Kontrola logu (otravné prokazování že nejsem robot). Vyřešeno

[jaro3]

Spuštěný z: e:\downloads\ComboFix.exe

Přesuň Combofix na plochu!!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::

Driver::
SkypeUpdate
c:\program files (x86)\Skype\Updater

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"=-
"NoActiveDesktopChanges"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Stáhni si Security Check by screen317 z některého odkazu
http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

[Reklama]

[ymorduur]

S tím Combofixem jsem to udělal jak si napsal, ale zase nějaký unable hlášky a errory. Pak ten Combofix restartoval PC, ale log to asi neudělalo.

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-08-18 22:34:10
-----------------------------
22:34:10.376 OS Version: Windows x64 6.1.7601 Service Pack 1
22:34:10.376 Number of processors: 8 586 0x3A09
22:34:10.376 ComputerName: YMORDUUR-PC UserName: ymorduur
22:34:10.486 Initialize success
22:34:10.532 AVAST engine defs: 13081801
22:34:14.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:34:14.136 Disk 0 Vendor: M4-CT128M4SSD2 000F Size: 122104MB BusType: 11
22:34:14.136 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
22:34:14.136 Disk 1 Vendor: ST1000DM003-1CH162 CC46 Size: 953869MB BusType: 11
22:34:14.152 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-3
22:34:14.152 Disk 2 Vendor: SAMSUNG_HD154UI 1AG01118 Size: 1430799MB BusType: 11
22:34:14.152 Disk 0 MBR read successfully
22:34:14.167 Disk 0 MBR scan
22:34:14.167 Disk 0 Windows 7 default MBR code
22:34:14.167 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:34:14.167 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 122002 MB offset 206848
22:34:14.183 Disk 0 scanning C:\Windows\system32\drivers
22:34:15.431 Service scanning
22:34:18.317 Modules scanning
22:34:18.317 Disk 0 trace - called modules:
22:34:18.332 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:34:18.332 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006f4b790]
22:34:18.332 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006ca1680]
22:34:18.473 AVAST engine scan C:\Windows
22:34:18.722 AVAST engine scan C:\Windows\system32
22:34:41.077 AVAST engine scan C:\Windows\system32\drivers
22:34:42.403 AVAST engine scan C:\Users\ymorduur
22:34:45.398 AVAST engine scan C:\ProgramData
22:34:49.174 Scan finished successfully
22:34:58.549 Disk 0 MBR has been saved successfully to "C:\Users\ymorduur\Desktop\MBR.dat"
22:34:58.565 The log file has been saved successfully to "C:\Users\ymorduur\Desktop\aswMBR.txt"




Security Check taky házel chyby, nakonec to nějaký log udělalo.

Results of screen317's Security Check version 0.99.72
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 11.7.700.224
Adobe Reader XI
Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

[ymorduur]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:50:19, on 18.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\ExMgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Miranda IM\miranda32.exe
C:\Users\ymorduur\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ATLMonitorService - Cmedia Electronics Inc - C:\Windows\system\MonitorService.exe
O23 - Service: ATLOISAService - Cmedia Electronics Inc. - C:\Windows\system\ATLOISAService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8464 bytes

[jaro3]

Přeinstaluj si Avast.

udělej znovu sken Combofixu a dej log.

[ymorduur]

Avast jsem přeinstaloval. Výsledek je stejný. Už při instalaci to hlásí, že nemůže vytvořit některé soubory jako ERDNT.INF. Potom při vyhledávání nakažených souborů Windows nemůže najít položku NIRCMD.EXE a další chyby s tím erdnt.
Naonec nějaký log vyskočil.

Tohle asi nikam nepovede. Ten opisování textu pořád občas naskakuje.


