prosím o kontrolu Vyřešeno

[mnouckk]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:27, on 13.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\Explorer.exe
C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1195113856-586066616-2882415649-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - Startup: Bitcoin.lnk = C:\Program Files\Bitcoin\bitcoin-qt.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:/postgreSQL/bin/pg_ctl.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 5236 bytes

[Reklama]

[mnouckk]

https://www.virustotal.com/cs/file/f2bd ... 389617892/

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\nircmdc.exe


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[mnouckk]

ComboFix 14-01-13.01 - mnouckk 14.01.2014 11:34:21.2.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3070.2307 [GMT 1:00]
Spuštěný z: c:\users\mnouckk\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\mnouckk\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\nircmdc.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\mnouckk\AppData\Roaming\Roaming
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-14 do 2014-01-14 )))))))))))))))))))))))))))))))
.
.
2014-01-14 10:42 . 2014-01-14 10:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-14 10:23 . 2014-01-14 10:44 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D552EF0F-F5C7-4D2F-AD10-FD2AC353CA6D}\offreg.dll
2014-01-13 14:25 . 2013-12-03 17:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D552EF0F-F5C7-4D2F-AD10-FD2AC353CA6D}\mpengine.dll
2014-01-11 18:46 . 2013-12-03 17:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-10 18:11 . 2013-12-19 18:37 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2014-01-10 18:09 . 2013-12-19 20:26 9657464 ----a-w- c:\windows\system32\nvopencl.dll
2014-01-10 18:09 . 2013-12-19 20:26 893728 ----a-w- c:\windows\system32\nvdispgenco3233221.dll
2014-01-10 18:09 . 2013-12-19 20:26 852768 ----a-w- c:\windows\system32\NvIFR.dll
2014-01-10 18:09 . 2013-12-19 20:26 847648 ----a-w- c:\windows\system32\NvFBC.dll
2014-01-10 18:09 . 2013-12-19 20:26 2947872 ----a-w- c:\windows\system32\nvcuvid.dll
2014-01-10 18:09 . 2013-12-19 20:26 2747680 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-01-10 18:09 . 2013-12-19 20:26 22960416 ----a-w- c:\windows\system32\nvoglv32.dll
2014-01-10 18:09 . 2013-12-19 20:26 15877216 ----a-w- c:\windows\system32\nvwgf2um.dll
2014-01-10 18:09 . 2013-12-19 20:26 1049888 ----a-w- c:\windows\system32\nvdispco3233221.dll
2014-01-10 18:09 . 2013-12-19 20:26 10471712 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-01-10 18:09 . 2013-12-19 20:26 9700224 ----a-w- c:\windows\system32\nvcuda.dll
2014-01-10 18:09 . 2013-12-19 20:26 17560352 ----a-w- c:\windows\system32\nvcompiler.dll
2014-01-10 09:57 . 2014-01-10 09:57 22688 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2014-01-10 09:57 . 2014-01-10 09:57 -------- d-----w- c:\program files\HWiNFO32
2014-01-10 08:59 . 2014-01-10 08:59 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2014-01-09 22:28 . 2014-01-09 22:28 -------- d-----w- c:\programdata\Malwarebytes
2014-01-09 22:28 . 2014-01-09 22:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-09 22:28 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-09 19:04 . 2014-01-09 19:04 -------- d-----w- c:\program files\HiJack
2014-01-05 12:28 . 2014-01-05 12:28 -------- d-----w- c:\programdata\Codemasters
2014-01-05 12:26 . 2013-08-11 14:40 43520 --s-a-w- c:\windows\system32\nircmdc.exe
2014-01-05 11:35 . 2013-09-04 01:15 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-05 11:35 . 2013-09-04 01:14 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-05 11:35 . 2013-09-04 01:14 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-05 11:35 . 2013-09-04 01:14 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-05 11:35 . 2013-09-04 01:14 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-05 11:35 . 2013-09-04 01:14 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-05 11:35 . 2013-09-04 01:14 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-04 19:26 . 2014-01-04 19:26 -------- d-----w- c:\program files\GSC World Publishing
2014-01-04 10:59 . 2013-12-05 08:42 34080 ----a-w- c:\windows\system32\drivers\nvvad32v.sys
2014-01-04 10:57 . 2013-12-10 02:13 982232 ----a-w- c:\windows\system32\nvspcap.dll
2014-01-04 10:56 . 2014-01-04 10:56 -------- d-----w- c:\program files\AGEIA Technologies
2014-01-04 10:55 . 2014-01-14 10:43 -------- d-----w- c:\programdata\NVIDIA
2014-01-04 10:55 . 2013-12-19 18:37 4317984 ----a-w- c:\windows\system32\nvcpl.dll
2014-01-04 10:55 . 2013-12-19 18:37 3036960 ----a-w- c:\windows\system32\nvsvc.dll
2014-01-04 10:55 . 2013-12-19 18:37 664352 ----a-w- c:\windows\system32\nvvsvc.exe
2014-01-04 10:55 . 2013-12-19 18:37 62752 ----a-w- c:\windows\system32\nvshext.dll
2014-01-04 10:55 . 2013-12-19 18:37 376096 ----a-w- c:\windows\system32\nvmctray.dll
2014-01-04 10:54 . 2013-12-19 20:26 53024 ----a-w- c:\windows\system32\OpenCL.dll
2014-01-04 10:54 . 2014-01-04 11:00 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-01-04 10:53 . 2013-12-05 08:42 32544 ----a-w- c:\windows\system32\nvaudcap32v.dll
