Preventívna kontrola Vyřešeno

[Aristoteles]

prepáč :) omylom - šťastné a veselé prajem a posielam log z combo fix

ComboFix 14-12-23.01 - ju . 12. 2014 13:26:40.2.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2989.1881 [GMT 1:00]
Running from: c:\users\ju\Desktop\ComboFix.exe
AV: AVG Internet Security 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Internet Security 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Files Created from 2014-11-24 to 2014-12-24 )))))))))))))))))))))))))))))))
.
.
2014-12-24 12:33 . 2014-12-24 12:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-24 12:33 . 2014-12-24 12:33 -------- d-----w- c:\users\Adina\AppData\Local\temp
2014-12-23 18:42 . 2014-12-24 12:33 -------- d-----w- c:\users\ju\AppData\Local\temp
2014-12-23 15:55 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2014-12-23 15:53 . 2014-12-23 15:53 41088 ----a-w- c:\windows\system32\drivers\HECI.sys
2014-12-23 15:53 . 2014-12-23 15:53 -------- d-----w- c:\program files\Synaptics
2014-12-23 15:53 . 2014-12-23 15:53 28656 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-12-23 15:53 . 2014-12-23 15:53 84480 ----a-w- c:\windows\system32\DelayAPO.dll
2014-12-23 15:53 . 2014-12-23 15:53 77824 ----a-w- c:\windows\system32\drivers\AtihdW73.sys
2014-12-23 15:53 . 2014-12-23 15:53 36616 ----a-w- c:\windows\system32\drivers\btcusb.sys
2014-12-23 15:53 . 2014-12-23 15:53 19464 ----a-w- c:\windows\system32\btinstall.dll
2014-12-23 15:49 . 2014-12-23 15:49 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2014-12-23 15:36 . 2014-12-23 15:36 -------- d-----w- c:\windows\system32\SPReview
2014-12-23 15:35 . 2014-12-23 15:35 -------- d-----w- c:\windows\system32\EventProviders
2014-12-23 15:35 . 2014-12-23 15:35 -------- d-----w- c:\program files\MSXML 4.0
2014-12-23 15:31 . 2010-11-20 12:21 21504 ----a-w- c:\windows\system32\wsdchngr.dll
2014-12-23 15:25 . 2014-12-23 15:25 -------- d-----w- c:\program files\Common Files\Java
2014-12-23 15:24 . 2014-12-23 15:29 -------- d-----w- c:\programdata\Oracle
2014-12-23 09:51 . 2014-12-23 09:51 -------- d-----w- c:\users\ju\AppData\Local\KrosMeniny
2014-12-22 17:59 . 2014-12-22 17:40 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-22 17:40 . 2014-12-22 18:01 -------- d-----w- C:\zoek_backup
2014-12-22 16:48 . 2014-12-22 16:51 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-22 16:48 . 2014-12-22 16:48 -------- d-----w- c:\programdata\RogueKiller
2014-12-22 16:33 . 2014-12-22 16:33 -------- d-----w- c:\windows\ERUNT
2014-12-22 15:30 . 2014-12-22 15:30 -------- d-----w- c:\users\ju\AppData\Roaming\AVG2015
2014-12-22 15:29 . 2014-12-22 19:38 -------- d-----w- c:\programdata\AVG2015
2014-12-21 15:09 . 2014-12-23 18:54 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-21 15:09 . 2014-12-21 15:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-12-21 15:09 . 2014-12-21 15:09 -------- d-----w- c:\programdata\Malwarebytes
2014-12-21 15:09 . 2014-11-21 05:14 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-21 15:09 . 2014-11-21 05:14 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-21 15:09 . 2014-11-21 05:14 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-21 15:00 . 2014-12-22 15:48 -------- d-----w- C:\AdwCleaner
2014-12-20 14:09 . 2014-12-20 14:11 -------- d-----w- c:\windows\system32\MRT
2014-12-20 14:08 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-12-20 14:08 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-12-20 14:08 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2014-12-20 14:08 . 2010-12-17 07:07 542208 ----a-w- c:\windows\system32\kerberos.dll
2014-12-20 14:04 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-12-20 14:04 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-12-20 14:04 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-12-20 14:04 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-12-20 14:04 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-12-20 14:04 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-12-20 14:04 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-12-20 14:04 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-12-20 14:04 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-12-20 13:49 . 2014-12-20 13:49 -------- d-----w- c:\program files\CrystalDiskInfo
2014-12-16 15:10 . 2014-12-16 17:10 -------- d-----w- C:\tomáš
2014-12-08 20:25 . 2014-12-08 20:25 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-12-02 12:03 . 2014-12-02 12:03 -------- d-----w- c:\users\Adina\AppData\Roaming\RealNetworks
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-23 15:54 . 2013-11-28 21:32 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-23 15:54 . 2013-11-28 21:32 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-23 15:52 . 2010-01-22 07:39 4077568 ----a-w- c:\windows\system32\atiumdag.dll
2014-12-23 15:52 . 2010-01-22 07:29 52736 ----a-w- c:\windows\system32\coinst.dll
