Při každém spuštění windowsů mi vyskočí okénko wssetup.exe Vyřešeno

[KamilaS]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-13 11:28:05
-----------------------------
11:28:05.723 OS Version: Windows 6.1.7601 Service Pack 1
11:28:05.723 Number of processors: 2 586 0x2A07
11:28:05.725 ComputerName: PAKSZABOVY-PC UserName:
11:28:07.174 Initialize success
11:30:55.716 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:30:55.719 Disk 0 Vendor: WDC_WD10 15.0 Size: 953869MB BusType: 3
11:30:55.803 Disk 0 MBR read successfully
11:30:55.805 Disk 0 MBR scan
11:30:55.808 Disk 0 Windows 7 default MBR code
11:30:55.811 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 945863 MB offset 2048
11:30:55.832 Disk 0 Partition 2 00 27 Hidden NTFS WinRE NTFS 8000 MB offset 1937129472
11:30:55.837 Disk 0 scanning sectors +1953513472
11:30:55.885 Disk 0 scanning C:\Windows\system32\drivers
11:30:59.967 Service scanning
11:31:07.609 Modules scanning
11:31:12.696 Disk 0 trace - called modules:
11:31:12.710 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll nvlddmkm.sys dxgkrnl.sys dxgmms1.sys
11:31:12.715 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87b57030]
11:31:12.721 3 CLASSPNP.SYS[8c3af59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86062028]
11:31:12.727 Scan finished successfully
11:31:27.264 Disk 0 MBR has been saved successfully to "C:\Users\P. a K. Szabovy\Desktop\MBR.dat"
11:31:27.268 The log file has been saved successfully to "C:\Users\P. a K. Szabovy\Desktop\aswMBR.txt"

[Reklama]

[KamilaS]

tak doufám že jsem to nějak zvládla. stejně ale nevím. to všechno kvůli jedné "pitomé" tabulce? nebo jsem dostala to privilegium a pročistili jste mi pc? děkuju kamila

[jaro3]

děláme to důkladně

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Xvid] C:\Program Files\Xvid\CheckUpdate.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab


Ještě jeden script v CF:

Kód: Vybrat vše

KillAll::

Firefox::
FF - ProfilePath - c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\
FF - ExtSQL: 2013-05-01 11:07; ascsurfingprotection@iobit.com; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2013-05-31 09:39; vvzlczx@hroam.net; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\vvzlczx@hroam.net
FF - ExtSQL: 2013-05-31 09:39; uayi032s@uia.net; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\uayi032s@uia.net
FF - ExtSQL: 2013-05-31 09:39; rsusksw@uoiyue.edu; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\rsusksw@uoiyue.edu
FF - ExtSQL: 2013-05-31 09:39; oeeo-i@dxhf-.net; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\oeeo-i@dxhf-.net
FF - ExtSQL: 2013-06-04 04:56; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF
FF - ExtSQL: !HIDDEN! 2011-11-23 13:07; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[KamilaS]

nějaký "ben" založil stejné téma nade mnou......no ale já jsem lama proto že nevím jak se odpojit od internetu, kontaktovala jsem i člověk od mého providera a ani on neví jak se mám odpojit od netu, když jsem měla ještě xp tak jsem to věděla ale teď mám vážně wokno, prominte, poradte prosím, mám win 7, zkoušela jsem to přes ovl. panely, sítová připojení..

[jaro3]

stačí odpojit kabel do sít. karty.

[KamilaS]

to je snadný : )

[KamilaS]

