA\TECO\Teco.exe" [BU]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
"SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe" [BU]
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe" [BU]
"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {B15D64A5-DCE2-47E7-81BC-1B0F3ABBF2BB} = 213.180.32.2,213.180.33.225
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-4154602735-317559753-901735074-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D88B2C64-B12F-8690-6132-451BF5CC1CD8}*]
@Allowed: (Read) (RestrictedCode)
"jadnecnfkgmnjnoladko"=hex:62,61,70,6f,00,33
"jadnecnfkgmnjnoladgo"=hex:62,61,67,6f,00,33
"iadmamkpeihddibjhg"=hex:6b,61,6f,6f,70,6b,6b,6a,6b,63,69,6d,6c,68,61,65,6c,70,
64,68,62,69,00,00

[HKEY_USERS\S-1-5-21-4154602735-317559753-901735074-1000\Software\SecuROM\License information*]
"datasecu"=hex:37,f6,f9,b7,7a,87,22,d5,ed,03,4a,0d,25,63,d8,cc,f7,22,a7,32,82,
5c,e2,2a,88,03,2d,1a,03,53,1f,a7,18,67,33,1b,22,46,95,b2,e8,3c,ba,d4,8e,b2,\
"rkeysecu"=hex:e8,0d,1f,57,93,a9,b8,82,70,36,e4,c4,94,46,7c,e6