2014-01-04 10:53 . 2013-11-14 11:55 893728 ----a-w- c:\windows\system32\nvdispgenco3233182.dll
2014-01-04 10:53 . 2013-11-14 11:55 1049888 ----a-w- c:\windows\system32\nvdispco3233182.dll
2014-01-04 10:53 . 2013-12-19 20:26 2698272 ----a-w- c:\windows\system32\nvapi.dll
2014-01-04 10:49 . 2014-01-10 18:12 -------- d-----w- c:\program files\NVIDIA Corporation
2014-01-04 10:44 . 2005-10-28 13:58 45056 ----a-w- c:\windows\system32\ActiveDestopOCX.ocx
2014-01-04 10:43 . 2014-01-04 10:43 -------- d-----w- c:\program files\MSI
2014-01-04 10:43 . 1998-10-02 18:00 327168 ----a-w- c:\windows\IsUninst.exe
2014-01-04 10:38 . 2008-10-02 09:07 453152 ----a-w- c:\windows\system32\NVUNINST.EXE
2014-01-04 10:16 . 2014-01-11 18:48 -------- d-----w- c:\program files\AIMP3
2014-01-04 10:06 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2014-01-04 09:53 . 2014-01-04 09:56 -------- d-----w- c:\windows\system32\MRT
2014-01-03 21:32 . 2014-01-03 21:32 -------- d-----w- c:\programdata\The Revills Games
2014-01-03 21:31 . 2014-01-03 21:32 -------- d-----w- c:\program files\Common Files\Adobe
2014-01-03 21:31 . 2014-01-03 21:31 -------- d-----w- c:\program files\Legends of Solitaire 2 - Curse of the Dragons
2014-01-03 21:31 . 2014-01-03 21:31 -------- d-----w- c:\windows\Legends of Solitaire 2 - Curse of the Dragons
2014-01-01 22:16 . 2014-01-01 22:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-01-01 20:44 . 2014-01-01 20:44 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-01-01 20:44 . 2014-01-01 20:44 -------- d-----w- c:\windows\PCHEALTH
2014-01-01 20:44 . 2014-01-01 20:44 -------- d-----w- c:\program files\Microsoft Sync Framework
2014-01-01 20:44 . 2014-01-01 20:44 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2014-01-01 20:42 . 2014-01-01 20:42 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2014-01-01 20:41 . 2014-01-01 20:41 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-01-01 20:40 . 2014-01-02 22:18 -------- d-----w- c:\programdata\Microsoft Help
2014-01-01 20:40 . 2014-01-01 20:40 -------- d-----r- C:\MSOCache
2014-01-01 20:34 . 2014-01-01 20:34 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-01 20:34 . 2014-01-10 18:53 -------- d-----w- c:\program files\DAEMON Tools Lite
2014-01-01 20:27 . 2014-01-01 20:40 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-01-01 19:21 . 2014-01-02 13:37 -------- d-----w- c:\program files\Holdem Manager 2
2014-01-01 13:37 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2014-01-01 13:37 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-01-01 13:37 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2014-01-01 13:37 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-01-01 01:24 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-01-01 01:24 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-01-01 01:10 . 2014-01-01 01:10 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-12-31 18:43 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-31 18:43 . 2013-09-25 02:01 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-12-31 18:43 . 2013-09-25 01:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-12-31 18:43 . 2013-07-04 12:16 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2013-12-31 18:43 . 2013-09-25 02:01 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-12-31 18:43 . 2013-09-25 01:57 99840 ----a-w- c:\windows\system32\sspicli.dll
2013-12-31 18:43 . 2013-09-25 01:57 22016 ----a-w- c:\windows\system32\secur32.dll
2013-12-31 18:43 . 2013-09-25 01:56 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-12-31 18:43 . 2013-09-25 01:56 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2013-12-31 18:43 . 2013-09-25 00:49 22016 ----a-w- c:\windows\system32\lsass.exe
2013-12-31 18:43 . 2013-09-25 00:49 15872 ----a-w- c:\windows\system32\sspisrv.dll
2013-12-31 18:41 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-12-31 18:40 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll
2013-12-31 18:39 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-12-31 18:14 . 2014-01-13 09:52 -------- d-----w- c:\users\postgres
2013-12-31 18:08 . 2014-01-01 19:46 -------- d-----w- c:\program files\PSQLINSTALL
2013-12-31 15:44 . 2013-12-31 15:44 -------- d-----w- c:\programdata\SP_FT_Logs
2013-12-31 07:54 . 2013-12-31 07:54 -------- d-----w- c:\windows\system32\SPReview
2013-12-31 07:54 . 2013-12-31 07:54 -------- d-----w- c:\windows\system32\EventProviders
2013-12-31 07:51 . 2014-01-11 09:11 -------- d-----w- c:\users\Guest
2013-12-30 22:34 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-12-30 22:32 . 2010-11-20 12:30 53120 ----a-w- c:\windows\system32\drivers\volmgr.sys
2013-12-30 22:31 . 2010-11-20 12:21 8704 ----a-w- c:\windows\system32\rdpcfgex.dll
2013-12-30 21:57 . 2013-10-27 22:41 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DD6078AC-1BDD-4201-B14C-36B308FCA642}\gapaengine.dll
2013-12-30 21:42 . 2013-12-30 21:42 -------- d-----w- c:\program files\Microsoft Security Client
2013-12-30 19:23 . 2013-12-30 19:23 -------- d-----w- c:\program files\Common Files\InstallShield