2014-12-23 15:52 . 2010-01-22 07:21 3460096 ----a-w- c:\windows\system32\atiumdva.dll
2014-12-23 15:52 . 2010-01-22 07:07 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2014-12-23 15:52 . 2010-01-22 07:07 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2014-12-23 15:52 . 2010-01-22 08:01 380928 ----a-w- c:\windows\system32\atieclxx.exe
2014-12-23 15:52 . 2010-01-22 08:01 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2014-12-23 15:52 . 2010-01-22 07:56 3953152 ----a-w- c:\windows\system32\atidxx32.dll
2014-12-23 15:52 . 2010-01-22 07:48 536576 ----a-w- c:\windows\system32\aticfx32.dll
2014-12-23 15:52 . 2010-01-22 07:08 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2014-12-23 15:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2014-12-23 15:28 . 2014-08-15 14:38 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-12 13:49 . 2014-03-27 07:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-12-12 13:49 . 2014-03-25 20:18 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-12-10 09:51 . 2014-03-25 20:18 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-11-18 20:41 . 2014-11-18 20:41 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-11-03 12:08 . 2014-03-27 07:55 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-10-10 14:13 . 2014-10-10 14:13 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-10-05 19:42 . 2014-10-05 19:42 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-03 30878816]
"KrosMeniny"="e:\dokumenty\Programy\Meniny.exe" [2010-02-21 1420288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2014-12-18 3667472]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-03 30878816]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"vProt"="c:\program files\AVG Web TuneUp\vprot.exe" [BU]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2014-06-29 296520]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-6-29 822880]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe /f=srs_premium_sound_nopreset.zip /h [2013-11-25 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
c:\program files\IObit\IObit Malware Fighter\IMF.exe [BU]
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-06-10 23552]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-06-07 37224]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-06-07 256360]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-06-07 177704]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-06-07 46952]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-06-07 143080]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 cpuz138;cpuz138;c:\users\ju\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 94208]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [2014-01-12 125456]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 18624]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-12-08 208152]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-08-30 42784]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2014-12-23 23840]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-12-23 176128]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S2 AtherosSvc;AtherosSvc;c:\program files\Atheros\Bluetooth Suite\adminservice.exe [2010-06-07 38560]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2013-04-03 34336]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-06-10 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-06-29 1141848]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2014-12-23 77824]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-06-07 28200]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2014-12-23 148720]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-23 28656]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv.sys [2014-01-12 2351944]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-28 15:54]
.
2014-12-22 c:\windows\Tasks\ReclaimerUpdateFiles_ju.job
- c:\users\ju\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-04 14:04]
.
2014-12-23 c:\windows\Tasks\ReclaimerUpdateXML_ju.job
- c:\users\ju\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-04 14:04]
.
2014-12-24 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_ju.job
- c:\users\ju\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-04 14:04]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\ju\AppData\Roaming\Mozilla\Firefox\Profiles\joo2zrtn.default-1408478341201\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://aktualne.sk/
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,04,e0,d1,c1,d2,59,4c,93,76,4c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,04,e0,d1,c1,d2,59,4c,93,76,4c,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-12-24 13:34:57
ComboFix-quarantined-files.txt 2014-12-24 12:34
.
Pre-Run: 13 326 290 944 bytes free
Post-Run: 13 257 457 664 bytes free
.
- - End Of File - - 1F95EF7A312B276A49FC8FF258B51A78
A36C5E4F47E84449FF07ED3517B43A31


