prosím kontrolu hjt zachyceno několik malwarů Vyřešeno

[KamilaS]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:01, on 7.12.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)

FIREFOX: 50.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe
C:\Users\kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Users\kamca\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
C:\Windows\Explorer.exe
C:\Users\kamca\Desktop\VIROZY\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ALLPlayer WiFi Remote] C:\Program Files\ALLPlayer Remote\ALLPlayerRemoteControl.exe
O4 - Startup: Facebook Gameroom.lnk = kamca\AppData\Local\Facebook\Games\FacebookGameroom.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvscpapisvr.exe

--
End of file - 5261 bytes

[Reklama]

[KamilaS]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-12-07 22:22:42
-----------------------------
22:22:42.360 OS Version: Windows 6.1.7601 Service Pack 1
22:22:42.360 Number of processors: 2 586 0x2A07
22:22:42.360 ComputerName: PKSZABOVI UserName: kamca
22:22:43.328 Initialize success
22:22:43.343 VM: initialized successfully
22:22:43.343 VM: Intel CPU supported
22:22:48.766 VM: supported disk I/O ataport.SYS
22:22:56.971 AVAST engine defs: 16120701
22:23:41.033 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:23:41.033 Disk 0 Vendor: WDC_WD10EALX-009BA0 15.01H15 Size: 953869MB BusType: 11
22:23:41.127 VM: Disk 0 MBR read successfully
22:23:41.142 Disk 0 MBR scan
22:23:41.142 Disk 0 Windows 7 default MBR code
22:23:41.142 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:23:41.158 Disk 0 Boot: NTFS code=2
22:23:41.158 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
22:23:41.174 Disk 0 scanning sectors +1953521664
22:23:41.220 Disk 0 scanning C:\Windows\system32\drivers
22:23:48.381 Service scanning
22:24:01.594 Modules scanning
22:24:01.594 Disk 0 trace - called modules:
22:24:01.610 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys intelppm.sys
22:24:01.625 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x867b4318]
22:24:01.625 3 CLASSPNP.SYS[8c20459e] -> nt!IofCallDriver -> [0x862f8368]
22:24:01.625 5 ACPI.sys[8be383d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8628f908]
22:24:02.499 AVAST engine scan C:\Windows
22:24:10.814 AVAST engine scan C:\Windows\system32
22:25:59.203 AVAST engine scan C:\Windows\system32\drivers
22:26:08.719 AVAST engine scan C:\Users\kamca
22:32:07.722 Disk 0 MBR has been saved successfully to "C:\Users\kamca\Desktop\VIROZY\MBR.dat"
22:32:07.738 The log file has been saved successfully to "C:\Users\kamca\Desktop\VIROZY\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

[KamilaS]

# DelFix v1.013 - Logfile created 10/12/2016 at 09:31:21
# Updated 17/04/2016 by Xplode
# Username : kamca - PKSZABOVI
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2016-03-02-151600.log
Deleted : C:\zoek-results2016-05-31-155827.log
Deleted : C:\Users\kamca\Desktop\JRT.txt
Deleted : C:\Users\kamca\Desktop\ZOEKID.txt
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #223 [ComboFix created restore point | 12/10/2016 08:27:38]

New restore point created !

########## - EOF - ##########

[KamilaS]

Děkuju moc, zase, už tuším určitě po druhý v tomhle roce :(
i myš se umoudřila a budu se hodně přemlouvat a počkám až budou ty mý seriály na českých ne-warez a ne-torrentových úložištích k mání
díky a budu se revanžovat, Kamča

[jaro3]

Nemáš zač!
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.