Zamrzání W7 po chvíli nečinnosti Vyřešeno

[leklaryba]

Čau, už nějakou dobu mi PC děla fakt otravnou věc, vždy když na něm chvíli něco nedělám tak mi asi po 10 minutách zhasne monitor (šetří) a když za chvíli přijdu, hejbnu s myší, monitor se rozsvítí, ale myš nikde, hodiny zaseklé na starém času, po chvíli se objeví myš, ale na nic nereaguje, jen s ní jde hýbat, jediné co to rozhejbe je reset, což neni uplně pohodlné, takže vkldádám log, protože mě nenapadá, čím jinym, než havětí by to mohlo být....





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:29, on 5.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
E:\Program Files\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\taskhost.exe
E:\Program Files\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\RelevantKnowledge\rlvknlg.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\Windows\system32\taskeng.exe
C:\Users\uzivatel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [AVG_TRAY] E:\Program Files\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\avgwdsvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8405 bytes

[Reklama]

[Žbeky]

Odinstaluj Daemon a ICQ Toolbar

V HJT fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[leklaryba]

zítra provedu, ale Daemon potřebuju...

[memphisto]

Jenom toolbar a ne celý program

[leklaryba]

Takže tady dávám log z MBAMu, našel 11 infekcí, zatim jsem nic nemazal, Dr. Web Curelt našel 3, ty jsem teda smazal...




Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5688

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6.2.2011 14:26:41
mbam-log-2011-02-06 (14-26-37).txt

Typ kontroly: Rychlý test
Testované objekty: 139620
Uplynulý čas: 5 minut, 56 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 2
Infikované soubory: 8

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
c:\program files\relevantknowledge (Spyware.MarketScore) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> No action taken.

Infikované soubory:
c:\program files\relevantknowledge\nscf.dat (Spyware.MarketScore) -> No action taken.
c:\program files\relevantknowledge\rlls64.dll (Spyware.MarketScore) -> No action taken.
c:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> No action taken.
c:\program files\relevantknowledge\rlvknlg64.exe (Spyware.MarketScore) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> No action taken.

[Žbeky]

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý

[leklaryba]

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 5688

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

6.2.2011 14:48:30
mbam-log-2011-02-06 (14-48-30).txt

Typ kontroly: Rychlý test
Testované objekty: 139430
Uplynulý čas: 3 minut, 56 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


Combo hodim za minutku....



ComboFix 11-02-05.01 - uzivatel 06.02.2011 14:53:26.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1370 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: AVG Anti-Virus 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Dvbpws.dll
c:\windows\system32\logs

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-06 do 2011-02-06 )))))))))))))))))))))))))))))))
.