a log z aswmbr

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2014-12-24 13:47:43
-----------------------------
13:47:43.352 OS Version: Windows 6.1.7601 Service Pack 1
13:47:43.352 Number of processors: 4 586 0x2502
13:47:43.362 ComputerName: MIREC UserName: ju
13:47:43.752 Initialize success
13:47:43.782 VM: initialized successfully
13:47:43.792 VM: Intel CPU supported
13:48:39.373 VM: not used
13:49:07.384 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:49:07.399 Disk 0 Vendor: OCZ-VERTEX2 1.29 Size: 57241MB BusType: 11
13:49:07.415 Disk 0 MBR read successfully
13:49:07.415 Disk 0 MBR scan
13:49:07.415 Disk 0 Windows 7 default MBR code
13:49:07.430 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:49:07.430 Disk 0 Boot: NTFS code=1
13:49:07.446 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 57139 MB offset 206848
13:49:07.446 Disk 0 scanning sectors +117227520
13:49:07.462 Disk 0 scanning C:\Windows\system32\drivers
13:49:09.193 Service scanning
13:49:12.469 Modules scanning
13:49:12.485 Disk 0 trace - called modules:
13:49:12.500 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
13:49:12.516 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8682f030]
13:49:12.516 3 CLASSPNP.SYS[8bba659e] -> nt!IofCallDriver -> [0x86653918]
13:49:12.532 5 ACPI.sys[8b48f3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x866c7030]
13:49:12.532 Disk 0 statistics 88767/0/0 @ 48,92 MB/s
13:49:12.547 Scan finished successfully
13:49:28.397 Disk 0 MBR has been saved successfully to "C:\Users\ju\Desktop\MBR.dat"
13:49:28.412 The log file has been saved successfully to "C:\Users\ju\Desktop\aswMBR.txt"

[Reklama]

[jaro3]

Odinstaluj:
AVG Web TuneUp
IObit Malware Fighter



Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,04,e0,d1,c1,d2,59,4c,93,76,4c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,12,04,e0,d1,c1,d2,59,4c,93,76,4c,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Aristoteles]

