VIRY.CZ

Zdravím. Tak jako u ostatních, tak i mne poslední dobou vyskakují okna při prohlížení webu. Je to docela obtěžující...
Firefox jsem už i přeinstaloval a nic...
Přiznávám, že nějakou dobu jsem fungoval bez antiviru, protože mi díky němu (nová verze AVG) padal počítač...

Tady je záznam z RSIT a děkuji za jakoukoliv pomoc

Logfile of random's system information tool 1.09 (written by random/random)
Run by jiri.domes at 2013-05-21 08:00:27
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 50 GB (33%) free of 149 GB
Total RAM: 3071 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:00:29, on 21.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\Mouse Suite\ico.exe
C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gKbStatus.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\Lenovo\Mouse Suite\FSRremoS.EXE
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\AVG Secure Search\vprot.exe
C:\Users\jiri.domes\Downloads\RSIT.exe
C:\Program Files\trend micro\jiri.domes.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] C:\Program Files\Lenovo\Mouse Suite\ICO.EXE
O4 - HKLM\..\Run: [LenovoFSC] C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [PWRAGD] C:\PROGRA~1\ThinkPad\UTILIT~1\DPMHost.exe
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1403638349-286047545-2685503980-1136\..\RunOnce: [spchecker] "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" (User 'martin.stanovsky')
O4 - HKUS\S-1-5-21-2594905218-22413792-4174103309-1003\..\RunOnce: [spchecker] "C:\Program Files\AVG\AVG10\Notification\SPCheckerTE.exe" (User 'prospect')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = prospect.local
O17 - HKLM\Software\..\Telephony: DomainName = prospect.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = prospect.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = prospect.local
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O20 - AppInit_DLLs: c:\progra~1\saveby~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe

--
End of file - 8398 bytes

======Scheduled tasks folder======

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\{EFDFDC05-1BE2-497F-BCD8-FB317827DFB1}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\jiri.domes\AppData\Roaming\Mozilla\Firefox\Profiles\myc2tvih.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1410, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"
prefs.js - "keyword.URL" - ""

"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\15.2.0.5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml

C:\Users\jiri.domes\AppData\Roaming\Mozilla\Firefox\Profiles\myc2tvih.default\extensions\
50ffd70e445c6@50ffd70e44600.com
50ffd95e20abd@50ffd95e20af6.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{95B7759C-8C7F-4BF1-B163-73684A933233}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Mouse Suite 98 Daemon"=C:\Program Files\Lenovo\Mouse Suite\ICO.EXE [2009-01-04 65536]
""= []
"LenovoFSC"=C:\Program Files\Lenovo\FanSpeedControl\LenovoFSC.exe [2009-06-26 49152]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-02 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-02 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-02 151064]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"PWRAGD"=C:\PROGRA~1\ThinkPad\UTILIT~1\DPMHost.exe [2009-08-13 72256]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2007-12-17 61440]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-05-21 1226928]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\saveby~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWelcomeScreen"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-05-21 07:53:57 ----D---- C:\rsit
2013-05-21 07:53:57 ----D---- C:\Program Files\trend micro
2013-05-21 07:53:20 ----D---- C:\ProgramData\StarApp
2013-05-16 06:59:03 ----D---- C:\Program Files\Common Files\Adobe
2013-05-16 06:58:50 ----SHD---- C:\Config.Msi
2013-05-15 06:58:26 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-15 06:58:26 ----A---- C:\Windows\system32\jscript9.dll
2013-05-15 06:58:26 ----A---- C:\Windows\system32\jscript.dll
2013-05-15 06:58:26 ----A---- C:\Windows\system32\iesetup.dll
2013-05-15 06:58:25 ----A---- C:\Windows\system32\urlmon.dll
2013-05-15 06:58:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-15 06:58:25 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-15 06:58:25 ----A---- C:\Windows\system32\ieui.dll
2013-05-15 06:58:25 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-15 06:58:25 ----A---- C:\Windows\system32\iernonce.dll
2013-05-15 06:58:25 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-15 06:58:24 ----A---- C:\Windows\system32\iertutil.dll
2013-05-15 06:58:23 ----A---- C:\Windows\system32\wininet.dll
2013-05-15 06:58:22 ----A---- C:\Windows\system32\ieframe.dll
2013-05-15 06:58:20 ----A---- C:\Windows\system32\mshtml.dll
2013-05-15 06:52:55 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 06:52:55 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 06:52:54 ----A---- C:\Windows\system32\win32k.sys
2013-05-15 06:52:47 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 06:52:47 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 06:52:44 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 06:52:44 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 06:52:44 ----A---- C:\Windows\system32\consent.exe
2013-05-15 06:52:44 ----A---- C:\Windows\system32\authui.dll
2013-05-15 06:52:44 ----A---- C:\Windows\system32\appinfo.dll
2013-05-14 13:22:51 ----D---- C:\Users\jiri.domes\AppData\Roaming\Siemens
2013-05-07 06:55:11 ----D---- C:\Program Files\Mozilla Firefox
2013-05-06 14:10:27 ----D---- C:\Windows\system32\Fonts
2013-05-06 13:51:00 ----D---- C:\Program Files\ZWCAD+ 2012 CSY
2013-05-03 08:39:29 ----D---- C:\ProgramData\AVG Secure Search
2013-05-03 08:39:18 ----A---- C:\Windows\system32\drivers\avgtpx86.sys
2013-05-03 08:39:14 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-05-03 08:39:11 ----D---- C:\Program Files\AVG Secure Search
2013-05-03 08:30:28 ----D---- C:\Users\jiri.domes\AppData\Roaming\AVG2013
2013-05-03 08:29:16 ----D---- C:\Users\jiri.domes\AppData\Roaming\TuneUp Software
2013-05-03 08:28:06 ----HD---- C:\$AVG
2013-04-24 07:34:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-24 07:29:30 ----D---- C:\Program Files\Common Files\Java
2013-04-24 07:28:58 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-04-24 07:28:58 ----A---- C:\Windows\system32\javaw.exe
2013-04-24 07:28:58 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2013-05-21 08:00:27 ----D---- C:\Windows\Temp
2013-05-21 07:54:09 ----D---- C:\Windows\Prefetch