2011-02-06 13:19 . 2011-02-06 13:19 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Malwarebytes
2011-02-06 13:19 . 2011-02-06 13:19 -------- d-----w- c:\programdata\Malwarebytes
2011-02-06 13:19 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-06 13:19 . 2011-02-06 13:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-06 13:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-06 10:37 . 2011-02-06 10:37 -------- d-----w- c:\users\uzivatel\DoctorWeb
2011-02-05 18:11 . 2011-02-05 20:52 -------- d-----w- C:\Half-Life 2 Episode One
2011-01-28 19:03 . 2011-02-01 15:02 22328 ----a-w- c:\users\uzivatel\AppData\Roaming\PnkBstrK.sys
2011-01-28 18:38 . 2011-01-28 18:38 -------- d-sh--w- c:\windows\ftpcache
2011-01-26 18:47 . 2011-02-02 17:08 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-01-26 18:47 . 2011-02-02 17:06 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-26 18:47 . 2011-01-29 17:14 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-01-26 18:47 . 2011-01-28 18:17 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-01-26 18:47 . 2011-02-02 17:08 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-01-26 18:47 . 2011-01-28 19:57 -------- d-----w- c:\users\uzivatel\AppData\Local\PunkBuster
2011-01-26 18:31 . 2011-01-26 18:31 -------- d-----w- c:\program files\GamePark
2011-01-26 15:50 . 2011-01-26 15:50 -------- d-----w- c:\program files\gBurner
2011-01-23 20:28 . 2009-08-24 21:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-01-23 20:28 . 2011-01-23 20:28 -------- d-----w- c:\program files\Ashampoo
2011-01-19 15:31 . 2011-02-01 15:45 -------- d-----w- C:\Serials
2011-01-17 16:38 . 2011-01-17 16:42 -------- d-----w- C:\Kamera
2011-01-15 15:55 . 2011-01-15 15:55 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-01-11 16:04 . 2011-01-11 16:04 -------- d-----w- c:\program files\Empire Interactive
2011-01-11 16:03 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-01-11 15:41 . 2011-01-11 15:41 -------- d-----w- c:\programdata\InstallShield
2011-01-11 15:37 . 2004-08-09 05:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2011-01-11 15:37 . 2004-08-09 05:03 368640 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2011-01-11 15:37 . 2004-08-09 05:03 512000 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2011-01-11 15:37 . 2004-08-09 05:02 217088 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2011-01-11 15:36 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-01-11 15:36 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-01-11 15:36 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-01-11 15:36 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-01-11 15:36 . 2011-01-11 15:36 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-01-11 15:36 . 2011-01-11 15:36 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-01-10 14:32 . 2011-01-10 14:32 -------- d-----w- c:\users\uzivatel\AppData\Local\Atari
2011-01-10 14:26 . 2011-01-10 14:26 -------- d--h--r- c:\users\uzivatel\AppData\Roaming\SecuROM
2011-01-10 14:26 . 2011-01-10 14:26 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-01-10 14:16 . 2011-01-10 14:16 -------- d-----w- c:\program files\Atari
2011-01-10 14:16 . 2011-01-10 14:16 -------- d-----w- c:\users\uzivatel\AppData\Roaming\gnupg
2011-01-09 16:08 . 2011-01-09 16:08 -------- d-----w- c:\users\uzivatel\AppData\Roaming\VitySoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-10 19:01 . 2010-12-10 19:01 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-10 19:01 . 2010-12-10 19:01 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-08 03:12 . 2010-12-08 03:12 251728 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-11-26 17:00 . 2010-11-26 17:00 15440 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-11-22 20:48 . 2010-11-22 20:48 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-22 20:48 . 2010-11-22 20:48 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-22 20:31 . 2010-11-22 20:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-11-16 11:01 . 2010-11-22 16:05 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EF8B629-349F-467C-8DA1-14013607C7C9}\mpengine.dll
2010-11-12 17:53 . 2010-11-23 17:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 12:19 . 2010-11-12 12:19 299984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-06-09 2920448]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2010-12-08 10811696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="e:\program files\avgtray.exe" [2011-01-07 2747744]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-06-09 101888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0e:\progra~1\avgchsvx.exe /sync\0e:\progra~1\avgrsx.exe /sync /restart

R2 AVGIDSAgent;AVGIDSAgent;e:\program files\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-06 6128720]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 FLASHSYS;FLASHSYS;c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-23 1343400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-22 691696]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
S2 avgwd;AVG WatchDog;e:\program files\avgwdsvc.exe [2010-10-22 265400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [2007-09-19 31744]
S2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 21072]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [2007-09-19 10496]

.
Obsah adresáře 'Naplánované úlohy'

2011-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000Core.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-22 19:29]

2011-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000UA.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-22 19:29]
.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-{B931FB80-537A-4600-00AD-AC5DEDB6C25B} - c:\program files\Electronic Arts\The Lord of the Rings


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3448030452-2636220486-1574536693-1000\Software\SecuROM\License information*]
"datasecu"=hex:6e,19,fa,aa,53,b5,9a,19,bf,2c,41,d0,89,17,5c,a4,83,a5,3e,b7,f7,
f1,93,f5,31,98,cf,46,d5,b4,01,95,ef,7c,df,ea,9f,51,45,97,03,2f,e9,69,f5,52,\
"rkeysecu"=hex:1b,b5,52,6d,b9,b0,2c,c1,55,51,23,8c,25,8e,a7,8c