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="01DF18302C1134048DD3A716B9B14EA06426B7B4BF8F94964E5E08D0DAA0C36AB5F01A48E46EE107D43558F550145D6DB761AAA9CBBC7CEF8716BC2040BF9677B1FE29201343A065D605F097C5F68BF70885B84B57D36FC85BA6E02101FA8752C7346C6C40960192D98B325329D0152B341E5FBE945D76A65B7ED2E0968B8DB9DC7C3B4247718524B9D6906A5A9D29172AF9510D89648DB22ECAA0504A2D908E6C88239CD8E0A4D5E43A3601905C6CEE6EACF52312F827BA0B038EC5BD20F1D8845063D9FB76FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D9DB7CE019D40AA5CBA7FD869164D6794B7CF4EAA46FBBB29B5C1BB8E4A6CE00E59E4F7EA76B9C9B0FA87A8279BE2099554942564E6AE79BAC366141F033404BFD597DFE08D873A9C21F374F558E140637370514805ED019D5137E830E3133A2DBA3F536E295B564552784C2472E50FF03F8904E29CE6E9AAF294404EE3BE037EAC13CEC2DE169FC5DEC5419EBC189C6954280286DBAC21BDB2FDB3C9B0512CE1C16E5FD0F8FA6C3C8AAE7698BC03E27C44B8264327326538101B71B8ABCA5C890550A84DF3B0E44B0D2A260AAD1AB2DD134CDB7597D2CAFEFBB53D73E60C8B2BF55B64338243091B93569A2E7EB0AC463A98A6B675CA39F95C3A6B97AC5C077F0656DABF8921A8D43D713503D0FDC86F27759967423C6B150B3C6706F9666FC41EAC6D76229E6A279D606ACBFB9ED11939DF5F2CB1AC73C35771AF647D36B8BC996C0E9B99F348453D2A42128993E609C779B4ED2B04B2770333D51C1DC1AC2D46C9C43BF2BA906698F9D79EB9C179841B076B57C99162AB42FE0059F0DC67DFE61A2CA2E272E2C31F23DD01FC71D058EFF1E859DC850EDA41F7E80D4643DAA133D874E35280B61C3695168C7B4D0854F645A4A7E8F594069CE25F6E1C92CA445626DF56DFA9D534346B5AD78E680ECC5534AD3BA45CABB2E62AC4F3284D4F1EEEC2C6125C1CDDCFE4DF173F45B4A597A411A4507B155969A65C105D52D956098F9793F64DE3403C89D2CAE1628C6590F1573FE58C62F936552A4B2AB703A161C0ADC626ECF7C246D5490C225BAA3798BC2247402D693DAAE169141F28F6C20A7CB5718628AD80C071698127DCB05C137C3397E763B427D92C161D46A9C72668B1023D41A0BFE4837880E75C4323646797EF252AEAAF105E0C4B2D6D726D86E5C308E3C52CCFB368FBFC10F0A2E938016E5FF11534AC22D2CBCC1EA4F040746F0AE435C5D3DF81CDFEF4DD5840D091CF4E3098FEE1E1DDD9A780DDC1C50055F74E5615B6D4D73817F89DC84918098047FE33C5FECAE69716536E70DC43CD62F4503FF8D32182172AD7555F3E572766DE385C3C707C3BF633F3C6"
"OODEFRAG14.00.00.01PROFESSIONAL"="0F4D02330B013A488595D04CDB53A9A45B919ED87EF3717BC70568A84F829CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555BA7FD869164D6794BA7FD869164D6794656865088A56E9C2DF2EC65BFE3F5F6B8B89B90FDCC6AFEDB3D47A1104F3579D8B0587D245C9F140F4CCAD2FD273AE349B59E5CE048611235B13FE23DECC8A41F8F61CF201A8DC252CFB8172497CCCA5F50B306F5E30A9CD4A05D18B773A2160885777870640E068C324A21A1EC8105DDB79A6603CF28DD6E596CFD1524A0B4AE24263D0AD23ED62CA326AC11F0B02DFE302CF340142810B6AB6CBA289D26BB689591FB666252154A699A227AEB7DE93F68823A5A6550299645A094F4AEA99BCCF41DBC1B3DFD05D114F8BAF470A19C452F20B8EB7A7BB1839F8C0CCD46F225CDDA1BF9FA9310407954CD6DFF081D622882CE86E5577917E1E8C20337E01C3742FA664A3F3397A39950FABE4CDDCF03F00A3116BB3C81A299D954940B182F14C92045943D05D2144C499258B0F26759471CA4BCB9BE12158979850D4EA9B540DAD6A1F9791469ED92DEE53C67C25A47BEB18D2FBE8CEA3B1BD9DBEF4BBBBC643F6162D5F9EE1CB90AB9C38AEF0E7F4B4CE07588B0BDD54BB982E8FCBC88E58DFB941EBFBEF61B2E0702DCA7DDD41116452967F2E07A29AE380DBB6A3CC8CCC3A972D3A7394B9162C80B47713C348D38F00C8E0BC75F390FAA5B818ED13EA9A8A049E696FAF24E9B3B3469BF03B55D0243324883382EE05B30BDD0C417E26706EC45FC03F761D571EB7FC8A3FEF084D6FA0B375AF6EEE792986E660540400A9E777B979D233E6B8F48D778C47A041C1A64D061D770C1A25D544725606AB7B5DDA0B804240C506A0A60AD55BF99F28DCE0912EE6F2C55772194125A1561560D0914407BBC31EC3D306D53DA5E856267F979CC12FAC96D0013AD1256C696FBB0039B9A6FC3844AC4AC96D59904BBE6A40ACEFDB44D51076A1DF1C20538901DC1B64583B112251922F8C21D5317BE7666762619C6CC055FA5B171BC368A223D88586DEA6F226F30B64CB16E69279F55072DF99A35EE61E55E84F9C45AF46C207D5FAE14C180D6F6E7EEAC5BE34679EA21431989A47E339C039DD455BA1A8E00459FCC896E3C6985AC5AE7C990A8CAF9A30C52EA946F504BC6EFA0A42AB23932F0EB04EEFB2645A30B6C3D9B4F9D3863B61700102EE83740DDF42B63A30B2832FA719844AD09BB31401375552DFCC964AF5690BD4CA1392379636E98582F7ED688E20CD9A80C6B46F0B7B35360AA8E7526E4B1AD7D4517908D1B8956CECB8A389DD14E15977638670EC66972ABBBE95A000154E487C0DDB0E8393823A2B5C0C0364A5CC016193618771B3EC7D2B0BCD48942C1F"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\BinarySense\hldasvc.exe
c:\program files (x86)\Common Files\BinarySense\hldasvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Celkový čas: 2011-01-13 19:41:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-13 18:41
ComboFix2.txt 2011-01-13 17:44
ComboFix3.txt 2011-01-13 17:02

