Re: Prosím o kontrolu logu. Díky! Vyřešeno

[Riky]

ComboFix 13-07-25.02 - Owner 28.07.2013 14:28:55.9.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.811 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Owner\Plocha\CFScript.txt
.
FILE ::
"c:\windows\system32\aswBoot.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-28 do 2013-07-28 )))))))))))))))))))))))))))))))
.
.
2013-07-28 11:17 . 2013-07-28 11:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2013-07-27 12:06 . 2013-07-27 12:06 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-25 21:05 . 2013-07-25 21:05 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\DealPlyLive
2013-07-25 21:05 . 2013-07-25 21:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DealPlyLive
2013-07-25 21:05 . 2013-07-25 21:05 -------- d-----w- c:\documents and settings\Owner\Data aplikací\Dealply
2013-07-25 21:05 . 2013-07-25 21:05 -------- d-----w- c:\documents and settings\Owner\Data aplikací\SimilarSites
2013-07-25 21:04 . 2013-07-25 21:04 -------- d-----w- c:\documents and settings\Owner\Data aplikací\FoxTab
2013-07-25 20:59 . 2013-07-25 20:59 -------- d-----w- c:\documents and settings\Owner\Data aplikací\searchya
2013-07-25 20:59 . 2013-07-25 20:59 -------- d-----w- c:\documents and settings\Owner\Data aplikací\0O0R0F
2013-07-25 17:34 . 2013-07-25 17:34 -------- d-----w- c:\windows\ERUNT
2013-07-24 16:57 . 2013-07-24 16:58 -------- d-----w- c:\windows\system32\NtmsData
2013-07-24 16:49 . 2013-07-24 17:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Avira
2013-07-23 20:22 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-07-23 20:17 . 2013-07-24 15:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-07-17 17:00 . 2013-07-17 17:05 -------- d-----w- c:\windows\system32\MRT
2013-07-16 18:27 . 2013-07-16 18:27 -------- d-----w- c:\windows\system32\wbem\Repository
2013-07-16 17:04 . 2013-07-16 18:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\syafyey savie
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-11 14:51 . 2012-04-04 17:22 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-11 14:51 . 2011-05-24 16:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-08 01:24 . 2006-03-02 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:53 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-06-07 21:53 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 18:25 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2013-06-05 09:08 . 2006-03-02 12:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 2006-03-02 12:00 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-08 09:58 . 2006-10-18 20:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 05:38 . 2006-03-02 12:00 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 05:38 . 2004-08-17 15:45 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2004-10-01 13:00 . 2007-08-10 22:16 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSTPE"="c:\windows\system32\ASUSTPE.exe" [2006-10-14 69632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"T-Mobile CManager"="c:\program files\T-Mobile\T-Mobile Internet Manager\Manager.exe" [2013-07-03 2076952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-06-08 53248]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-01-16 843776]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-11-02 1397760]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-08-07 200704]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2013-06-20 80480]
"PMBVolumeWatcher"="c:\program files\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Owner\Nabídka Start\Programy\Po spuštění\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\Belkin\Bluetooth Software\BTTray.exe [2006-6-7 553021]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Documents and Settings\\Owner\\Plocha\\utorrent_torrentreactor.net.exe"=
"c:\\Documents and Settings\\Owner\\Plocha\\Hry\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Documents and Settings\\Owner\\Plocha\\Hry\\Splinter Cell Pandora Tomorrow\\pandora.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Documents and Settings\\Owner\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Documents and Settings\\Owner\\Plocha\\Filmy\\PCPerformer-BitTorrent-b\\PCPerformerSetup_BT.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"443:TCP"= 443:TCP:*:Disabled:ooVoo TCP port 443
"443:UDP"= 443:UDP:*:Disabled:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP port 37675
.
R1 atm;NettGain 1200 ATM;c:\windows\system32\drivers\ATM.sys [29.7.2008 17:31 233684]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [27.7.2013 14:06 218688]
R1 TSM;TSM Driver - Layered Version;c:\windows\system32\drivers\TSM.sys [29.7.2008 17:31 36413]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [24.9.2007 18:35 9728]
R2 GenPort;GenPort;c:\windows\system32\drivers\GENPORT.SYS [15.8.2007 21:49 4832]
R2 MapMem;MapMem;c:\windows\system32\drivers\MAPMEM.SYS [15.8.2007 21:49 6816]