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-02-06 15:03:28
ComboFix-quarantined-files.txt 2011-02-06 14:03

Před spuštěním: Volných bajtů: 1 117 521 006 592
Po spuštění: Volných bajtů: 1 117 565 833 216

- - End Of File - - 83B6ADA4C5BF9BDC0FD5FD04532BC1FF

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000UA.job

Driver::
FLASHSYS

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=-
"ConsentPromptBehaviorUser"=-
"EnableLUA"=-
"EnableUIADesktopToggle"=-
"PromptOnSecureDesktop"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[leklaryba]

ComboFix 11-02-05.01 - uzivatel 06.02.2011 15:58:33.2.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.2047.1326 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFScript.txt
AV: AVG Anti-Virus 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\program files\MSI\Live Update 4\LU4\FLASHSYS.sys"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000UA.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3448030452-2636220486-1574536693-1000UA.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FLASHSYS
-------\Service_FLASHSYS


((((((((((((((((((((((((( Soubory vytvořené od 2011-01-06 do 2011-02-06 )))))))))))))))))))))))))))))))
.

2011-02-06 15:03 . 2011-02-06 15:06 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2011-02-06 13:19 . 2011-02-06 13:19 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Malwarebytes
2011-02-06 13:19 . 2011-02-06 13:19 -------- d-----w- c:\programdata\Malwarebytes
2011-02-06 13:19 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-06 13:19 . 2011-02-06 13:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-06 13:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-06 10:37 . 2011-02-06 10:37 -------- d-----w- c:\users\uzivatel\DoctorWeb
2011-02-05 18:11 . 2011-02-05 20:52 -------- d-----w- C:\Half-Life 2 Episode One
2011-01-28 19:03 . 2011-02-01 15:02 22328 ----a-w- c:\users\uzivatel\AppData\Roaming\PnkBstrK.sys
2011-01-28 18:38 . 2011-01-28 18:38 -------- d-sh--w- c:\windows\ftpcache
2011-01-26 18:47 . 2011-02-02 17:08 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-01-26 18:47 . 2011-02-02 17:06 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-26 18:47 . 2011-01-29 17:14 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-01-26 18:47 . 2011-01-28 18:17 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-01-26 18:47 . 2011-02-02 17:08 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-01-26 18:47 . 2011-01-28 19:57 -------- d-----w- c:\users\uzivatel\AppData\Local\PunkBuster
2011-01-26 18:31 . 2011-01-26 18:31 -------- d-----w- c:\program files\GamePark
2011-01-26 15:50 . 2011-01-26 15:50 -------- d-----w- c:\program files\gBurner
2011-01-23 20:28 . 2009-08-24 21:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-01-23 20:28 . 2011-01-23 20:28 -------- d-----w- c:\program files\Ashampoo
2011-01-19 15:31 . 2011-02-01 15:45 -------- d-----w- C:\Serials
2011-01-17 16:38 . 2011-01-17 16:42 -------- d-----w- C:\Kamera
2011-01-15 15:55 . 2011-01-15 15:55 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-01-11 16:04 . 2011-01-11 16:04 -------- d-----w- c:\program files\Empire Interactive
2011-01-11 16:03 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2011-01-11 15:41 . 2011-01-11 15:41 -------- d-----w- c:\programdata\InstallShield
2011-01-11 15:37 . 2004-08-09 05:03 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2011-01-11 15:37 . 2004-08-09 05:03 368640 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2011-01-11 15:37 . 2004-08-09 05:03 512000 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2011-01-11 15:37 . 2004-08-09 05:02 217088 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2011-01-11 15:36 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2011-01-11 15:36 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2011-01-11 15:36 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2011-01-11 15:36 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2011-01-11 15:36 . 2011-01-11 15:36 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2011-01-11 15:36 . 2011-01-11 15:36 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2011-01-10 14:32 . 2011-01-10 14:32 -------- d-----w- c:\users\uzivatel\AppData\Local\Atari
2011-01-10 14:26 . 2011-01-10 14:26 -------- d--h--r- c:\users\uzivatel\AppData\Roaming\SecuROM
2011-01-10 14:26 . 2011-01-10 14:26 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-01-10 14:16 . 2011-01-10 14:16 -------- d-----w- c:\program files\Atari
2011-01-10 14:16 . 2011-01-10 14:16 -------- d-----w- c:\users\uzivatel\AppData\Roaming\gnupg
2011-01-09 16:08 . 2011-01-09 16:08 -------- d-----w- c:\users\uzivatel\AppData\Roaming\VitySoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-10 19:01 . 2010-12-10 19:01 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-12-10 19:01 . 2010-12-10 19:01 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-12-08 03:12 . 2010-12-08 03:12 251728 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-11-26 17:00 . 2010-11-26 17:00 15440 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-11-22 20:48 . 2010-11-22 20:48 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-22 20:48 . 2010-11-22 20:48 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-22 20:31 . 2010-11-22 20:31 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-11-16 11:01 . 2010-11-22 16:05 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EF8B629-349F-467C-8DA1-14013607C7C9}\mpengine.dll
2010-11-12 17:53 . 2010-11-23 17:26 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 12:19 . 2010-11-12 12:19 299984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-06-09 2920448]
"BitComet"="c:\program files\BitComet\BitComet.exe" [2010-12-08 10811696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"="e:\program files\avgtray.exe" [2011-01-07 2747744]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-06-09 101888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]