Před spuštěním: Volných bajtů: 204 576 206 848
Po spuštění: Volných bajtů: 204 476 157 952

- - End Of File - - EFC2060520CE6B2F1C265D397E57EFB2

[memphisto]

Tak ještě trochu potrápíme ...

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\SysWow64\ISSRemoveSP.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[quinter]

ComboFix 11-01-12.04 - Tony 14.01.2011 11:34:16.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4061.2995 [GMT 1:00]
Spuštěný z: c:\users\Tony\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tony\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-14 do 2011-01-14 )))))))))))))))))))))))))))))))
.

2011-01-14 10:37 . 2011-01-14 10:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-14 10:37 . 2011-01-14 10:37 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-01-13 19:21 . 2011-01-13 19:21 -------- d-----w- c:\users\Tony\AppData\Local\2K Games
2011-01-12 11:53 . 2011-01-12 11:53 -------- d-----w- c:\users\Tony\AppData\Roaming\Avira
2011-01-12 11:52 . 2011-01-12 11:52 -------- d-----w- c:\programdata\Avira
2011-01-12 11:52 . 2011-01-12 11:52 -------- d-----w- c:\program files (x86)\Avira
2011-01-12 11:52 . 2010-12-13 07:40 83120 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-01-12 11:52 . 2010-12-13 07:40 116568 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-01-12 10:35 . 2011-01-12 10:35 -------- d-----w- c:\users\Tony\AppData\Local\ATI
2011-01-12 07:55 . 2010-04-28 10:32 932384 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2011-01-12 07:55 . 2010-04-27 00:23 1103904 ----a-w- c:\windows\system32\drivers\rtl8192se.sys
2011-01-12 07:55 . 2010-04-08 09:07 612352 ----a-w- c:\windows\system32\drivers\rtl819xp.sys
2011-01-12 07:55 . 2010-04-01 13:01 442368 ----a-w- c:\windows\system32\drivers\rtl8187Se.sys
2011-01-12 07:55 . 2009-02-05 01:49 451072 ------w- c:\windows\SysWow64\ISSRemoveSP.exe
2011-01-12 07:11 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 07:11 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 07:11 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 07:11 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 07:11 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 07:11 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-01-12 07:11 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-01-12 07:11 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-01-12 07:11 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-01-12 07:11 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-01-10 18:51 . 2011-01-10 18:51 -------- d-----w- c:\programdata\ATI
2011-01-10 18:51 . 2011-01-10 18:51 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-01-10 18:50 . 2011-01-10 18:51 -------- d-----w- c:\program files\ATI Technologies
2011-01-10 18:27 . 2011-01-10 18:27 -------- d-----w- c:\program files\ATI
2011-01-10 17:58 . 2011-01-10 18:37 -------- d-----w- c:\program files (x86)\Driver Sweeper
2010-12-23 14:07 . 2010-12-23 14:07 -------- d-----w- C:\extensions