ComboFix 13-08-19.01 - ymorduur 19.08.2013 12:10:32.4.8 - x64
Spuštěný z: c:\users\ymorduur\Desktop\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-19 do 2013-08-19 )))))))))))))))))))))))))))))))
.
.
2013-08-19 10:14 . 2013-08-19 10:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-19 09:22 . 2013-08-19 09:22 -------- d-----w- c:\program files (x86)\Origin Games
2013-08-19 09:21 . 2013-08-19 09:21 -------- d-----w- c:\users\ymorduur\AppData\Local\Origin
2013-08-19 09:20 . 2013-08-19 10:01 -------- d-----w- c:\program files (x86)\Origin
2013-08-19 09:14 . 2013-08-19 09:14 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-19 09:14 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-19 09:13 . 2013-08-19 09:14 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-19 09:13 . 2013-08-19 09:14 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-19 09:13 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-19 09:13 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-19 09:13 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-19 09:13 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-19 09:13 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-08-19 09:06 . 2013-08-19 09:06 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-08-19 08:49 . 2013-08-19 08:49 -------- d--h--w- C:\VTRoot
2013-08-19 06:08 . 2013-08-19 06:08 -------- d-----w- c:\users\ymorduur\AppData\Local\Criterion Games
2013-08-18 15:45 . 2013-08-18 15:45 -------- d-----w- c:\windows\ERUNT
2013-08-18 14:09 . 2013-08-18 14:09 -------- d-----w- c:\users\ymorduur\AppData\Local\ATI
2013-08-17 18:28 . 2013-08-17 18:28 -------- d-----w- c:\program files (x86)\Trend Micro
2013-08-17 07:33 . 2013-08-17 07:33 -------- d-----w- c:\users\ymorduur\AppData\Roaming\Malwarebytes
2013-08-17 07:33 . 2013-08-17 07:33 -------- d-----w- c:\programdata\Malwarebytes
2013-08-17 07:29 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{778E52CC-F684-4A6A-B0F5-D1A8E9C3DD13}\mpengine.dll
2013-08-13 12:50 . 2013-08-13 12:50 -------- d-----w- c:\program files (x86)\Dolby Home Theater v4
2013-08-13 12:50 . 2013-08-13 12:50 -------- d-----w- c:\programdata\FaceLift
2013-08-13 12:43 . 2012-05-18 14:03 492032 ----a-w- c:\windows\system32\DTSAPO_PSPhase2LFX.dll
2013-08-13 12:43 . 2013-01-25 15:41 948736 ----a-w- c:\windows\system32\CMAPOMain.dll
2013-08-13 12:43 . 2012-12-25 14:53 62464 ----a-w- c:\windows\system32\drivers\CMHDAudioV64.sys
2013-08-13 12:43 . 2012-11-27 12:53 80896 ----a-w- c:\windows\system32\CMEffectPropPage.dll
2013-08-13 12:43 . 2012-11-27 12:53 63488 ----a-w- c:\windows\system32\CMEffectLFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 58368 ----a-w- c:\windows\system32\CMMicEffectLFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 68096 ----a-w- c:\windows\system32\CMEffectGFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 1256448 ----a-w- c:\windows\system32\CMDolby.dll
2013-08-13 12:43 . 2012-11-27 12:53 799232 ----a-w- c:\windows\system32\CMXearVoClear.dll
2013-08-13 12:43 . 2012-11-27 12:53 710656 ----a-w- c:\windows\system32\CMXearSingFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 830464 ----a-w- c:\windows\system32\CMXearLiving10.dll
2013-08-13 12:43 . 2012-11-27 12:53 1947136 ----a-w- c:\windows\system32\CMXearSurr.dll
2013-08-13 12:43 . 2012-05-18 14:03 478208 ----a-w- c:\windows\system32\DTSAPO_PSPhase2GFX.dll
2013-08-13 10:34 . 2013-08-13 12:49 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-13 10:34 . 2013-08-13 12:49 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-13 10:34 . 2013-08-13 12:49 111616 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-13 10:34 . 2013-08-13 12:49 102400 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-13 10:34 . 2013-08-13 10:34 -------- d-----w- c:\program files (x86)\OpenAL
2013-08-13 10:34 . 2012-04-27 16:29 86016 ------w- c:\windows\SysWow64\ExSrv2.dll
2013-08-13 10:34 . 2012-04-27 16:29 86016 ------w- c:\windows\SysWow64\ExSrv.dll
2013-08-13 10:34 . 2011-06-24 13:06 632656 ------w- c:\windows\SysWow64\msvcr80.dll