ComboFix 14-12-23.01 - ju . 12. 2014 20:10:19.5.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.2989.1989 [GMT 1:00]
Running from: c:\users\ju\Desktop\ComboFix.exe
Command switches used :: c:\users\ju\Desktop\CFScript.txt
AV: AVG Internet Security 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG Internet Security 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2014-11-25 to 2014-12-25 )))))))))))))))))))))))))))))))
.
.
2014-12-25 19:17 . 2014-12-25 19:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-25 19:17 . 2014-12-25 19:17 -------- d-----w- c:\users\Adina\AppData\Local\temp
2014-12-23 18:42 . 2014-12-25 19:18 -------- d-----w- c:\users\ju\AppData\Local\temp
2014-12-23 15:55 . 2013-01-13 19:53 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2014-12-23 15:53 . 2014-12-23 15:53 41088 ----a-w- c:\windows\system32\drivers\HECI.sys
2014-12-23 15:53 . 2014-12-23 15:53 -------- d-----w- c:\program files\Synaptics
2014-12-23 15:53 . 2014-12-23 15:53 28656 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-12-23 15:53 . 2014-12-23 15:53 84480 ----a-w- c:\windows\system32\DelayAPO.dll
2014-12-23 15:53 . 2014-12-23 15:53 77824 ----a-w- c:\windows\system32\drivers\AtihdW73.sys
2014-12-23 15:53 . 2014-12-23 15:53 36616 ----a-w- c:\windows\system32\drivers\btcusb.sys
2014-12-23 15:53 . 2014-12-23 15:53 19464 ----a-w- c:\windows\system32\btinstall.dll
2014-12-23 15:49 . 2014-12-23 15:49 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2014-12-23 15:36 . 2014-12-23 15:36 -------- d-----w- c:\windows\system32\SPReview
2014-12-23 15:35 . 2014-12-23 15:35 -------- d-----w- c:\windows\system32\EventProviders
2014-12-23 15:35 . 2014-12-23 15:35 -------- d-----w- c:\program files\MSXML 4.0
2014-12-23 15:31 . 2010-11-20 12:21 21504 ----a-w- c:\windows\system32\wsdchngr.dll
2014-12-23 15:25 . 2014-12-23 15:25 -------- d-----w- c:\program files\Common Files\Java
2014-12-23 15:24 . 2014-12-23 15:29 -------- d-----w- c:\programdata\Oracle
2014-12-23 09:51 . 2014-12-23 09:51 -------- d-----w- c:\users\ju\AppData\Local\KrosMeniny
2014-12-22 17:59 . 2014-12-22 17:40 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-22 17:40 . 2014-12-22 18:01 -------- d-----w- C:\zoek_backup
2014-12-22 16:48 . 2014-12-22 16:51 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-22 16:48 . 2014-12-22 16:48 -------- d-----w- c:\programdata\RogueKiller
2014-12-22 16:33 . 2014-12-22 16:33 -------- d-----w- c:\windows\ERUNT
2014-12-22 15:30 . 2014-12-22 15:30 -------- d-----w- c:\users\ju\AppData\Roaming\AVG2015
2014-12-22 15:29 . 2014-12-22 19:38 -------- d-----w- c:\programdata\AVG2015
2014-12-21 15:09 . 2014-12-23 18:54 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-21 15:09 . 2014-12-21 15:09 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-12-21 15:09 . 2014-12-21 15:09 -------- d-----w- c:\programdata\Malwarebytes
2014-12-21 15:09 . 2014-11-21 05:14 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-21 15:09 . 2014-11-21 05:14 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-21 15:09 . 2014-11-21 05:14 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-21 15:00 . 2014-12-22 15:48 -------- d-----w- C:\AdwCleaner
2014-12-20 14:09 . 2014-12-20 14:11 -------- d-----w- c:\windows\system32\MRT
2014-12-20 14:08 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-12-20 14:08 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-12-20 14:08 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2014-12-20 14:08 . 2010-12-17 07:07 542208 ----a-w- c:\windows\system32\kerberos.dll
2014-12-20 14:04 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-12-20 14:04 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-12-20 14:04 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-12-20 14:04 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-12-20 14:04 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-12-20 14:04 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-12-20 14:04 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-12-20 14:04 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-12-20 14:04 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-12-20 13:49 . 2014-12-20 13:49 -------- d-----w- c:\program files\CrystalDiskInfo
2014-12-16 15:10 . 2014-12-16 17:10 -------- d-----w- C:\tomáš
2014-12-08 20:25 . 2014-12-08 20:25 208152 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-12-02 12:03 . 2014-12-02 12:03 -------- d-----w- c:\users\Adina\AppData\Roaming\RealNetworks
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-23 15:54 . 2013-11-28 21:32 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-12-23 15:54 . 2013-11-28 21:32 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-23 15:52 . 2010-01-22 07:39 4077568 ----a-w- c:\windows\system32\atiumdag.dll
2014-12-23 15:52 . 2010-01-22 07:29 52736 ----a-w- c:\windows\system32\coinst.dll
2014-12-23 15:52 . 2010-01-22 07:21 3460096 ----a-w- c:\windows\system32\atiumdva.dll
2014-12-23 15:52 . 2010-01-22 07:07 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2014-12-23 15:52 . 2010-01-22 07:07 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2014-12-23 15:52 . 2010-01-22 08:01 380928 ----a-w- c:\windows\system32\atieclxx.exe
2014-12-23 15:52 . 2010-01-22 08:01 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2014-12-23 15:52 . 2010-01-22 07:56 3953152 ----a-w- c:\windows\system32\atidxx32.dll
2014-12-23 15:52 . 2010-01-22 07:48 536576 ----a-w- c:\windows\system32\aticfx32.dll
2014-12-23 15:52 . 2010-01-22 07:08 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2014-12-23 15:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2014-12-23 15:28 . 2014-08-15 14:38 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-12-12 13:49 . 2014-03-27 07:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2014-12-12 13:49 . 2014-03-25 20:18 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-12-10 09:51 . 2014-03-25 20:18 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-11-18 20:41 . 2014-11-18 20:41 154904 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-11-03 12:08 . 2014-03-27 07:55 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-10-10 14:13 . 2014-10-10 14:13 200984 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-10-05 19:42 . 2014-10-05 19:42 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-03 30878816]