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-14 10:31 . 2010-12-04 17:32 4484 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-01-13 12:30 . 2009-12-22 00:44 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-01-13 12:30 . 2009-12-22 00:44 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-01-13 12:29 . 2009-12-22 00:44 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-01-08 20:03 . 2009-12-22 00:44 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2010-12-20 17:09 . 2010-03-12 21:29 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-20 17:08 . 2009-12-22 17:57 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-19 09:41 . 2009-12-21 10:43 270720 ------w- c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((( SnapShot@2011-01-13_17.00.37 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-21 13:14 . 2011-01-14 10:29 81474 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-01-14 10:29 54968 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-12-20 19:14 . 2011-01-14 10:29 29220 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4154602735-317559753-901735074-1000_UserData.bin
+ 2009-12-20 14:53 . 2011-01-13 18:18 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-12-20 14:53 . 2011-01-12 12:29 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-05 15:04 . 2011-01-12 12:29 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-05 15:04 . 2011-01-13 18:18 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-01-12 12:29 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-01-13 18:18 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-20 16:11 . 2011-01-13 16:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-20 16:11 . 2011-01-14 10:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-12-20 16:11 . 2011-01-14 10:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-12-20 16:11 . 2011-01-13 16:56 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-01-13 16:49 . 2011-01-13 16:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-14 10:38 . 2011-01-14 10:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-01-14 10:38 . 2011-01-14 10:38 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-01-13 16:49 . 2011-01-13 16:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-20 16:27 . 2011-01-13 17:56 499412 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2011-01-13 13:27 402396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-01-14 10:37 402396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34 . 2011-01-12 12:29 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-07-14 02:34 . 2011-01-13 18:51 10223616 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Tony\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-12-04 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-29 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]

c:\users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R3 cpuz130;cpuz130;c:\users\Tony\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
R3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;c:\windows\system32\DRIVERS\hidusbf.sys [2010-02-06 7808]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-24 1255736]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-21 834544]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-29 203264]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 450048]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TosReelTimeMonitor"="%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Teco"="%ProgramFiles%\TOSHIBA\TECO\Teco.exe" [BU]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
"SmartFaceVWatcher"="%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe" [BU]
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe" [BU]
"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {B15D64A5-DCE2-47E7-81BC-1B0F3ABBF2BB} = 213.180.32.2,213.180.33.225
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-4154602735-317559753-901735074-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D88B2C64-B12F-8690-6132-451BF5CC1CD8}*]
@Allowed: (Read) (RestrictedCode)
"jadnecnfkgmnjnoladko"=hex:62,61,70,6f,00,33
"jadnecnfkgmnjnoladgo"=hex:62,61,67,6f,00,33
"iadmamkpeihddibjhg"=hex:6b,61,6f,6f,70,6b,6b,6a,6b,63,69,6d,6c,68,61,65,6c,70,
64,68,62,69,00,00

[HKEY_USERS\S-1-5-21-4154602735-317559753-901735074-1000\Software\SecuROM\License information*]
"datasecu"=hex:37,f6,f9,b7,7a,87,22,d5,ed,03,4a,0d,25,63,d8,cc,f7,22,a7,32,82,
5c,e2,2a,88,03,2d,1a,03,53,1f,a7,18,67,33,1b,22,46,95,b2,e8,3c,ba,d4,8e,b2,\
"rkeysecu"=hex:e8,0d,1f,57,93,a9,b8,82,70,36,e4,c4,94,46,7c,e6