2013-08-13 10:34 . 2011-02-25 15:07 204800 ------w- c:\windows\SysWow64\ExMgr.exe
2013-08-13 10:33 . 2009-08-20 14:00 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2013-07-26 11:13 . 2013-07-26 11:13 -------- d--h--w- c:\programdata\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-07-26 11:12 . 2013-07-26 11:12 -------- d--h--w- c:\programdata\{BF1E655E-0210-4F9E-BE22-94A9069BF84B}
2013-07-23 11:37 . 2013-08-03 09:25 -------- d-----w- c:\users\ymorduur\AppData\Roaming\Creative
2013-07-23 11:37 . 2013-07-23 11:37 -------- d-----w- c:\programdata\Creative
2013-07-23 11:36 . 2013-07-26 11:13 -------- d-----w- c:\program files (x86)\Creative
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-14 04:29 . 2013-05-30 15:52 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-12 18:12 . 2013-05-31 12:13 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-12 18:12 . 2013-05-31 10:15 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-12 18:12 . 2013-05-31 10:15 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-09 04:45 . 2013-08-14 04:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-28 22:47 . 2013-05-30 20:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-28 22:47 . 2013-05-30 20:57 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-05 03:34 . 2013-07-10 06:28 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 06:28 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 06:28 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-06-02 14:18 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-06-02 14:18 . 2009-08-18 09:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-02 13:47 . 2013-06-02 13:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-06-01 11:12 . 2013-05-31 10:15 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-05-30 23:41 . 2013-05-30 23:41 53248 ----a-r- c:\users\ymorduur\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-30 23:41 . 2013-05-30 23:41 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-05-30 20:58 . 2013-05-30 20:58 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-30 20:58 . 2013-05-30 20:58 310688 ----a-w- c:\windows\system32\javaws.exe
2013-05-30 20:58 . 2013-05-30 20:58 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-30 20:58 . 2013-05-30 20:58 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-30 20:58 . 2013-05-30 20:58 188320 ----a-w- c:\windows\system32\java.exe
2013-05-30 20:58 . 2013-05-30 20:58 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-30 16:07 . 2013-05-30 16:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-30 16:07 . 2013-05-30 16:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-05-30 16:07 . 2013-05-30 16:07 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-05-30 16:07 . 2013-05-30 16:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-05-30 16:07 . 2013-05-30 16:07 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-05-30 16:07 . 2013-05-30 16:07 82432 ----a-w- c:\windows\system32\icardie.dll
2013-05-30 16:07 . 2013-05-30 16:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-30 16:07 . 2013-05-30 16:07 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-05-30 16:07 . 2013-05-30 16:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-05-30 16:07 . 2013-05-30 16:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-05-30 16:07 . 2013-05-30 16:07 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-30 16:07 . 2013-05-30 16:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-30 16:07 . 2013-05-30 16:07 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-30 16:07 . 2013-05-30 16:07 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-30 16:07 . 2013-05-30 16:07 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-05-30 16:07 . 2013-05-30 16:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-30 16:07 . 2013-05-30 16:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-30 16:07 . 2013-05-30 16:07 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-30 16:07 . 2013-05-30 16:07 448512 ----a-w- c:\windows\system32\html.iec
