Vidím, že ComboFix vytvoril bod obnovenia, skús to obnoviť do stavu pred ComboFixom a napíš, či to pôjde.
Ak to pôjde, sprav nasledujúce kroky:
Použi tento CFScript (postup taký istý)
DDS::
SSODL: WebCheck - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Firefox::
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
Reboot::• Spusť OTL ako správca,
• Do spodného okienka Vlastné skenovanie/opravy (Custom Scans/Fixes) skopíruj:
:otl
IE - HKU\S-1-5-21-118582844-522593287-3683846926-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_m5910&r=17360911c106pe415v155w5721u069
IE - HKU\S-1-5-21-118582844-522593287-3683846926-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_m5910&r=17360911c106pe415v155w5721u069
IE - HKU\S-1-5-21-118582844-522593287-3683846926-1001\..\SearchScopes\{C38D3079-8523-4D8B-829B-CF33FCE7E4D8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=E4B6DFC3-CB3C-4FEB-98FE-AAF786CBD1FD&apn_sauid=4BD697D3-9055-473A-BA93-40E4F95F036F
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p="
FF - user.js - File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - default_search_provider: facemoods (Enabled)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [AutoKMS] C:\Windows\AutoKMS.exe File not found
O4:[b]64bit:[/b] - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe File not found
O4:[b]64bit:[/b] - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe File not found
O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-118582844-522593287-3683846926-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-118582844-522593287-3683846926-1001..\Run: [LaunchList] C:\Program Files (x86)\Pinnacle\Studio 11\LaunchList2.exe File not found
O4 - HKU\S-1-5-21-118582844-522593287-3683846926-1001..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\Program Files (x86)\InstallShield Installation Information\{F5601CC2-9388-44C2-9937-501066F29D21}\setup.exe (InstallShield Software Corporation)
O4 - HKLM..\RunOnce: [InstallShieldSetup1] C:\Program Files (x86)\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe (InstallShield Software Corporation)
O4 - HKLM..\RunOnce: [InstallShieldSetup2] C:\Program Files (x86)\InstallShield Installation Information\{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}\setup.exe (InstallShield Software Corporation)
O4 - Startup: C:\Users\Petr_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk = File not found
:files
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
c:\users\Petr_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
c:\programdata\Spybot - Search & Destroy
c:\program files (x86)\Spybot - Search & Destroy
c:\programdata\Spywareterminator
c:\program files (x86)\Spywareterminator
c:\programdata\Spywarefighter
c:\program files (x86)\Spywarefighter
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"=-
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchList"=-
"AdobeBridge"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"ioTablet"=-
"SunJavaUpdateSched"=-
""=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"InstallShieldSetup"=-
"InstallShieldSetup1"=-
"InstallShieldSetup2"=-
:commands
[CREATERESTOREPOINT]
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
[RESETHOSTS]
[REBOOT]• OTL vykoná príkazy zo scriptu, reštartuje PC a vyskočí log, jeho obsah sem skopíruj.
----
• Daj nový log z RSIT & DDS + vytvor znovu log z OTL.