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_10_2_161_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="01DF18302C1134048DD3A716B9B14EA06426B7B4BF8F94964E5E08D0DAA0C36AB5F01A48E46EE107D43558F550145D6DB761AAA9CBBC7CEF8716BC2040BF9677B1FE29201343A065D605F097C5F68BF70885B84B57D36FC85BA6E02101FA8752C7346C6C40960192D98B325329D0152B341E5FBE945D76A65B7ED2E0968B8DB9DC7C3B4247718524B9D6906A5A9D29172AF9510D89648DB22ECAA0504A2D908E6C88239CD8E0A4D5E43A3601905C6CEE6EACF52312F827BA0B038EC5BD20F1D8845063D9FB76FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D9DB7CE019D40AA5CBA7FD869164D6794B7CF4EAA46FBBB29B5C1BB8E4A6CE00E59E4F7EA76B9C9B0FA87A8279BE2099554942564E6AE79BAC366141F033404BFD597DFE08D873A9C21F374F558E140637370514805ED019D5137E830E3133A2DBA3F536E295B564552784C2472E50FF03F8904E29CE6E9AAF294404EE3BE037EAC13CEC2DE169FC5DEC5419EBC189C6954280286DBAC21BDB2FDB3C9B0512CE1C16E5FD0F8FA6C3C8AAE7698BC03E27C44B8264327326538101B71B8ABCA5C890550A84DF3B0E44B0D2A260AAD1AB2DD134CDB7597D2CAFEFBB53D73E60C8B2BF55B64338243091B93569A2E7EB0AC463A98A6B675CA39F95C3A6B97AC5C077F0656DABF8921A8D43D713503D0FDC86F27759967423C6B150B3C6706F9666FC41EAC6D76229E6A279D606ACBFB9ED11939DF5F2CB1AC73C35771AF647D36B8BC996C0E9B99F348453D2A42128993E609C779B4ED2B04B2770333D51C1DC1AC2D46C9C43BF2BA906698F9D79EB9C179841B076B57C99162AB42FE0059F0DC67DFE61A2CA2E272E2C31F23DD01FC71D058EFF1E859DC850EDA41F7E80D4643DAA133D874E35280B61C3695168C7B4D0854F645A4A7E8F594069CE25F6E1C92CA445626DF56DFA9D534346B5AD78E680ECC5534AD3BA45CABB2E62AC4F3284D4F1EEEC2C6125C1CDDCFE4DF173F45B4A597A411A4507B155969A65C105D52D956098F9793F64DE3403C89D2CAE1628C6590F1573FE58C62F936552A4B2AB703A161C0ADC626ECF7C246D5490C225BAA3798BC2247402D693DAAE169141F28F6C20A7CB5718628AD80C071698127DCB05C137C3397E763B427D92C161D46A9C72668B1023D41A0BFE4837880E75C4323646797EF252AEAAF105E0C4B2D6D726D86E5C308E3C52CCFB368FBFC10F0A2E938016E5FF11534AC22D2CBCC1EA4F040746F0AE435C5D3DF81CDFEF4DD5840D091CF4E3098FEE1E1DDD9A780DDC1C50055F74E5615B6D4D73817F89DC84918098047FE33C5FECAE69716536E70DC43CD62F4503FF8D32182172AD7555F3E572766DE385C3C707C3BF633F3C6"
"OODEFRAG14.00.00.01PROFESSIONAL"="0F4D02330B013A488595D04CDB53A9A45B919ED87EF3717BC70568A84F829CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555BA7FD869164D6794BA7FD869164D6794656865088A56E9C2DF2EC65BFE3F5F6B8B89B90FDCC6AFEDB3D47A1104F3579D8B0587D245C9F140F4CCAD2FD273AE349B59E5CE048611235B13FE23DECC8A41F8F61CF201A8DC252CFB8172497CCCA5F50B306F5E30A9CD4A05D18B773A2160885777870640E068C324A21A1EC8105DDB79A6603CF28DD6E596CFD1524A0B4AE24263D0AD23ED62CA326AC11F0B02DFE302CF340142810B6AB6CBA289D26BB689591FB666252154A699A227AEB7DE93F68823A5A6550299645A094F4AEA99BCCF41DBC1B3DFD05D114F8BAF470A19C452F20B8EB7A7BB1839F8C0CCD46F225CDDA1BF9FA9310407954CD6DFF081D622882CE86E5577917E1E8C20337E01C3742FA664A3F3397A39950FABE4CDDCF03F00A3116BB3C81A299D954940B182F14C92045943D05D2144C499258B0F26759471CA4BCB9BE12158979850D4EA9B540DAD6A1F9791469ED92DEE53C67C25A47BEB18D2FBE8CEA3B1BD9DBEF4BBBBC643F6162D5F9EE1CB90AB9C38AEF0E7F4B4CE07588B0BDD54BB982E8FCBC88E58DFB941EBFBEF61B2E0702DCA7DDD41116452967F2E07A29AE380DBB6A3CC8CCC3A972D3A7394B9162C80B47713C348D38F00C8E0BC75F390FAA5B818ED13EA9A8A049E696FAF24E9B3B3469BF03B55D0243324883382EE05B30BDD0C417E26706EC45FC03F761D571EB7FC8A3FEF084D6FA0B375AF6EEE792986E660540400A9E777B979D233E6B8F48D778C47A041C1A64D061D770C1A25D544725606AB7B5DDA0B804240C506A0A60AD55BF99F28DCE0912EE6F2C55772194125A1561560D0914407BBC31EC3D306D53DA5E856267F979CC12FAC96D0013AD1256C696FBB0039B9A6FC3844AC4AC96D59904BBE6A40ACEFDB44D51076A1DF1C20538901DC1B64583B112251922F8C21D5317BE7666762619C6CC055FA5B171BC368A223D88586DEA6F226F30B64CB16E69279F55072DF99A35EE61E55E84F9C45AF46C207D5FAE14C180D6F6E7EEAC5BE34679EA21431989A47E339C039DD455BA1A8E00459FCC896E3C6985AC5AE7C990A8CAF9A30C52EA946F504BC6EFA0A42AB23932F0EB04EEFB2645A30B6C3D9B4F9D3863B61700102EE83740DDF42B63A30B2832FA719844AD09BB31401375552DFCC964AF5690BD4CA1392379636E98582F7ED688E20CD9A80C6B46F0B7B35360AA8E7526E4B1AD7D4517908D1B8956CECB8A389DD14E15977638670EC66972ABBBE95A000154E487C0DDB0E8393823A2B5C0C0364A5CC016193618771B3EC7D2B0BCD48942C1F"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\BinarySense\hldasvc.exe
c:\program files (x86)\Common Files\BinarySense\hldasvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Celkový čas: 2011-01-14 11:43:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-14 10:43
ComboFix2.txt 2011-01-13 18:41
ComboFix3.txt 2011-01-13 17:44
ComboFix4.txt 2011-01-13 17:02