2013-05-30 16:07 . 2013-05-30 16:07 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-30 16:07 . 2013-05-30 16:07 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-05-30 16:07 . 2013-05-30 16:07 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-30 16:07 . 2013-05-30 16:07 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-05-30 16:07 . 2013-05-30 16:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-30 16:07 . 2013-05-30 16:07 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-30 16:07 . 2013-05-30 16:07 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-30 16:07 . 2013-05-30 16:07 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-05-30 16:07 . 2013-05-30 16:07 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-05-30 16:07 . 2013-05-30 16:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-30 16:07 . 2013-05-30 16:07 222208 ----a-w- c:\windows\system32\msls31.dll
2013-05-30 16:07 . 2013-05-30 16:07 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-30 16:07 . 2013-05-30 16:07 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-05-30 16:07 . 2013-05-30 16:07 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-05-30 16:07 . 2013-05-30 16:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-30 16:07 . 2013-05-30 16:07 160256 ----a-w- c:\windows\system32\wextract.exe
2013-05-30 16:07 . 2013-05-30 16:07 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-05-30 16:07 . 2013-05-30 16:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-30 16:07 . 2013-05-30 16:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-30 16:07 . 2013-05-30 16:07 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-30 16:07 . 2013-05-30 16:07 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-05-30 16:07 . 2013-05-30 16:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-30 16:07 . 2013-05-30 16:07 12288 ----a-w- c:\windows\system32\mshta.exe
2013-05-30 16:07 . 2013-05-30 16:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-30 16:07 . 2013-05-30 16:07 114176 ----a-w- c:\windows\system32\admparse.dll
2013-05-30 16:07 . 2013-05-30 16:07 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-05-30 16:07 . 2013-05-30 16:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-30 16:07 . 2013-05-30 16:07 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-30 16:07 . 2013-05-30 16:07 103936 ----a-w- c:\windows\system32\inseng.dll
2013-05-30 16:07 . 2013-05-30 16:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-05-30 14:57 . 2013-05-30 14:57 16896 ----a-w- c:\windows\AsTaskSched.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-08-19 3549528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-08-31 508656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
"ForceActiveDesktopOn"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATLMonitorService;ATLMonitorService;c:\windows\system\MonitorService.exe;c:\windows\system\MonitorService.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ATLOISAService;ATLOISAService;c:\windows\system\ATLOISAService.exe;c:\windows\system\ATLOISAService.exe [x]
S3 CmHdAudAddService;C-Media Function Driver for High Definition Audio Service;c:\windows\system32\DRIVERS\CMHDAudioV64.sys;c:\windows\SYSNATIVE\DRIVERS\CMHDAudioV64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-04-15 3603152]
"PheobusEX"="c:\windows\syswow64\ExMgr.exe" [2011-02-25 204800]
"GamecomSound"="c:\program files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe" [2013-01-25 2364928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
FF - ProfilePath - c:\users\ymorduur\AppData\Roaming\Mozilla\Firefox\Profiles\3yt1bihn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/firefox
FF - ExtSQL: 2013-08-19 11:13; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
------- Asociace souborů -------
.
regedit=regedit.exe "%1"
.
.
Celkový čas: 2013-08-19 12:15:57
ComboFix-quarantined-files.txt 2013-08-19 10:15
.
Před spuštěním: Volných bajtů: 30 450 061 312
Po spuštění: Volných bajtů: 30 433 275 904
.
- - End Of File - - C630263A11C422DDD4908ECBD307AB8A
A36C5E4F47E84449FF07ED3517B43A31