2013-05-21 07:53:57 ----RD---- C:\Program Files
2013-05-21 07:53:20 ----HD---- C:\ProgramData
2013-05-21 07:53:20 ----D---- C:\ProgramData\InstallMate
2013-05-21 07:25:23 ----D---- C:\Windows\Panther
2013-05-21 07:25:23 ----D---- C:\Windows\Minidump
2013-05-21 07:25:23 ----D---- C:\Windows\inf
2013-05-21 07:25:23 ----D---- C:\Windows\debug
2013-05-21 07:25:23 ----D---- C:\Windows
2013-05-21 06:59:07 ----D---- C:\Windows\system32\config
2013-05-21 06:48:35 ----D---- C:\ProgramData\MFAData
2013-05-20 14:49:31 ----D---- C:\Users\jiri.domes\AppData\Roaming\Adobe
2013-05-20 14:46:17 ----D---- C:\Windows\System32
2013-05-20 14:46:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-16 08:57:49 ----D---- C:\Windows\rescache
2013-05-16 08:11:08 ----D---- C:\Windows\Microsoft.NET
2013-05-16 08:10:46 ----RSD---- C:\Windows\assembly
2013-05-16 07:30:41 ----SHD---- C:\Windows\Installer
2013-05-16 07:03:16 ----D---- C:\ProgramData\Adobe
2013-05-16 07:01:50 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-05-16 06:59:03 ----D---- C:\Program Files\Common Files
2013-05-16 06:59:03 ----D---- C:\Program Files\Adobe
2013-05-16 06:46:53 ----D---- C:\Windows\winsxs
2013-05-15 14:46:27 ----D---- C:\Windows\system32\drivers
2013-05-15 14:46:27 ----D---- C:\Windows\system32\cs-CZ
2013-05-15 14:46:27 ----D---- C:\Windows\AppPatch
2013-05-15 14:46:27 ----D---- C:\Program Files\Internet Explorer
2013-05-15 11:52:43 ----SHD---- C:\System Volume Information
2013-05-15 06:59:26 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 06:58:41 ----D---- C:\Windows\system32\catroot
2013-05-15 06:58:40 ----D---- C:\Windows\system32\catroot2
2013-05-15 06:54:38 ----A---- C:\Windows\system32\MRT.exe
2013-05-14 13:22:49 ----D---- C:\Program Files\Siemens
2013-05-07 06:55:25 ----D---- C:\Program Files\Mozilla Firefox.bak
2013-05-06 14:21:13 ----A---- C:\Windows\system32\Ry4CoInst.dll
2013-05-03 09:00:39 ----D---- C:\ProgramData\SaveByclick
2013-05-03 08:33:56 ----D---- C:\Windows\system32\wdi
2013-05-03 08:29:36 ----D---- C:\ProgramData\AVG2013
2013-05-03 08:28:22 ----D---- C:\Windows\system32\DriverStore
2013-04-24 07:28:58 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-11-15 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-09-21 164832]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-05-21 37664]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2007-07-19 16384]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2007-07-20 9856]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-05 2745760]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-11-13 33088]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2013-05-06 26976]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SuperIO;Lenovo ASD HWM Driver; C:\Windows\system32\DRIVERS\spio.sys [2009-06-06 11720]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-01-27 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-01-27 25512]
S3 gMouPS2;PS2 Scroll Mouse Device; C:\Windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\Windows\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\Windows\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\Windows\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pelmouse;Mouse Suite Driver; C:\Windows\system32\DRIVERS\pelmouse.sys [2009-04-21 18944]
S3 pelusblf;USB Mouse Low Filter Driver; C:\Windows\system32\DRIVERS\pelusblf.sys [2006-10-14 14592]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usbser;Ovladač modemu USB; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-13 72256]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-05 15872]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-29 1019904]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-02-15 1045328]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Zdravim
Stiahnite OTL
http://oldtimer.geekstogo.com/OTL.exe
na plochu
Spustite, potom do spodného políčka vlož nasledujuci skript. Označte položku
Pre všetkých užívateľov.
Kliknite na tlačidlo OPRAVIT
Po dokončení, sem vložte log.