ComboFix 13-06-13.01 - P. a K. Szabovy 14.06.2013 11:42:47.5.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3319.2297 [GMT 2:00]
Spuštěný z: c:\users\P. a K. Szabovy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\P. a K. Szabovy\Desktop\cfscript3.txt
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\_ctypes.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\_elementtree.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\_hashlib.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\_multiprocessing.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\_socket.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\_ssl.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\pyexpat.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\pysqlite2._sqlite.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\python27.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\pythoncom27.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\PyWinTypes27.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\select.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\unicodedata.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\win32api.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\win32com.shell.shell.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\win32crypt.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\win32event.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\win32file.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\win32inet.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\win32pdh.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\win32process.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\win32profile.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\win32security.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\win32ts.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\windows._cacheinvalidation.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wx._controls_.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\wx._core_.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\wx._gdi_.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\wx._html2.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\wx._misc_.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wx._windows_.pyd
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wx._wizard.pyd
c:\users\P. a K. Szabovy\AppData\Local\Temp\_MEI38722\wxbase294u_net_vc90.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wxbase294u_vc90.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wxmsw294u_adv_vc90.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wxmsw294u_core_vc90.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wxmsw294u_html_vc90.dll
c:\users\P. a K. Szabovy\AppData\Local\temp\_MEI38722\wxmsw294u_webview_vc90.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\_ctypes.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\_elementtree.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\_hashlib.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\_multiprocessing.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\_socket.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\_ssl.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\pyexpat.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\pysqlite2._sqlite.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\python27.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\pythoncom27.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\PyWinTypes27.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\select.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\unicodedata.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32api.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32com.shell.shell.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32crypt.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32event.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32file.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32inet.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32pdh.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32process.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32profile.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32security.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\win32ts.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\windows._cacheinvalidation.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._controls_.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._core_.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._gdi_.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._html2.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._misc_.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._windows_.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wx._wizard.pyd
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wxbase294u_net_vc90.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wxbase294u_vc90.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wxmsw294u_adv_vc90.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wxmsw294u_core_vc90.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wxmsw294u_html_vc90.dll
c:\users\PAK~1.SZA\AppData\Local\Temp\_MEI38722\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-14 do 2013-06-14 )))))))))))))))))))))))))))))))
.
.
2013-06-14 09:49 . 2013-06-14 09:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-06-14 09:49 . 2013-06-14 09:49 -------- d-----w- c:\users\UpdatusUser.PaKSzabovy-PC\AppData\Local\temp
2013-06-14 09:49 . 2013-06-14 09:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-06-14 09:49 . 2013-06-14 09:49 -------- d-----w- c:\users\PAK~1~SZA\AppData\Local\temp
2013-06-14 09:49 . 2013-06-14 09:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-13 09:09 . 2013-06-14 09:51 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Local\temp
