Prosím o kontrolu logu

[jaro3]

To je OK , zatržítko nedávej.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\system32\drivers\gfibto.sys

Folder::
c:\program files\ESET

Driver::
gfibto

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vToolbarUpdater14.2.0"=-
"a2AntiMalware"=-
"SBAMSvc"=-
"Ad-Aware Service"=-
"ASCAntivirusSrv"=-


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Reklama]

[sccotty]

Byl jsem týden pracovně mimo proto odpovídám až nyní
zde je log po čištění :

ComboFix 14-08-24.01 - Josef 24.08.2014 19:40:43.18.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3070.2462 [GMT 2:00]
Spuštěný z: c:\documents and settings\Josef\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Josef\Plocha\CFScript.txt
AV: AVG Internet Security 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2014 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
FILE ::
"c:\windows\system32\drivers\gfibto.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ESET
c:\program files\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files\ESET\ESET Online Scanner\log.txt
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod011C.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod09D0.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod101B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod14B3.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod1D82.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod2182.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod242C.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod267B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod2D97.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod2EA5.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod31F2.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod335C.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod4A1B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod4B37.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod51EE.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod60E6.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6739.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6BF8.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod773B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em023_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files\ESET\ESET Online Scanner\unicows.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GFIBTO
-------\Service_gfibto
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-24 do 2014-08-24 )))))))))))))))))))))))))))))))
.
.
2014-08-19 05:07 . 2014-08-19 05:07 -------- d-----w- c:\documents and settings\Josef\camingsoon
2014-08-17 20:18 . 2014-08-17 20:18 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Adobe
2014-08-14 17:54 . 2014-08-15 20:19 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-14 17:54 . 2014-08-14 17:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2014-08-14 17:28 . 2014-08-14 17:28 -------- d-----w- c:\windows\ERUNT
2014-08-14 17:16 . 2014-08-14 17:19 -------- d-----w- C:\AdwCleaner
2014-08-13 21:09 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-13 18:42 . 2014-08-13 18:42 -------- d-----w- C:\NVIDIA
2014-08-13 18:22 . 2014-08-13 18:22 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Nvidia Corporation
2014-08-12 20:25 . 2014-08-13 19:21 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-12 20:25 . 2014-08-13 19:21 699568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-12 18:04 . 2014-08-13 18:30 1178624 ----a-w- c:\documents and settings\Josef\Data aplikací\siw_sdk.dll
2014-08-04 17:39 . 2014-08-04 17:39 -------- d-----w- c:\documents and settings\Josef\Data aplikací\AVG2014
2014-08-04 17:38 . 2014-08-04 17:38 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2014
2014-08-04 17:37 . 2014-08-04 17:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG2014
2014-08-04 17:37 . 2014-08-04 17:37 -------- d-----w- C:\$AVG
2014-08-04 17:37 . 2014-08-04 17:37 -------- d-----w- c:\program files\AVG
2014-08-04 17:33 . 2014-08-04 20:08 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Avg2014
2014-08-04 17:21 . 2014-08-04 17:21 -------- d-----w- C:\OETemp
2014-08-04 07:24 . 2014-08-04 07:24 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Skype
2014-08-04 07:24 . 2014-08-04 07:24 -------- d-----w- c:\program files\Common Files\Skype
2014-08-04 07:23 . 2014-08-04 07:24 -------- d-----r- c:\program files\Skype
2014-08-02 16:11 . 2014-08-02 16:11 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-08-02 07:42 . 2014-07-02 20:43 906584 ----a-w- c:\windows\system32\nvdispgenco3234052.dll
2014-08-02 07:42 . 2014-07-02 20:43 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll
2014-08-02 07:11 . 2014-08-02 07:11 -------- d-----w- c:\program files\Common Files\Java
2014-08-02 07:11 . 2014-07-11 00:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-08-02 07:11 . 2014-07-11 01:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-25 20:14 . 2014-02-01 19:46 28448 ----a-w- c:\windows\system32\nvhdap32.dll
2014-07-25 20:14 . 2014-02-01 19:30 129312 ----a-w- c:\windows\system32\drivers\nvhda32.sys
2014-07-02 20:43 . 2014-02-19 19:44 65536 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:43 . 2013-09-21 07:21 23658496 ----a-w- c:\windows\system32\nvoglnt.dll
2014-07-02 20:43 . 2013-09-21 07:21 11169792 ----a-w- c:\windows\system32\nvopencl.dll
2014-07-02 20:43 . 2013-09-21 07:21 2977568 ----a-w- c:\windows\system32\nvcuvid.dll
2014-07-02 20:43 . 2013-09-21 07:21 11108352 ----a-w- c:\windows\system32\nvcuda.dll
2014-07-02 20:43 . 2013-09-21 07:21 2747392 ----a-w- c:\windows\system32\nvapi.dll
2014-07-02 20:43 . 2013-09-21 07:21 15286272 ----a-w- c:\windows\system32\nvcompiler.dll
2014-07-02 20:43 . 2012-09-15 18:00 4122880 ----a-w- c:\windows\system32\nv4_disp.dll
2014-07-02 20:43 . 2012-09-15 17:58 12695512 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2014-07-02 18:43 . 2014-02-19 20:22 270336 ----a-w- c:\windows\system32\nvrsru.dll
2014-07-02 18:43 . 2014-02-19 20:22 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrstr.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrssl.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrssk.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrsth.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrssv.dll
2014-07-02 18:43 . 2014-02-19 20:22 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2014-07-02 18:43 . 2014-02-19 20:22 126976 ----a-w- c:\windows\system32\nvrszht.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrspt.dll
2014-07-02 18:43 . 2014-02-19 20:22 335872 ----a-w- c:\windows\system32\nvrshe.dll