2:spust podla navodu ADWcleanet>>Moznost>>DELETE
http://www.viruskasino.com/2012/09/adwcleaner.html
Log Vloz sem.
3:Spust ako Spravca JunkwareRemovalool.
http://www.viruskasino.com/2010/12/prog ... moval-tool
Log vloz sem.
4:Spust Combofix
http://www.bleepingcomputer.com/combofi ... t-combofix
Log vloz sem.

Taaaakže, výstup z OTL:

All processes killed
========== FILES ==========
C:\ProgramData\SaveByclick folder moved successfully.
c:\progra~1\SaveByClick folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: jiri.domes
->Temp folder emptied: 2288530 bytes
->Temporary Internet Files folder emptied: 1089832230 bytes
->Java cache emptied: 36707214 bytes
->FireFox cache emptied: 313477900 bytes
->Flash cache emptied: 1524 bytes

User: JIRI~1~DOM
->Temp folder emptied: 0 bytes

User: martin.stanovsky
->Temp folder emptied: 299673 bytes
->Temporary Internet Files folder emptied: 1196663 bytes
->Java cache emptied: 13690431 bytes

User: prospect
->Temp folder emptied: 858642 bytes
->Temporary Internet Files folder emptied: 329756 bytes
->Java cache emptied: 13690431 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 29677928 bytes
RecycleBin emptied: 290273884 bytes

Total Files Cleaned = 1,709.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 05212013_120909