2013-06-12 20:33 . 2013-06-08 11:41 218112 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-06-12 20:33 . 2013-06-08 11:13 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-12 15:26 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-06-12 15:25 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 15:25 . 2013-05-13 04:45 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 15:25 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 15:25 . 2013-05-13 04:45 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 15:25 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 15:25 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 15:25 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 15:25 . 2013-05-06 05:06 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 15:25 . 2013-05-06 05:06 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 15:25 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-12 15:25 . 2013-05-08 05:38 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-11 20:01 . 2013-06-11 20:02 237 ----a-w- c:\windows\DeleteOnReboot.bat
2013-06-11 19:08 . 2013-06-11 19:08 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\Avira
2013-06-11 19:03 . 2013-06-11 19:03 66656 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-06-11 19:02 . 2013-06-11 19:00 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-06-11 19:02 . 2013-06-11 19:00 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-06-11 19:02 . 2013-06-11 19:00 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-06-11 19:02 . 2013-06-11 19:02 -------- d-----w- c:\programdata\Avira
2013-06-11 19:02 . 2013-06-11 19:02 -------- d-----w- c:\program files\Avira
2013-06-11 18:28 . 2013-06-11 18:28 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\Malwarebytes
2013-06-11 18:27 . 2013-06-11 18:27 -------- d-----w- c:\programdata\Malwarebytes
2013-06-11 18:27 . 2013-06-11 18:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-11 18:27 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-11 18:05 . 2013-06-11 18:05 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Local\Adobe
2013-06-10 15:20 . 2013-06-10 15:20 -------- d-----w- c:\program files\Trend Micro
2013-06-08 19:18 . 2013-06-08 19:19 -------- d-----w- c:\program files\Farmscapes Collector's Edition
2013-06-08 18:57 . 2013-06-08 18:57 -------- d-----w- c:\program files\Barn Yarn
2013-06-08 08:45 . 2013-06-08 08:45 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-06-08 08:45 . 2013-06-08 08:45 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-06-05 14:58 . 2013-06-08 08:48 -------- d-----w- c:\users\P. a K. Szabovy\PŘEMĚNĚNÉ SOUBORY
2013-06-05 13:45 . 2013-06-05 13:45 802136 ----a-w- c:\program files\uTorrent.exe
2013-06-05 13:43 . 2013-06-08 20:35 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\uTorrent
2013-06-04 03:52 . 2013-06-04 03:52 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Local\Programs
2013-06-03 16:28 . 2013-06-03 16:28 -------- d-----w- c:\program files\Imikimi
2013-06-03 14:51 . 2013-06-03 14:52 -------- d-----w- c:\program files\Gardenscapes 2 Collector's Edition
2013-06-02 13:12 . 2013-06-02 13:12 -------- d-----w- c:\windows\system32\jmdp
2013-06-02 13:12 . 2013-06-02 13:12 -------- d-----w- c:\windows\system32\ARFC
2013-06-02 13:12 . 2013-05-21 13:31 1167152 ----a-w- c:\windows\system32\dmwu.exe
2013-06-02 13:12 . 2013-05-21 13:28 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-06-02 13:12 . 2013-02-05 07:25 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-06-02 13:12 . 2013-02-05 07:25 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-06-02 13:12 . 2013-02-05 07:25 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-06-01 17:19 . 2013-06-01 17:19 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\Playrix Entertainment
2013-06-01 17:19 . 2013-06-01 17:19 -------- d-----w- c:\program files\Games
2013-05-29 14:25 . 2011-05-30 13:42 240640 ----a-w- c:\windows\system32\xvidvfw.dll
2013-05-29 14:25 . 2011-05-23 09:52 153088 ----a-w- c:\windows\system32\xvid.ax
2013-05-29 14:25 . 2011-05-23 07:46 645632 ----a-w- c:\windows\system32\xvidcore.dll
2013-05-28 10:44 . 2013-05-28 11:15 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\Systweak
2013-05-26 14:22 . 2013-05-26 14:22 -------- d-----w- c:\program files\Winter Olympics
2013-05-26 13:32 . 2013-05-26 13:32 -------- d-----w- c:\program files\CIGLER SOFTWARE
2013-05-26 13:32 . 2013-05-26 13:33 -------- d-----w- c:\programdata\CIGLER SOFTWARE
2013-05-26 13:32 . 2013-05-26 13:33 -------- d-----w- c:\program files\Common Files\CIGLER SOFTWARE
2013-05-21 12:18 . 2013-05-21 12:18 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\Friday's games
2013-05-21 08:44 . 2013-05-21 08:44 -------- d-----w- c:\programdata\StarApp
2013-05-21 08:44 . 2013-05-21 08:44 -------- d-----w- c:\programdata\BetterSoft
2013-05-20 12:41 . 2013-05-20 12:41 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\Python-Eggs
2013-05-20 12:40 . 2013-05-21 08:38 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\BitLord
2013-05-20 12:36 . 2013-05-21 08:37 -------- d-----w- c:\program files\BitLord 2
2013-05-20 12:34 . 2013-05-21 07:58 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\HoolappForAndroid
2013-05-18 11:21 . 2013-05-18 11:21 -------- d-----w- c:\users\P. a K. Szabovy\AppData\Roaming\iPumper