2014-07-02 18:43 . 2014-02-19 20:22 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2014-07-02 18:43 . 2014-02-19 20:22 282624 ----a-w- c:\windows\system32\nvrsit.dll
2014-07-02 18:43 . 2014-02-19 20:22 282624 ----a-w- c:\windows\system32\nvrses.dll
2014-07-02 18:43 . 2014-02-19 20:22 282624 ----a-w- c:\windows\system32\nvrsel.dll
2014-07-02 18:43 . 2014-02-19 20:22 278528 ----a-w- c:\windows\system32\nvrsde.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrsja.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2014-07-02 18:43 . 2014-02-19 20:22 266240 ----a-w- c:\windows\system32\nvrsko.dll
2014-07-02 18:43 . 2014-02-19 20:22 262144 ----a-w- c:\windows\system32\nvrshu.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrspl.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrsno.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrsda.dll
2014-07-02 18:43 . 2014-02-19 20:22 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2014-07-02 18:43 . 2014-02-19 20:22 249856 ----a-w- c:\windows\system32\nvrseng.dll
2014-07-02 18:43 . 2014-02-19 20:22 249856 ----a-w- c:\windows\system32\nvrscs.dll
2014-07-02 18:43 . 2014-02-19 20:22 335872 ----a-w- c:\windows\system32\nvrsar.dll
2014-07-02 18:41 . 2014-02-19 20:22 54272 ----a-w- c:\windows\system32\nvwddi.dll
2014-07-02 18:41 . 2014-02-19 20:22 157144 ----a-w- c:\windows\system32\nvsvc32.exe
2014-07-02 18:41 . 2014-02-19 20:22 15724320 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:41 . 2014-02-19 20:22 376096 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:41 . 2014-02-19 20:22 145352 ----a-w- c:\windows\system32\nvcolor.exe
2014-06-30 10:43 . 2014-06-30 10:43 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-06-17 14:22 . 2014-06-17 14:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-06-17 14:21 . 2014-06-17 14:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-06-17 14:18 . 2014-06-17 14:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-06-17 14:17 . 2014-06-17 14:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-06-17 14:17 . 2014-06-17 14:17 190232 ----a-w- c:\windows\system32\drivers\avgidsdriverlx.sys
2014-06-17 14:06 . 2014-06-17 14:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-06-17 14:06 . 2014-06-17 14:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-06-17 14:06 . 2014-06-17 14:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE" [2012-02-29 249440]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\drivermax.exe" [2014-05-29 8481656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"RTHDCPL"="RTHDCPL.EXE" [2013-10-04 20145368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-08-11 5187088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2014-07-02 15724320]
"NvMediaCenter"="NvMCTray.dll" [2014-07-02 376096]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2014-07-02 2593056]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-11-29 569405]
Mozilla Firefox.lnk - c:\program files\Mozilla Firefox\firefox.exe [2014-8-2 275568]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Skype C2C Service"=2 (0x2)
"AdvancedSystemCareService6"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [17.6.2014 16:17 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [17.6.2014 16:18 241944]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [17.6.2014 16:06 27416]
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [21.2.2013 22:25 102728]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [30.6.2014 12:43 121624]
R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [17.6.2014 16:17 190232]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [17.6.2014 16:06 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [17.6.2014 16:22 188696]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [17.6.2014 16:21 197400]
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2014\avgfws.exe [11.8.2014 14:42 1417160]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [11.8.2014 14:51 3244048]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [11.8.2014 14:36 289328]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [7.12.2013 17:16 2151200]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [19.2.2014 22:24 1720608]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [5.6.2014 4:19 93040]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 20:52 30944]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [15.9.2012 19:17 61040]
S1 AntiLog32;AntiLog32;\??\c:\windows\system32\drivers\AntiLog32.sys --> c:\windows\system32\drivers\AntiLog32.sys [?]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11.5.2013 7:39 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 20:52 30944]
S3 cleanhlp;cleanhlp;c:\chipdvd\emergencykit\Run\cleanhlp32.sys [7.9.2013 2:07 50200]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [22.2.2013 22:32 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [22.2.2013 22:34 11520]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [22.7.2013 15:39 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [22.7.2013 15:39 8576]
S3 pimou;Pluralinput Mouse 0.8.2.0;c:\windows\system32\drivers\pimou.sys [9.5.2013 19:29 20808]
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys --> c:\windows\system32\drivers\RkPavproc1.sys [?]
S3 usbcamcl;Driver for usbcamcl Device;c:\windows\system32\drivers\usbcamcl.sys [3.2.2013 21:05 38784]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - SASKUTIL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-18 23:28]
.
2014-08-24 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-18 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 46.252.224.18 8.8.8.8
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\lsdcg728.default-1395259197171\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-24 19:52
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(316)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia 1\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia 1\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia 1\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia 1\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files\Windows Desktop Search\WindowsSearch.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2014-08-24 19:58:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-24 17:58
ComboFix2.txt 2014-08-16 11:01
ComboFix3.txt 2014-08-11 19:29
ComboFix4.txt 2014-07-22 17:04
ComboFix5.txt 2014-08-24 17:37
.
Před spuštěním: Volných bajtů: 150 532 448 256
Po spuštění: Volných bajtů: 150 509 322 240
.
- - End Of File - - 4634843205D29158922EA7F5832B1FA3
413FC2A0C716421B3158746D63736515