"KrosMeniny"="e:\dokumenty\Programy\Meniny.exe" [2010-02-21 1420288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2015\avgui.exe" [2014-12-18 3667472]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-12-03 30878816]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"vProt"="c:\program files\AVG Web TuneUp\vprot.exe" [BU]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2014-06-29 296520]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 795936]
RealPlayer Cloud Service UI.lnk - c:\program files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [2014-6-29 822880]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe /f=srs_premium_sound_nopreset.zip /h [2013-11-25 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
c:\program files\IObit\IObit Malware Fighter\IMF.exe [BU]
.
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-06-07 37224]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-06-07 256360]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-06-07 177704]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-06-07 46952]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-06-07 143080]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 cpuz138;cpuz138;c:\users\ju\AppData\Local\Temp\cpuz138\cpuz138_x32.sys [x]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [2014-01-12 125456]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-11-18 154904]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-07-18 230680]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-18 27416]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 18624]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-18 121624]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-12-08 208152]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-18 21272]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-08-28 192792]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-10-10 200984]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-08-30 42784]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2014-12-23 23840]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2014-12-23 176128]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files\Atheros\Ath_CoexAgent.exe [2010-05-24 151552]
S2 AtherosSvc;AtherosSvc;c:\program files\Atheros\Bluetooth Suite\adminservice.exe [2010-06-07 38560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [2013-04-03 34336]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-06-10 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [2014-06-29 1141848]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-06-10 23552]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2014-12-23 77824]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-06-07 28200]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 94208]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2014-12-23 148720]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-12-23 28656]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv.sys [2014-01-12 2351944]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-28 15:54]
.
2014-12-24 c:\windows\Tasks\ReclaimerUpdateFiles_ju.job
- c:\users\ju\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-04 14:04]
.
2014-12-25 c:\windows\Tasks\ReclaimerUpdateXML_ju.job
- c:\users\ju\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-04 14:04]
.
2014-12-25 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_ju.job
- c:\users\ju\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-12-04 14:04]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\ju\AppData\Roaming\Mozilla\Firefox\Profiles\joo2zrtn.default-1408478341201\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://aktualne.sk/
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4520)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\Atheros\Bluetooth Suite\AthCopyHook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\real\realplayer\RPDS\Bin\rpcloudview.dll
c:\program files\Atheros\Bluetooth Suite\FolderViewImpl.dll
c:\program files\Atheros\Bluetooth Suite\langs\FolderViewSK.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG2015\avgrsx.exe
c:\program files\AVG\AVG2015\avgcsrvx.exe
c:\windows\system32\atieclxx.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\sppsvc.exe
c:\program files\AVG\AVG2015\avgnsx.exe
c:\program files\AVG\AVG2015\avgemcx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2014-12-25 20:20:38 - machine was rebooted
ComboFix-quarantined-files.txt 2014-12-25 19:20
ComboFix2.txt 2014-12-24 12:34
.
Pre-Run: 12 337 618 944 bytes free
Post-Run: 12 269 342 720 bytes free
.
- - End Of File - - 483CDD5B289296296734E80B33D68909
A36C5E4F47E84449FF07ED3517B43A31


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:26:36, on 25. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)

FIREFOX: 34.0.5 (x86 sk)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Real\RealPlayer\Update\realsched.exe
E:\Dokumenty\Programy\Meniny.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\Explorer.exe
C:\Program Files\AVG\AVG2015\avgcfgex.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
E:\Dokumenty\Programy\Čistace programy na PC\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KrosMeniny] E:\Dokumenty\Programy\Meniny.exe
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe

--
End of file - 6580 bytes



Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:38:56, on 25. 12. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)

FIREFOX: 34.0.5 (x86 sk)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\SearchFilterHost.exe
E:\Dokumenty\Programy\Čistace programy na PC\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files\Atheros\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe

--
End of file - 5428 bytes

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

[Aristoteles]

Nazdar, dnes celkom v pohode blue screen dnes nebol :) dik - ale to OTC mi vymazalo z plochy rogue killera a dalšie - a tiež samotné OTC

[jaro3]

To je OK.

BSOD sekce:
viewforum.php?f=118

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[Aristoteles]

Žiadne problémy už nemám - ďakujem za pomoc