[memphisto]

udělej ještě jednou CF a v nouzovém režimu. Nic se nesmazalo...

[ymorduur]

Teď už to projelo bez těch předchozích hlášek a chyb snad. I když to hlásilo, že je zapnutý avast, přesto že jsem dal štíty natrvalo před testem vypnout. Divné.


ComboFix 13-08-19.02 - ymorduur 20.08.2013 0:04.5.8 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8137.7383 [GMT 2:00]
Spuštěný z: c:\users\ymorduur\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-19 do 2013-08-19 )))))))))))))))))))))))))))))))
.
.
2013-08-19 22:06 . 2013-08-19 22:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-19 09:22 . 2013-08-19 09:22 -------- d-----w- c:\program files (x86)\Origin Games
2013-08-19 09:21 . 2013-08-19 09:21 -------- d-----w- c:\users\ymorduur\AppData\Local\Origin
2013-08-19 09:20 . 2013-08-19 21:59 -------- d-----w- c:\program files (x86)\Origin
2013-08-19 09:14 . 2013-08-19 09:14 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-19 09:14 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-19 09:13 . 2013-08-19 09:14 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-19 09:13 . 2013-08-19 09:14 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-19 09:13 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-19 09:13 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-19 09:13 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-19 09:13 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-19 09:13 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr
2013-08-19 09:06 . 2013-08-19 09:06 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-08-19 08:49 . 2013-08-19 08:49 -------- d-----w- C:\VTRoot
2013-08-19 06:08 . 2013-08-19 06:08 -------- d-----w- c:\users\ymorduur\AppData\Local\Criterion Games
2013-08-18 15:45 . 2013-08-18 15:45 -------- d-----w- c:\windows\ERUNT
2013-08-18 14:09 . 2013-08-18 14:09 -------- d-----w- c:\users\ymorduur\AppData\Local\ATI
2013-08-17 18:28 . 2013-08-17 18:28 -------- d-----w- c:\program files (x86)\Trend Micro
2013-08-17 07:33 . 2013-08-17 07:33 -------- d-----w- c:\users\ymorduur\AppData\Roaming\Malwarebytes
2013-08-17 07:33 . 2013-08-17 07:33 -------- d-----w- c:\programdata\Malwarebytes
2013-08-17 07:29 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{778E52CC-F684-4A6A-B0F5-D1A8E9C3DD13}\mpengine.dll
2013-08-13 12:50 . 2013-08-13 12:50 -------- d-----w- c:\program files (x86)\Dolby Home Theater v4
2013-08-13 12:50 . 2013-08-13 12:50 -------- d-----w- c:\programdata\FaceLift
2013-08-13 12:43 . 2012-05-18 14:03 492032 ----a-w- c:\windows\system32\DTSAPO_PSPhase2LFX.dll
2013-08-13 12:43 . 2013-01-25 15:41 948736 ----a-w- c:\windows\system32\CMAPOMain.dll
2013-08-13 12:43 . 2012-12-25 14:53 62464 ----a-w- c:\windows\system32\drivers\CMHDAudioV64.sys
2013-08-13 12:43 . 2012-11-27 12:53 80896 ----a-w- c:\windows\system32\CMEffectPropPage.dll
2013-08-13 12:43 . 2012-11-27 12:53 63488 ----a-w- c:\windows\system32\CMEffectLFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 58368 ----a-w- c:\windows\system32\CMMicEffectLFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 68096 ----a-w- c:\windows\system32\CMEffectGFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 1256448 ----a-w- c:\windows\system32\CMDolby.dll
2013-08-13 12:43 . 2012-11-27 12:53 799232 ----a-w- c:\windows\system32\CMXearVoClear.dll
2013-08-13 12:43 . 2012-11-27 12:53 710656 ----a-w- c:\windows\system32\CMXearSingFX.dll
2013-08-13 12:43 . 2012-11-27 12:53 830464 ----a-w- c:\windows\system32\CMXearLiving10.dll
2013-08-13 12:43 . 2012-11-27 12:53 1947136 ----a-w- c:\windows\system32\CMXearSurr.dll
2013-08-13 12:43 . 2012-05-18 14:03 478208 ----a-w- c:\windows\system32\DTSAPO_PSPhase2GFX.dll
2013-08-13 10:34 . 2013-08-13 12:49 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2013-08-13 10:34 . 2013-08-13 12:49 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-08-13 10:34 . 2013-08-13 12:49 111616 ----a-w- c:\windows\system32\OpenAL32.dll
2013-08-13 10:34 . 2013-08-13 12:49 102400 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-08-13 10:34 . 2013-08-13 10:34 -------- d-----w- c:\program files (x86)\OpenAL
2013-08-13 10:34 . 2012-04-27 16:29 86016 ------w- c:\windows\SysWow64\ExSrv2.dll
2013-08-13 10:34 . 2012-04-27 16:29 86016 ------w- c:\windows\SysWow64\ExSrv.dll
2013-08-13 10:34 . 2011-06-24 13:06 632656 ------w- c:\windows\SysWow64\msvcr80.dll
2013-08-13 10:34 . 2011-02-25 15:07 204800 ------w- c:\windows\SysWow64\ExMgr.exe