[sccotty]

A zde je požadovaný log z HijackThis :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:50, on 24.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 31.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2014\avgfws.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Josef\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX430"
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7784572734
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8086 bytes

[sccotty]

a tady máme poslední log z

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-24 20:06:39
-----------------------------
20:06:39.109 OS Version: Windows 5.1.2600 Service Pack 3
20:06:39.109 Number of processors: 2 586 0xF02
20:06:39.109 ComputerName: PETR UserName:
20:06:39.796 Initialize success
20:06:39.828 VM: initialized successfully
20:06:39.843 VM: Intel CPU virtualization not supported
20:07:01.265 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:07:01.265 Disk 0 Vendor: WDC_WD3200AAKS-00SBA0 12.01B01 Size: 305244MB BusType: 3
20:07:01.343 Disk 0 MBR read successfully
20:07:01.343 Disk 0 MBR scan
20:07:01.343 Disk 0 Windows XP default MBR code
20:07:01.359 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305234 MB offset 63
20:07:01.359 Disk 0 Boot: NTFS code=1
20:07:01.359 Disk 0 scanning sectors +625121280
20:07:01.421 Disk 0 scanning C:\WINDOWS\system32\drivers
20:07:06.187 Service scanning
20:07:13.312 Modules scanning
20:07:17.500 Disk 0 trace - called modules:
20:07:18.015 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
20:07:18.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b1bbab8]
20:07:18.015 3 CLASSPNP.SYS[b80e8fd7] -> nt!IofCallDriver -> \Device\0000006a[0x8b145200]
20:07:18.015 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8b144940]
20:07:18.031 Scan finished successfully
20:07:36.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Josef\Plocha\MBR.dat"
20:07:36.203 The log file has been saved successfully to "C:\Documents and Settings\Josef\Plocha\aswMBR.txt"