2013-05-17 12:01 . 2013-05-17 12:01 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-05-15 17:58 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 17:58 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 17:58 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 17:58 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 17:58 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 17:58 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 17:58 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 17:58 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 19:26 . 2012-04-21 05:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 19:26 . 2011-11-15 13:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-11 04:26 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:28 . 2011-11-15 13:55 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-30 08:28 . 2013-04-30 08:28 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 08:28 . 2013-04-30 08:28 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-30 08:28 . 2013-04-30 08:28 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 08:28 . 2013-04-30 08:28 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-30 08:28 . 2013-04-30 08:28 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-30 08:28 . 2013-04-30 08:28 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-30 08:28 . 2013-04-30 08:28 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-30 08:28 . 2013-04-30 08:28 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-30 08:28 . 2013-04-30 08:28 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-30 08:28 . 2013-04-30 08:28 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-30 08:28 . 2013-04-30 08:28 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-30 08:28 . 2013-04-30 08:28 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-30 08:28 . 2013-04-30 08:28 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-30 08:28 . 2013-04-30 08:28 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-30 08:28 . 2013-04-30 08:28 361984 ----a-w- c:\windows\system32\html.iec
2013-04-30 08:28 . 2013-04-30 08:28 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-30 08:28 . 2013-04-30 08:28 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-19 10:14 . 2013-04-19 10:15 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-19 10:14 . 2012-09-14 05:59 866720 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-04-19 10:14 . 2012-02-23 16:28 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-17 18:20 . 2012-12-15 09:50 23872 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2013-04-13 04:45 . 2013-05-15 17:58 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 17:58 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-24 06:46 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-23 01:09 . 2013-03-23 01:09 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2013-03-19 04:48 . 2013-04-16 09:55 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-16 09:55 69632 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 14:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Xvid"="c:\program files\Xvid\CheckUpdate.exe" [2011-01-17 8192]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2013-04-16 19662744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-07-07 10754664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-04-15 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-06-11 345312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2012-07-27 49016]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2010-10-19 41088]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-12-15 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-12-15 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-12-15 27136]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-15 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-06-11 37352]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-06-11 86752]
S2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-06-11 562744]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-05 19:08 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 19:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: servis24.cz\www
TCP: DhcpNameServer = 176.107.120.35 176.107.120.42
FF - ProfilePath - c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\
FF - ExtSQL: 2013-05-31 09:39; vvzlczx@hroam.net; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\vvzlczx@hroam.net
FF - ExtSQL: 2013-05-31 09:39; uayi032s@uia.net; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\uayi032s@uia.net
FF - ExtSQL: 2013-05-31 09:39; rsusksw@uoiyue.edu; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\rsusksw@uoiyue.edu
FF - ExtSQL: 2013-05-31 09:39; oeeo-i@dxhf-.net; c:\users\P. a K. Szabovy\AppData\Roaming\Mozilla\Firefox\Profiles\jdxx4i86.default\extensions\oeeo-i@dxhf-.net
FF - ExtSQL: 2013-06-04 04:56; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF
FF - ExtSQL: !HIDDEN! 2011-11-23 13:07; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-06-14 11:53:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-14 09:53
ComboFix2.txt 2013-06-13 09:13
ComboFix3.txt 2013-06-12 08:36
ComboFix4.txt 2013-02-18 08:58
ComboFix5.txt 2013-06-14 09:36
.
Před spuštěním: Volných bajtů: 422 656 258 048
Po spuštění: Volných bajtů: 422 231 216 128
.
- - End Of File - - 3668E0E4D22FAF4E4E05B3E78083847B
A36C5E4F47E84449FF07ED3517B43A31

[KamilaS]

co mám dělat, když se mi vytvořila znovu složka P. a K. Szabovy, ve které je - videa, obrázky, dokumenty. já už to v pc jednou mám standartně vytvořené windowsem, můžu to smazat, je to na ploše? děkuju

[KamilaS]

prosím je to všechno? už se mi tabulka neobjevuje ale co ty logy co jsem sem dala nový, je v nich nějaké rozřešení? a prosím co ta moje druhá složka P. a K. Szabovy? děkuju

[guest]

TO KamilaS, vydrž, jaro prý tu bude zítra.

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC na plochu, spusť jej a klikni na Clean up!

+ Nový log z HJT

Jak se chová PC?

[jaro3]

prosím je to všechno? už se mi tabulka neobjevuje ale co ty logy co jsem sem dala nový, je v nich nějaké rozřešení? a prosím co ta moje druhá složka P. a K. Szabovy? děkuju

pokud se objevila složka s Tvým jménem na ploše , tak ji smaž.

Problémy nejsou?

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.