2013-08-13 10:33 . 2009-08-20 14:00 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2013-07-26 11:13 . 2013-07-26 11:13 -------- d--h--w- c:\programdata\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2013-07-26 11:12 . 2013-07-26 11:12 -------- d--h--w- c:\programdata\{BF1E655E-0210-4F9E-BE22-94A9069BF84B}
2013-07-23 11:37 . 2013-08-03 09:25 -------- d-----w- c:\users\ymorduur\AppData\Roaming\Creative
2013-07-23 11:37 . 2013-07-23 11:37 -------- d-----w- c:\programdata\Creative
2013-07-23 11:36 . 2013-07-26 11:13 -------- d-----w- c:\program files (x86)\Creative
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-14 04:29 . 2013-05-30 15:52 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-12 18:12 . 2013-05-31 12:13 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-12 18:12 . 2013-05-31 10:15 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-12 18:12 . 2013-05-31 10:15 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-07-09 04:45 . 2013-08-14 04:28 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-28 22:47 . 2013-05-30 20:57 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-28 22:47 . 2013-05-30 20:57 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-05 03:34 . 2013-07-10 06:28 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 06:28 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 06:28 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-06-02 14:18 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-06-02 14:18 . 2009-08-18 09:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-02 13:47 . 2013-06-02 13:47 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-06-01 11:12 . 2013-05-31 10:15 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-05-30 23:41 . 2013-05-30 23:41 53248 ----a-r- c:\users\ymorduur\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-05-30 23:41 . 2013-05-30 23:41 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-05-30 20:58 . 2013-05-30 20:58 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-30 20:58 . 2013-05-30 20:58 310688 ----a-w- c:\windows\system32\javaws.exe
2013-05-30 20:58 . 2013-05-30 20:58 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-30 20:58 . 2013-05-30 20:58 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-30 20:58 . 2013-05-30 20:58 188320 ----a-w- c:\windows\system32\java.exe
2013-05-30 20:58 . 2013-05-30 20:58 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-30 16:07 . 2013-05-30 16:07 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-30 16:07 . 2013-05-30 16:07 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-05-30 16:07 . 2013-05-30 16:07 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2013-05-30 16:07 . 2013-05-30 16:07 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-05-30 16:07 . 2013-05-30 16:07 85504 ----a-w- c:\windows\system32\iesetup.dll
2013-05-30 16:07 . 2013-05-30 16:07 82432 ----a-w- c:\windows\system32\icardie.dll
2013-05-30 16:07 . 2013-05-30 16:07 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-30 16:07 . 2013-05-30 16:07 76800 ----a-w- c:\windows\system32\tdc.ocx
2013-05-30 16:07 . 2013-05-30 16:07 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-05-30 16:07 . 2013-05-30 16:07 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-05-30 16:07 . 2013-05-30 16:07 65024 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-30 16:07 . 2013-05-30 16:07 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-30 16:07 . 2013-05-30 16:07 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-30 16:07 . 2013-05-30 16:07 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-30 16:07 . 2013-05-30 16:07 49664 ----a-w- c:\windows\system32\imgutil.dll
2013-05-30 16:07 . 2013-05-30 16:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-30 16:07 . 2013-05-30 16:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-30 16:07 . 2013-05-30 16:07 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-30 16:07 . 2013-05-30 16:07 448512 ----a-w- c:\windows\system32\html.iec
2013-05-30 16:07 . 2013-05-30 16:07 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-30 16:07 . 2013-05-30 16:07 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-05-30 16:07 . 2013-05-30 16:07 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-30 16:07 . 2013-05-30 16:07 367104 ----a-w- c:\windows\SysWow64\html.iec
2013-05-30 16:07 . 2013-05-30 16:07 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-30 16:07 . 2013-05-30 16:07 30720 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-30 16:07 . 2013-05-30 16:07 282112 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-30 16:07 . 2013-05-30 16:07 267776 ----a-w- c:\windows\system32\ieaksie.dll