2013-12-30 19:23 . 2013-12-30 19:23 -------- d-----w- c:\program files\Browser Configuration Utility
2013-12-30 19:23 . 2008-05-02 14:08 146528 ----a-w- c:\windows\system32\dvmurl.dll
2013-12-30 19:22 . 2013-12-30 19:26 16608 ----a-w- c:\windows\gdrv.sys
2013-12-30 18:13 . 2013-12-30 22:09 -------- d-----w- c:\program files\LenovoUsbDriver
2013-12-30 17:24 . 2013-12-30 17:26 -------- d-----w- c:\program files\PdaNet for Android
2013-12-30 17:24 . 2011-07-19 10:28 13312 ----a-w- c:\windows\system32\drivers\pneteth.sys
2013-12-30 17:24 . 2009-11-08 01:41 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2013-12-30 17:24 . 2009-11-08 01:41 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-12-30 16:58 . 2013-12-30 16:58 -------- d-----w- c:\program files\TeamViewer
2013-12-30 16:58 . 2014-01-11 17:12 -------- d-----r- c:\program files\Skype
2013-12-30 16:58 . 2013-12-30 16:58 -------- d-----w- c:\program files\Common Files\Skype
2013-12-30 16:58 . 2014-01-03 11:10 -------- d-----w- c:\programdata\Skype
2013-12-30 14:43 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-12-30 14:43 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-12-30 14:43 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2013-12-30 14:43 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-12-30 14:43 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-12-30 14:43 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-10 10:53 . 2014-01-10 07:47 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 16384 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 14912 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 35968 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 9728 ----a-w- c:\windows\system32\drivers\wfplwf.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 63488 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 43392 ----a-w- c:\windows\system32\drivers\winhv.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 35328 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 21632 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 19024 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 19008 ----a-w- c:\windows\system32\drivers\wimmount.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 14336 ----a-w- c:\windows\system32\drivers\vwifimp.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 53120 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 48128 ----a-w- c:\windows\system32\drivers\vwififlt.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 40704 ----a-w- c:\windows\system32\drivers\vmstorfl.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 297040 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 245632 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 19968 ----a-w- c:\windows\system32\drivers\vwifibus.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 141904 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 5632 ----a-w- c:\windows\system32\drivers\vms3cap.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 17920 ----a-w- c:\windows\system32\drivers\VMBusHID.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 175360 ----a-w- c:\windows\system32\drivers\vmbus.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 111616 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 53328 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2014-01-10 10:53 . 2014-01-10 07:47 52736 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 16976 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 160128 ----a-w- c:\windows\system32\drivers\vhdmp.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 76288 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-10 10:53 . 2014-01-10 07:47 32832 ----a-w- c:\windows\system32\drivers\vdrvroot.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 26112 ----a-w- c:\windows\system32\drivers\usbrpm.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 19968 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 284672 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 6016 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 8192 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 57424 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-10 10:53 . 2014-01-10 07:47 55888 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2014-01-10 10:53 . 2014-01-10 07:47 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 39936 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 246784 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 108544 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 74752 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 53120 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 21504 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 53632 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 28032 ----a-w- c:\windows\system32\drivers\storvsc.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 21072 ----a-w- c:\windows\system32\drivers\stexstor.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 148864 ----a-w- c:\windows\system32\drivers\storport.