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

Driver::
AntiLog32
SBRE
RkPavproc1

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[sccotty]

Provedl jsem vče co jsem měl a ve správném postupu
log z ComboFixu mi nevyběhl a ani není nikde uložen našel jsem jen toto :

ComboFix 14-08-24.01 - Josef 25.08.2014 11:52:26.19.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3070.2539 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Josef\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Josef\Plocha\CFScript.txt
AV: AVG Internet Security 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2014 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

a zde je log z HijackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:47:14, on 25.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 31.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG2014\avgfws.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVG\AVG2014\avgui.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE
C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Josef\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX430"
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
O4 - HKUS\S-1-5-21-1715567821-854245398-682003330-1005\..\Run: [CTFMON.EXE] "C:\WINDOWS\system32\CTFMON.EXE" (User '?')
O4 - HKUS\S-1-5-21-1715567821-854245398-682003330-1012\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1715567821-854245398-682003330-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7784572734
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 8124 bytes

[jaro3]

Log by měl být ve zde:
C:\Qoobox

[sccotty]

bohužel v uvedené složce je sice několik logů,ale ani jeden neí ze dne 25.8.14
Jsou tam jen dřívější logy.
Bohužel nic nemám,mám spustit ComboFix znovu?

[jaro3]

Jo udělej Combofix znovu , po restartu trvá někdy velmi dlouho , než se log vyhotoví.

[sccotty]