c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-12-17 23343848]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0e:\progra~1\avgchsvx.exe /sync\0e:\progra~1\avgrsx.exe /sync /restart

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-23 1343400]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-22 691696]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver;c:\windows\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
S2 AVGIDSAgent;AVGIDSAgent;e:\program files\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-06 6128720]
S2 avgwd;AVG WatchDog;e:\program files\avgwdsvc.exe [2010-10-22 265400]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
S2 wfcxatun;WinFast TV Analog Tuner Driver;c:\windows\system32\drivers\wfcxatun.sys [2007-09-19 31744]
S2 WFCXVCAP;WinFast TV Video Capture Driver;c:\windows\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 21072]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;c:\windows\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;c:\windows\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver;c:\windows\system32\drivers\wfcxxbar.sys [2007-09-19 10496]

.
.
------- Doplňkový sken -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3448030452-2636220486-1574536693-1000\Software\SecuROM\License information*]
"datasecu"=hex:6e,19,fa,aa,53,b5,9a,19,bf,2c,41,d0,89,17,5c,a4,83,a5,3e,b7,f7,
f1,93,f5,31,98,cf,46,d5,b4,01,95,ef,7c,df,ea,9f,51,45,97,03,2f,e9,69,f5,52,\
"rkeysecu"=hex:1b,b5,52,6d,b9,b0,2c,c1,55,51,23,8c,25,8e,a7,8c
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2228)
c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Altap Salamander 2.5\plugins\salamext.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\progra~1\avgchsvx.exe
e:\progra~1\avgrsx.exe
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
e:\program files\avgnsx.exe
e:\program files\avgemcx.exe
c:\windows\system32\conhost.exe
c:\windows\system32\conhost.exe
e:\program files\avgcsrvx.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-02-06 16:09:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-06 15:09
ComboFix2.txt 2011-02-06 14:03

Před spuštěním: Volných bajtů: 1 116 997 050 368
Po spuštění: Volných bajtů: 1 116 810 633 216

- - End Of File - - 2E85B102E8EF0E2864608E136219B6A9

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Jak se chová PC?

[leklaryba]

Takže všechno hotovo, na omak se PC zdá rychlejší a večer po odpoledním pozorování dám ještě echo jak s tim zamrzáním...každopádně díky za tvůj čas

[leklaryba]

takže PC funguje krásně, díky