2013-05-30 16:07 . 2013-05-30 16:07 249344 ----a-w- c:\windows\system32\webcheck.dll
2013-05-30 16:07 . 2013-05-30 16:07 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-30 16:07 . 2013-05-30 16:07 222208 ----a-w- c:\windows\system32\msls31.dll
2013-05-30 16:07 . 2013-05-30 16:07 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-30 16:07 . 2013-05-30 16:07 165888 ----a-w- c:\windows\system32\iexpress.exe
2013-05-30 16:07 . 2013-05-30 16:07 163840 ----a-w- c:\windows\system32\ieakui.dll
2013-05-30 16:07 . 2013-05-30 16:07 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-30 16:07 . 2013-05-30 16:07 160256 ----a-w- c:\windows\system32\wextract.exe
2013-05-30 16:07 . 2013-05-30 16:07 160256 ----a-w- c:\windows\system32\ieakeng.dll
2013-05-30 16:07 . 2013-05-30 16:07 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-30 16:07 . 2013-05-30 16:07 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-30 16:07 . 2013-05-30 16:07 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-30 16:07 . 2013-05-30 16:07 145920 ----a-w- c:\windows\system32\iepeers.dll
2013-05-30 16:07 . 2013-05-30 16:07 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-30 16:07 . 2013-05-30 16:07 12288 ----a-w- c:\windows\system32\mshta.exe
2013-05-30 16:07 . 2013-05-30 16:07 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-30 16:07 . 2013-05-30 16:07 114176 ----a-w- c:\windows\system32\admparse.dll
2013-05-30 16:07 . 2013-05-30 16:07 111616 ----a-w- c:\windows\system32\iesysprep.dll
2013-05-30 16:07 . 2013-05-30 16:07 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-30 16:07 . 2013-05-30 16:07 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-30 16:07 . 2013-05-30 16:07 103936 ----a-w- c:\windows\system32\inseng.dll
2013-05-30 16:07 . 2013-05-30 16:07 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2013-05-30 14:57 . 2013-05-30 14:57 16896 ----a-w- c:\windows\AsTaskSched.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-08-19 3549528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2012-08-31 508656]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R0 aswRvrt;aswRvrt; [x]
R0 aswVmm;aswVmm; [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 ATLMonitorService;ATLMonitorService;c:\windows\system\MonitorService.exe;c:\windows\system\MonitorService.exe [x]
R3 ATLOISAService;ATLOISAService;c:\windows\system\ATLOISAService.exe;c:\windows\system\ATLOISAService.exe [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 CmHdAudAddService;C-Media Function Driver for High Definition Audio Service;c:\windows\system32\DRIVERS\CMHDAudioV64.sys;c:\windows\SYSNATIVE\DRIVERS\CMHDAudioV64.sys [x]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe;c:\program files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-04-15 3603152]
"PheobusEX"="c:\windows\syswow64\ExMgr.exe" [2011-02-25 204800]
"GamecomSound"="c:\program files\ASUS Phoebus Audio Sound Card\CPL\Phoebus_x64.exe" [2013-01-25 2364928]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
TCP: DhcpNameServer = 192.168.2.1 194.228.2.1
FF - ProfilePath - c:\users\ymorduur\AppData\Roaming\Mozilla\Firefox\Profiles\3yt1bihn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/firefox
FF - ExtSQL: 2013-08-19 11:13; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4014142942-1370625079-3061907046-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:1c,78,a8,1a,42,78,36,d0,90,e3,0b,5e,20,2e,02,80,12,9d,da,81,82,
f0,fb,e7,d4,71,5d,52,12,68,e0,71,b4,97,9a,28,26,40,50,16,3a,f9,78,c3,01,4e,\
"rkeysecu"=hex:e7,69,55,e8,19,f7,7c,46,c9,ca,9a,63,4d,ed,63,b4
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-20 00:06:51
ComboFix-quarantined-files.txt 2013-08-19 22:06
.
Před spuštěním: Volných bajtů: 30 138 392 576
Po spuštění: Volných bajtů: 29 433 331 712
.
- - End Of File - - 8618B8985B4BBAC511B7E6B3D153B650
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors

Nezašrkrtnuté:
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku

[ymorduur]

Ten log je hrozně velký a dlouhý, hodil jsem ho sem. Infekce to nenašlo.

Zatím mě to opisování přestalo vyskakovat, tak snad to zmizlo.

[memphisto]

Ty logy dávej sem. V těch generovaných texťácích se to špatně čte. ROzděl odpověď na více částí

[ymorduur]

Nevím proč, ale ten log ma 41MB textů. To sem do odpovědi nedám.

[memphisto]

Tak to nedáš no... To je dost. Jak to vypadá s tím ověřováním? Jak píšu, já mám PC čisté a taky se mi to občas stane, že musím ověřovat, že nejsem robot...