ComboFix 14-08-26.02 - Josef 26.08.2014 19:56:12.20.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3070.2476 [GMT 2:00]
Spuštěný z: c:\documents and settings\Josef\Plocha\ComboFix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2014 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ANTILOG32
-------\Legacy_SBRE
-------\Service_AntiLog32
-------\Service_RkPavproc1
-------\Service_SBRE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-26 do 2014-08-26 )))))))))))))))))))))))))))))))
.
.
2014-08-25 15:33 . 2014-08-25 15:33 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-08-19 05:07 . 2014-08-19 05:07 -------- d-----w- c:\documents and settings\Josef\camingsoon
2014-08-17 20:18 . 2014-08-17 20:18 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Adobe
2014-08-14 17:54 . 2014-08-15 20:19 29160 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-14 17:54 . 2014-08-14 17:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RogueKiller
2014-08-14 17:28 . 2014-08-14 17:28 -------- d-----w- c:\windows\ERUNT
2014-08-14 17:16 . 2014-08-14 17:19 -------- d-----w- C:\AdwCleaner
2014-08-13 21:09 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-13 18:22 . 2014-08-13 18:22 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Nvidia Corporation
2014-08-12 20:25 . 2014-08-13 19:21 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-12 20:25 . 2014-08-13 19:21 699568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-08-12 18:04 . 2014-08-13 18:30 1178624 ----a-w- c:\documents and settings\Josef\Data aplikací\siw_sdk.dll
2014-08-04 17:39 . 2014-08-04 17:39 -------- d-----w- c:\documents and settings\Josef\Data aplikací\AVG2014
2014-08-04 17:38 . 2014-08-04 17:38 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2014
2014-08-04 17:37 . 2014-08-04 17:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG2014
2014-08-04 17:37 . 2014-08-04 17:37 -------- d-----w- C:\$AVG
2014-08-04 17:37 . 2014-08-04 17:37 -------- d-----w- c:\program files\AVG
2014-08-04 17:33 . 2014-08-04 20:08 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Avg2014
2014-08-04 17:21 . 2014-08-04 17:21 -------- d-----w- C:\OETemp
2014-08-04 07:24 . 2014-08-04 07:24 -------- d-----w- c:\documents and settings\Josef\Local Settings\Data aplikací\Skype
2014-08-04 07:24 . 2014-08-04 07:24 -------- d-----w- c:\program files\Common Files\Skype
2014-08-04 07:23 . 2014-08-04 07:24 -------- d-----r- c:\program files\Skype
2014-08-02 07:42 . 2014-07-02 20:43 906584 ----a-w- c:\windows\system32\nvdispgenco3234052.dll
2014-08-02 07:42 . 2014-07-02 20:43 1054552 ----a-w- c:\windows\system32\nvdispco3234052.dll
2014-08-02 07:11 . 2014-08-02 07:11 -------- d-----w- c:\program files\Common Files\Java
2014-08-02 07:11 . 2014-07-11 00:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-08-02 07:11 . 2014-07-11 01:02 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-25 20:14 . 2014-02-01 19:46 28448 ----a-w- c:\windows\system32\nvhdap32.dll
2014-07-25 20:14 . 2014-02-01 19:30 129312 ----a-w- c:\windows\system32\drivers\nvhda32.sys
2014-07-02 20:43 . 2014-02-19 19:44 65536 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:43 . 2013-09-21 07:21 23658496 ----a-w- c:\windows\system32\nvoglnt.dll
2014-07-02 20:43 . 2013-09-21 07:21 11169792 ----a-w- c:\windows\system32\nvopencl.dll
2014-07-02 20:43 . 2013-09-21 07:21 2977568 ----a-w- c:\windows\system32\nvcuvid.dll
2014-07-02 20:43 . 2013-09-21 07:21 11108352 ----a-w- c:\windows\system32\nvcuda.dll
2014-07-02 20:43 . 2013-09-21 07:21 2747392 ----a-w- c:\windows\system32\nvapi.dll
2014-07-02 20:43 . 2013-09-21 07:21 15286272 ----a-w- c:\windows\system32\nvcompiler.dll
2014-07-02 20:43 . 2012-09-15 18:00 4122880 ----a-w- c:\windows\system32\nv4_disp.dll
2014-07-02 20:43 . 2012-09-15 17:58 12695512 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2014-07-02 18:43 . 2014-02-19 20:22 270336 ----a-w- c:\windows\system32\nvrsru.dll
2014-07-02 18:43 . 2014-02-19 20:22 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrstr.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrssl.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrssk.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrsth.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrssv.dll
2014-07-02 18:43 . 2014-02-19 20:22 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2014-07-02 18:43 . 2014-02-19 20:22 126976 ----a-w- c:\windows\system32\nvrszht.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrspt.dll
2014-07-02 18:43 . 2014-02-19 20:22 335872 ----a-w- c:\windows\system32\nvrshe.dll
2014-07-02 18:43 . 2014-02-19 20:22 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2014-07-02 18:43 . 2014-02-19 20:22 282624 ----a-w- c:\windows\system32\nvrsit.dll
2014-07-02 18:43 . 2014-02-19 20:22 282624 ----a-w- c:\windows\system32\nvrses.dll
2014-07-02 18:43 . 2014-02-19 20:22 282624 ----a-w- c:\windows\system32\nvrsel.dll
2014-07-02 18:43 . 2014-02-19 20:22 278528 ----a-w- c:\windows\system32\nvrsde.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrsja.dll
2014-07-02 18:43 . 2014-02-19 20:22 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2014-07-02 18:43 . 2014-02-19 20:22 266240 ----a-w- c:\windows\system32\nvrsko.dll
2014-07-02 18:43 . 2014-02-19 20:22 262144 ----a-w- c:\windows\system32\nvrshu.dll
2014-07-02 18:43 . 2014-02-19 20:22 258048 ----a-w- c:\windows\system32\nvrspl.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrsno.dll
2014-07-02 18:43 . 2014-02-19 20:22 253952 ----a-w- c:\windows\system32\nvrsda.dll