R2 MbnExt;Mobile Broadband Extension Service;c:\windows\system32\svchost.exe -k MbnExt [2.3.2006 14:00 14336]
R2 NTRemap;NTRemap;c:\windows\system32\drivers\NTREMAP.SYS [15.8.2007 21:49 6336]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [15.3.2011 14:44 428384]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [8.8.2007 11:07 24576]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [18.6.2013 17:15 90368]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [18.6.2013 17:15 73216]
R3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [18.6.2008 17:21 47360]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [8.8.2007 11:07 1245056]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [18.6.2013 17:15 102784]
S3 ipw_bus;IPWireless;c:\windows\system32\drivers\ipw_bus.sys [24.9.2007 18:35 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter;c:\windows\system32\drivers\ipw_mdfl.sys [24.9.2007 18:35 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM);c:\windows\system32\drivers\ipw_mdm.sys [24.9.2007 18:35 95440]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [5.5.2011 18:41 38224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 15:14 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 14:51]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\rid2zvyl.default\
FF - ExtSQL: 2013-06-26 19:35; pluswinks@PlusWinks; c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\rid2zvyl.default\extensions\pluswinks@PlusWinks.xpi
FF - ExtSQL: 2013-07-16 19:05; iayu01v7w@eiymmko.edu; c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\rid2zvyl.default\extensions\iayu01v7w@eiymmko.edu
FF - ExtSQL: 2013-07-16 19:05; ceuje5z9v@ttauu-.co.uk; c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\rid2zvyl.default\extensions\ceuje5z9v@ttauu-.co.uk
FF - ExtSQL: 2013-07-25 23:06; {5ebdca98-43b3-45bb-87e0-716029fb42ab}; c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\rid2zvyl.default\extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}
FF - ExtSQL: 2013-07-25 23:06; WebSiteRecommendation@weliketheweb.com; c:\documents and settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\rid2zvyl.default\extensions\WebSiteRecommendation@weliketheweb.com
FF - ExtSQL: !HIDDEN! 2009-09-02 17:16; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: extensions.searchya.hmpg - true
FF - user.js: extensions.searchya.hmpgUrl - hxxp://www.searchya.com/?f=1&a=Searchoo ... 363791&ir=
FF - user.js: extensions.searchya.dfltSrch - true
FF - user.js: extensions.searchya.srchPrvdr - SearchYa!
FF - user.js: extensions.searchya.dnsErr - true
FF - user.js: extensions.searchya_i.newTab - false
FF - user.js: extensions.searchya.newTabUrl - hxxp://www.searchya.com/?f=2&a=Searchoo ... 363791&ir=
FF - user.js: extensions.searchya.tlbrSrchUrl - hxxp://www.searchya.com/?f=3&a=Searchoo ... 791&ir=&q=
FF - user.js: extensions.searchya.id - 001BFCDE4502CA67
FF - user.js: extensions.searchya.instlDay - 15911
FF - user.js: extensions.searchya.vrsn - 1.8.8.0
FF - user.js: extensions.searchya.vrsni - 1.8.8.0
FF - user.js: extensions.searchya_i.vrsnTs - 1.8.8.022:59
FF - user.js: extensions.searchya.prtnrId - searchya
FF - user.js: extensions.searchya.prdct - searchya
FF - user.js: extensions.searchya.aflt - SearchooD
FF - user.js: extensions.searchya_i.smplGrp - none
FF - user.js: extensions.searchya.tlbrId - base
FF - user.js: extensions.searchya.instlRef -
FF - user.js: extensions.searchya.dfltLng -
FF - user.js: extensions.searchya.appId - {1973277F-87B0-4EA3-9ED2-470A91D284CF}
FF - user.js: extensions.searchya.excTlbr - false
FF - user.js: extensions.searchya_i.hmpg - true
FF - user.js: extensions.searchya.cr - 503363791
FF - user.js: extensions.searchya.cd - 2XzuyEtN2Y1L1QzutDtDtC0B0F0C0D0EyEyDtDtB0C0AyCyBtN0D0Tzu0CyDyBtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu0O0R0F
FF - user.js: extensions.irspeeddial.aflt - SearchooD
FF - user.js: extensions.irspeeddial.instlRef -
FF - user.js: extensions.irspeeddial.cr - 503363791
FF - user.js: extensions.irspeeddial.cd - 2XzuyEtN2Y1L1QzutDtDtC0B0F0C0D0EyEyDtDtB0C0AyCyBtN0D0Tzu0CyDyBtBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu0O0R0F
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-28 14:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(968)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(3744)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Ahead\InCD\InCDsrv.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Belkin\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\windows\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Celkový čas: 2013-07-28 14:44:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-28 12:44
ComboFix2.txt 2013-07-27 12:09
.
Před spuštěním: Volných bajtů: 55 958 720 512
Po spuštění: Volných bajtů: 54 858 383 360
.
- - End Of File - - 4FEE44B48488C09FACB00F1FD6232CC0
413FC2A0C716421B3158746D63736515