Před spuštěním: Volných bajtů: 204 504 113 152
Po spuštění: Volných bajtů: 204 384 505 856

- - End Of File - - E11AD67B85329444A9217D58BE063753

[quinter]

Já teda nevim, ale po tom restartu mi vždycky zmizí IP adresa výchozí brány,nejde internet a nejde mi zapnout antivir Avira, když kliknu na ikonku v system tray, vyskočí na mě hláška: onDblClick() failed

nejde spustit ani konfiguraci, ani update, nic žádná odezva od antiviru
Start PC se taky zpomalil, nevím jestli to je těmi opravami ComboFixu, nebo defragmentací, kterou jsem nedávno provedl (defragmentátor windows 7), je to zvláštní, ale je to tak. Dříve PC naskočil po zadání hesla na plochu rychleji než teď. a Programy po spuštění se taky déle načítají, je to celý nějaký divný

tady je ten odkaz

http://www.virustotal.com/file-scan/rep ... 1295002441

[memphisto]

Combofixem to nebude. Buď máš totálně nabořený systém a nebo hodně dobře schovaného šmejda a nebo ti to všechno něco blokuje (firewall). V první řadě zkus ale obnovu systému

[quinter]

Ono to po restaru jde zase normálně, ale po tom restartu co dělá combofix to blbne, teď už vše nejspíš funguje jak má.
Je to tedy z vaší strany všechno?

[memphisto]

Může se stát, že CF jednou hrábne a smázne, co nemá, ale je to vidět v logu a dá se to jednoduše opravit. Je to přece jen program. V tomto případě ale nic nemazal a neměnil, takže spíše jen nějaká kolize ovladačů či jiného SW. Každopádně, pokud se PC chová normálně, tak to můžeš uzavřít. Kdyby byl problém, tak můžeš kdykoliv napsat znovu