2014-07-02 18:43 . 2014-02-19 20:22 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2014-07-02 18:43 . 2014-02-19 20:22 249856 ----a-w- c:\windows\system32\nvrseng.dll
2014-07-02 18:43 . 2014-02-19 20:22 249856 ----a-w- c:\windows\system32\nvrscs.dll
2014-07-02 18:43 . 2014-02-19 20:22 335872 ----a-w- c:\windows\system32\nvrsar.dll
2014-07-02 18:41 . 2014-02-19 20:22 54272 ----a-w- c:\windows\system32\nvwddi.dll
2014-07-02 18:41 . 2014-02-19 20:22 157144 ----a-w- c:\windows\system32\nvsvc32.exe
2014-07-02 18:41 . 2014-02-19 20:22 15724320 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:41 . 2014-02-19 20:22 376096 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:41 . 2014-02-19 20:22 145352 ----a-w- c:\windows\system32\nvcolor.exe
2014-06-30 10:43 . 2014-06-30 10:43 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-06-17 14:22 . 2014-06-17 14:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-06-17 14:21 . 2014-06-17 14:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-06-17 14:18 . 2014-06-17 14:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-06-17 14:17 . 2014-06-17 14:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-06-17 14:17 . 2014-06-17 14:17 190232 ----a-w- c:\windows\system32\drivers\avgidsdriverlx.sys
2014-06-17 14:06 . 2014-06-17 14:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-06-17 14:06 . 2014-06-17 14:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-06-17 14:06 . 2014-06-17 14:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE" [2012-02-29 249440]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\drivermax.exe" [2014-05-29 8481656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"RTHDCPL"="RTHDCPL.EXE" [2013-10-04 20145368]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-08-11 5187088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2014-07-02 15724320]
"NvMediaCenter"="NvMCTray.dll" [2014-07-02 376096]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2014-07-02 2593056]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-11-29 569405]
Mozilla Firefox.lnk - c:\program files\Mozilla Firefox\firefox.exe [2014-8-25 275568]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ c:\progra~1\AVG\AVG2014\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Skype C2C Service"=2 (0x2)
"AdvancedSystemCareService6"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2014\\avgemcx.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [17.6.2014 16:17 147736]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [17.6.2014 16:18 241944]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [17.6.2014 16:06 27416]
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [21.2.2013 22:25 102728]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [30.6.2014 12:43 121624]
R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [17.6.2014 16:17 190232]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [17.6.2014 16:06 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [17.6.2014 16:22 188696]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [17.6.2014 16:21 197400]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [11.8.2014 14:36 289328]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [7.12.2013 17:16 2151200]
R2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [19.2.2014 22:24 1720608]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [5.6.2014 4:19 93040]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 20:52 30944]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [15.9.2012 19:17 61040]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2014\avgfws.exe [11.8.2014 14:42 1417160]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [11.8.2014 14:51 3244048]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11.5.2013 7:39 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 20:52 30944]
S3 cleanhlp;cleanhlp;c:\chipdvd\emergencykit\Run\cleanhlp32.sys [7.9.2013 2:07 50200]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [22.2.2013 22:32 20480]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [22.2.2013 22:34 11520]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [22.7.2013 15:39 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [22.7.2013 15:39 8576]
S3 pimou;Pluralinput Mouse 0.8.2.0;c:\windows\system32\drivers\pimou.sys [9.5.2013 19:29 20808]
S3 usbcamcl;Driver for usbcamcl Device;c:\windows\system32\drivers\usbcamcl.sys [3.2.2013 21:05 38784]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - SASKUTIL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-08 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-18 23:28]
.
2014-08-26 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-18 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 46.252.224.18 8.8.8.8
FF - ProfilePath - c:\documents and settings\Josef\Data aplikací\Mozilla\Firefox\Profiles\0vf7a95j.default-1408979692468\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-26 20:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2848)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2014-08-26 20:08:06
ComboFix-quarantined-files.txt 2014-08-26 18:08
ComboFix2.txt 2014-08-24 17:58
ComboFix3.txt 2014-08-16 11:01
ComboFix4.txt 2014-08-11 19:29
ComboFix5.txt 2014-08-25 09:51
.
Před spuštěním: Volných bajtů: 150 739 697 664
Po spuštění: Volných bajtů: 150 724 177 920
.
- - End Of File - - 8F97AD1C92775983AB642B354738D0AF
413FC2A0C716421B3158746D63736515

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?