[Reklama]

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\SvcHost]
"netsvcs"@=hex(7):36,00,74,00,6f,00,34,00,0d,00,0a,00,41,00,70,00,70,00,4d,00,67,00,6d,\
  00,74,00,0d,00,0a,00,41,00,75,00,64,00,69,00,6f,00,53,00,72,00,76,00,0d,00,\
  0a,00,42,00,72,00,6f,00,77,00,73,00,65,00,72,00,0d,00,0a,00,43,00,72,00,79,\
  00,70,00,74,00,53,00,76,00,63,00,0d,00,0a,00,44,00,4d,00,53,00,65,00,72,00,\
  76,00,65,00,72,00,0d,00,0a,00,44,00,48,00,43,00,50,00,0d,00,0a,00,45,00,52,\
  00,53,00,76,00,63,00,0d,00,0a,00,45,00,76,00,65,00,6e,00,74,00,53,00,79,00,\
  73,00,74,00,65,00,6d,00,0d,00,0a,00,46,00,61,00,73,00,74,00,55,00,73,00,65,\
  00,72,00,53,00,77,00,69,00,74,00,63,00,68,00,69,00,6e,00,67,00,43,00,6f,00,\
  6d,00,70,00,61,00,74,00,69,00,62,00,69,00,6c,00,69,00,74,00,79,00,0d,00,0a,\
  00,48,00,69,00,64,00,53,00,65,00,72,00,76,00,0d,00,0a,00,49,00,61,00,73,00,\
  0d,00,0a,00,49,00,70,00,72,00,69,00,70,00,0d,00,0a,00,49,00,72,00,6d,00,6f,\
  00,6e,00,0d,00,0a,00,4c,00,61,00,6e,00,6d,00,61,00,6e,00,53,00,65,00,72,00,\
  76,00,65,00,72,00,0d,00,0a,00,4c,00,61,00,6e,00,6d,00,61,00,6e,00,57,00,6f,\
  00,72,00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,0d,00,0a,00,4d,00,\
  65,00,73,00,73,00,65,00,6e,00,67,00,65,00,72,00,0d,00,0a,00,4e,00,65,00,74,\
  00,6d,00,61,00,6e,00,0d,00,0a,00,4e,00,6c,00,61,00,0d,00,0a,00,4e,00,74,00,\
  6d,00,73,00,73,00,76,00,63,00,0d,00,0a,00,4e,00,57,00,43,00,57,00,6f,00,72,\
  00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,0d,00,0a,00,4e,00,77,00,\
  73,00,61,00,70,00,61,00,67,00,65,00,6e,00,74,00,0d,00,0a,00,52,00,61,00,73,\
  00,61,00,75,00,74,00,6f,00,0d,00,0a,00,52,00,61,00,73,00,6d,00,61,00,6e,00,\
  0d,00,0a,00,52,00,65,00,6d,00,6f,00,74,00,65,00,61,00,63,00,63,00,65,00,73,\
  00,73,00,0d,00,0a,00,53,00,63,00,68,00,65,00,64,00,75,00,6c,00,65,00,0d,00,\
  0a,00,53,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,0d,00,0a,00,53,00,45,\
  00,4e,00,53,00,0d,00,0a,00,53,00,68,00,61,00,72,00,65,00,64,00,61,00,63,00,\
  63,00,65,00,73,00,73,00,0d,00,0a,00,53,00,52,00,53,00,65,00,72,00,76,00,69,\
  00,63,00,65,00,0d,00,0a,00,54,00,61,00,70,00,69,00,73,00,72,00,76,00,0d,00,\
  0a,00,54,00,68,00,65,00,6d,00,65,00,73,00,0d,00,0a,00,54,00,72,00,6b,00,57,\
  00,6b,00,73,00,0d,00,0a,00,57,00,33,00,32,00,54,00,69,00,6d,00,65,00,0d,00,\
  0a,00,57,00,5a,00,43,00,53,00,56,00,43,00,0d,00,0a,00,57,00,6d,00,69,00,0d,\
  00,0a,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,70,00,0d,00,0a,00,77,00,\
  69,00,6e,00,6d,00,67,00,6d,00,74,00,0d,00,0a,00,54,00,65,00,72,00,6d,00,53,\
  00,65,00,72,00,76,00,69,00,63,00,65,00,0d,00,0a,00,77,00,75,00,61,00,75,00,\
  73,00,65,00,72,00,76,00,0d,00,0a,00,42,00,49,00,54,00,53,00,0d,00,0a,00,53,\
  00,68,00,65,00,6c,00,6c,00,48,00,57,00,44,00,65,00,74,00,65,00,63,00,74,00,\
  69,00,6f,00,6e,00,0d,00,0a,00,68,00,65,00,6c,00,70,00,73,00,76,00,63,00,0d,\
  00,0a,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,0d,00,0a,00,78,00,\
  6d,00,6c,00,70,00,72,00,6f,00,76,00,0d,00,0a,00,77,00,73,00,63,00,73,00,76,\
  00,63,00,00,00,00,00

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: Fixreg.reg
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepej na soubor Fixreg.reg na ploše , objeví se okno s otázkou , zda si opravdu přeješ zapsat do registru. Klikni na Ano.
Restartuj PC.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Riky]

Pisu z mobilu. Tak mi zacala blikat obrazovka a skakat ruzne obraz a ted uz nejde vubec notas spustit, nenabehne ani bios, jen se zapne a nic. Tak jdu zitra do servisu. Muze to byt zakladni deska?

[jaro3]

Může to být i grafika , zdroj(měnič) , RAM, kabely , HDD ap.

[Riky]

Mám nový noťas a vše znovu nainstalováno, čili toto téma je již bezpředmětné. Nicméně Vám všem zde děkuji za pomoc.