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 12240 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 311808 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 310272 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 77888 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 71168 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 52304 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2014-01-10 10:53 . 2014-01-10 07:47 405504 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 40016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 17472 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2014-01-10 10:53 . 2014-01-10 07:47 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 13824 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 26624 ----a-w- c:\windows\system32\drivers\scfilter.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 140160 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 11264 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 85376 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 60928 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 2152088 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 139776 ----a-w- c:\windows\system32\drivers\Rt86win7.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 173440 ----a-w- c:\windows\system32\drivers\rdyboost.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 7168 ----a-w- c:\windows\system32\drivers\RDPREFMP.sys.bak
2014-01-10 10:53 . 2014-01-10 07:46 6656 ----a-w- c:\windows\system32\drivers\RDPENCDD.sys.bak
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"uTorrent"="c:\users\mnouckk\AppData\Roaming\uTorrent\utorrent.exe" [2013-12-29 393728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-04-02 75048]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6266880]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2013-12-10 982232]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
c:\users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Bitcoin.lnk - c:\program files\Bitcoin\bitcoin-qt.exe -min [2011-1-30 22613504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:a1179063 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [2011-07-19 13312]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-12-30 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-01-01 243128]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2014-01-10 22688]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2013/12/29 23:46];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-04-02 08:11 87536]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 14658848]
S2 postgresql-8.4;postgresql-8.4 - PostgreSQL Server 8.4;c:/postgreSQL/bin/pg_ctl.exe runservice -N postgresql-8.4 -D c:/postgreSQL/data -w [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-12-19 411936]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-12-05 34080]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-29 22:18 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-01-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-29 22:40]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 77.48.100.254 212.80.66.7
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="c:/postgreSQL/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="c:/postgreSQL/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"c:/postgreSQL/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrueSight]
"ImagePath"="\??\"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\postgresql\bin\pg_ctl.exe
c:\windows\system32\rundll32.exe
c:\postgresql\bin\postgres.exe
c:\windows\system32\conhost.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\postgresql\bin\postgres.exe
c:\windows\system32\taskhost.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\RtHDVCpl.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2014-01-14 11:49:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-01-14 10:49
ComboFix2.txt 2014-01-13 12:53
.
Před spuštěním: Volných bajtů: 53 295 628 288
Po spuštění: Volných bajtů: 53 097 037 824
.
- - End Of File - - 14341CC4BE983B65635065389A5F57FE
A36C5E4F47E84449FF07ED3517B43A31

[Orcus]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt


Jak to vypadá s problémy? + nový log z HJT.

[mnouckk]

# DelFix v10.6 - Logfile created 17/01/2014 at 10:56:06
# Updated 11/11/2013 by Xplode
# Username : mnouckk - MNOUCKK-PC
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\ComboFix.txt
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:57:03, on 17.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Bitcoin\bitcoin-qt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\mnouckk\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKUS\S-1-5-21-1195113856-586066616-2882415649-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - Startup: Bitcoin.lnk = C:\Program Files\Bitcoin\bitcoin-qt.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:/postgreSQL/bin/pg_ctl.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe

--
End of file - 5826 bytes





Práce PC je znatelně lepší, vše je rychlejší, problémy se zatím žádné neobjevují :)

[memphisto]

HJT vypadá OK. Pokud nemáš další problémy, tak můžeš téma uzavřít klikem na zelenou fajku vpravo nahoře