Files\Folders moved on Reboot...
C:\Users\jiri.domes\AppData\Local\Temp\ExchangePerflog_8484fa3126f66276cfcccd43.dat moved successfully.
File\Folder C:\Users\jiri.domes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{869DD211-5CAF-4DA3-946C-BB8AF5D4F9F8}.tmp not found!
File\Folder C:\Users\jiri.domes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{E410D925-85CD-4DCA-AF30-DFF83F228AE0}.tmp not found!
C:\Users\jiri.domes\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\hlktmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Výstup z ADWcleaner

# AdwCleaner v2.301 - Log vytvooen 21/05/2013 v 12:23:53
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (32 bits)
# Uživatel : jiri.domes - PC-11-1
# Spuštin systém : Normální
# Spuštino z : C:\Users\jiri.domes\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files\AVG Secure Search
Složka Vymazáno : C:\ProgramData\AVG Secure Search
Složka Vymazáno : C:\ProgramData\AVG Security Toolbar
Složka Vymazáno : C:\ProgramData\clsoft ltd
Složka Vymazáno : C:\ProgramData\InstallMate
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByClick
Složka Vymazáno : C:\Users\jiri.domes\AppData\Local\AVG Secure Search
Složka Vymazáno : C:\Users\jiri.domes\AppData\Local\AVG Security Toolbar
Složka Vymazáno : C:\Users\jiri.domes\AppData\LocalLow\AVG Secure Search
Složka Vymazáno : C:\Users\jiri.domes\AppData\LocalLow\SaveByClick
Složka Vymazáno : C:\Users\jiri.domes\AppData\LocalLow\Toolbar4
Složka Vymazáno : C:\Users\jiri.domes\AppData\Roaming\pdfforge
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Vymazáno poi restartu : C:\Program Files\Common Files\AVG Secure Search
Vymazáno poi restartu : C:\ProgramData\BetterSoft

***** [Registry] *****

Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Klíe Vymazáno : HKCU\Software\AppDataLow\SProtector
Klíe Vymazáno : HKCU\Software\AVG Secure Search
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Vymazáno : HKLM\Software\Description
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26B5A6D1-1F75-3B59-5825-E4D4CAE3445D}
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Vymazáno : HKLM\Software\SP Global
Klíe Vymazáno : HKLM\Software\SProtector

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Users\jiri.domes\AppData\Roaming\Mozilla\Firefox\Profiles\myc2tvih.default\prefs.js

Vymazáno : user_pref("aol_toolbar.default.homepage.check", false);
Vymazáno : user_pref("aol_toolbar.default.search.check", false);
Vymazáno : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\15.2.0.5");
Vymazáno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Vymazáno : user_pref("extensions.50ffd70e44674.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Vymazáno : user_pref("extensions.50ffd95e20b69.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Vymazáno : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Vymazáno : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Vymazáno : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Vymazáno : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Vymazáno : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
Vymazáno : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
Vymazáno : user_pref("sweetim.toolbar.searchguard.enable", "false");

-\\ Google Chrome v [Nemohu získat verzi]

Soubor : C:\Users\jiri.domes\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[S1].txt - [6492 octets] - [21/05/2013 12:23:53]

########## EOF - C:\AdwCleaner[S1].txt - [6552 octets] ##########

Výstup z JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by jiri.domes on Łt 21.05.2013 at 12:30:35,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\bettersoft"
Failed to delete: [Folder] "C:\ProgramData\application data\bettersoft"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\jiri.domes\AppData\Roaming\mozilla\firefox\profiles\myc2tvih.default\extensions\50ffd70e445c6@50ffd70e44600.com
Successfully deleted: [Folder] C:\Users\jiri.domes\AppData\Roaming\mozilla\firefox\profiles\myc2tvih.default\extensions\50ffd95e20abd@50ffd95e20af6.com
Successfully deleted the following from C:\Users\jiri.domes\AppData\Roaming\mozilla\firefox\profiles\myc2tvih.default\prefs.js

user_pref("extensions.50ffd70e44674.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
user_pref("extensions.50ffd95e20b69.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
Emptied folder: C:\Users\jiri.domes\AppData\Roaming\mozilla\firefox\profiles\myc2tvih.default\minidumps [47 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 21.05.2013 at 12:31:38,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Výstup z ComboFixu:

ComboFix 13-05-20.01 - jiri.domes 21.05.2013 12:47:50.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3071.1977 [GMT 2:00]
Spuštěný z: c:\users\jiri.domes\Desktop\ComboFix.exe
AV: AVG Anti-Virus Business Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Anti-Virus Business Edition 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Anti-Virus Business Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\MLPS\apps\csbed\CSBE\ACTIVATION_104\_desktop.ini
c:\program files\MLPS\apps\csbed\CSBE\ACTIVATION_104\BIN\_desktop.ini
c:\programdata\hpe5570.dll
c:\windows\system32\UNWISE.EXE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 10:55 . 2013-05-21 10:55 -------- d-----w- c:\users\jiri.domes\AppData\Local\temp
2013-05-21 10:30 . 2013-05-21 10:30 -------- d-----w- c:\windows\ERUNT
2013-05-21 10:30 . 2013-05-21 10:30 -------- d-----w- C:\JRT
2013-05-21 10:24 . 2013-05-21 10:24 156 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-21 10:09 . 2013-05-21 10:09 -------- d-----w- C:\_OTL
2013-05-21 05:53 . 2013-05-21 06:00 -------- d-----w- c:\program files\trend micro
2013-05-21 05:53 . 2013-05-21 05:54 -------- d-----w- C:\rsit
2013-05-21 05:53 . 2013-05-21 05:53 -------- d-----w- c:\programdata\StarApp
2013-05-16 04:59 . 2013-05-16 05:27 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-15 04:52 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 04:52 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 04:52 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 04:52 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 04:52 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 04:52 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 04:52 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 04:52 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-14 11:23 . 2013-05-14 11:23 -------- d-----w- c:\users\jiri.domes\AppData\Local\Siemens,_s.r.o
2013-05-14 11:22 . 2013-05-14 11:22 -------- d-----w- c:\users\jiri.domes\AppData\Roaming\Siemens
2013-05-06 12:10 . 2013-05-06 12:10 -------- d-----w- c:\windows\system32\Fonts
2013-05-06 11:51 . 2013-05-06 12:10 -------- d-----w- c:\program files\ZWCAD+ 2012 CSY
2013-05-03 06:39 . 2013-05-21 05:45 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-05-03 06:39 . 2013-05-21 10:24 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2013-05-03 06:30 . 2013-05-03 06:30 -------- d-----w- c:\users\jiri.domes\AppData\Roaming\AVG2013
2013-05-03 06:29 . 2013-05-03 06:29 -------- d-----w- c:\users\jiri.domes\AppData\Roaming\TuneUp Software
2013-05-03 06:28 . 2013-05-03 06:28 -------- d-----w- C:\$AVG
2013-05-03 06:25 . 2013-05-03 06:45 -------- d-----w- c:\users\jiri.domes\AppData\Local\Avg2013
2013-05-02 04:45 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{03175299-F60C-4251-B1CF-0B6BF7A34715}\mpengine.dll
2013-04-24 05:34 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-24 05:29 . 2013-04-24 05:29 -------- d-----w- c:\program files\Common Files\Java
2013-04-24 05:28 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-20 04:32 . 2010-01-05 07:31 4856 ----a-w- c:\windows\system32\drivers\739EEACF.bin
2013-05-16 05:01 . 2012-04-04 04:13 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-16 05:01 . 2011-05-18 05:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-06 12:21 . 2012-02-15 06:47 6656 ----a-w- c:\windows\system32\Ry4CoInst.dll
2013-05-06 12:21 . 2012-02-15 06:47 26976 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2013-05-06 12:21 . 2012-02-15 06:47 20648 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2013-04-13 04:45 . 2013-05-15 04:52 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 04:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-29 05:51 . 2013-03-29 05:51 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-29 05:51 . 2013-03-29 05:51 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-29 05:51 . 2013-03-29 05:51 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-29 05:51 . 2013-03-29 05:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-03-29 05:51 . 2013-03-29 05:51 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-03-29 05:51 . 2013-03-29 05:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-29 05:51 . 2013-03-29 05:51 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-03-29 05:51 . 2013-03-29 05:51 361984 ----a-w- c:\windows\system32\html.iec
2013-03-29 05:51 . 2013-03-29 05:51 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-29 05:51 . 2013-03-29 05:51 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-03-29 05:51 . 2013-03-29 05:51 158720 ----a-w- c:\windows\system32\msls31.dll
2013-03-29 05:51 . 2013-03-29 05:51 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-03-29 05:51 . 2013-03-29 05:51 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-29 05:51 . 2013-03-29 05:51 138752 ----a-w- c:\windows\system32\wextract.exe
2013-03-29 05:51 . 2013-03-29 05:51 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-29 05:51 . 2013-03-29 05:51 12800 ----a-w- c:\windows\system32\mshta.exe
2013-03-29 05:51 . 2013-03-29 05:51 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-22 08:33 . 2013-03-22 08:33 98304 ----a-w- c:\windows\system32\LFC.exe
2013-03-19 05:04 . 2013-04-10 04:52 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 04:52 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 04:52 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 04:52 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-11 23:10 . 2009-12-28 16:29 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-05 05:24 . 2012-06-27 06:05 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-05 05:24 . 2010-04-19 09:56 782240 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mouse Suite 98 Daemon"="c:\program files\Lenovo\Mouse Suite\ICO.EXE" [2009-01-04 65536]
"LenovoFSC"="c:\program files\Lenovo\FanSpeedControl\LenovoFSC.exe" [2009-06-26 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-02 151064]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-08-11 622592]
"PWRAGD"="c:\progra~1\ThinkPad\UTILIT~1\DPMHost.exe" [2009-08-13 72256]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2007-12-17 61440]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 SuperIO;Lenovo ASD HWM Driver;c:\windows\system32\DRIVERS\spio.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Obsah adresáře 'Naplánované úlohy'
.
2010-01-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-08-25 23:12]
.
2013-05-21 c:\windows\Tasks\{EFDFDC05-1BE2-497F-BCD8-FB317827DFB1}.job
- c:\programdata\BetterSoft\SaveByClick\SaveByClick.exe [2013-01-23 18:59]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: rtscs.cz\intranet
TCP: DhcpNameServer = 192.168.7.2
FF - ProfilePath - c:\users\jiri.domes\AppData\Roaming\Mozilla\Firefox\Profiles\myc2tvih.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
------- Asociace souborů -------
.
.scr=AutoCADLTScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-Hardlock Device Driver - c:\windows\System32\UNWISE.EXE
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
AddRemove-SaveByClick - c:\progra~2\INSTAL~1\SAVEBY~1\Setup.exe
AddRemove-SP_d201b363 - c:\program files\SaveByClick\uninstall.exe
AddRemove-{289D8517-6544-418E-A365-2D66F37EA7E1} - c:\progra~2\INSTAL~1\{289D8~1\Setup.exe
AddRemove-{DA259CB6-1F9F-4B3A-A9D1-57BD01C6BE40} - c:\progra~2\INSTAL~1\{DA259~1\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1403638349-286047545-2685503980-1197\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{48DA3AF4-E90C-F331-C3D0-679E97A9C355}*]
"dakcdoaj"=hex:64,62,6a,65,6c,66,6c,70,6c,6b,61,69,6c,6c,61,61,63,69,66,6b,6b,
64,6b,70,6e,6f,64,6d,6f,66,68,6a,64,69,70,66,6e,6d,66,68,00,00
"iandjlocfopmigbnij"=hex:6b,61,61,6e,61,65,6e,69,70,67,6b,62,6f,6b,6a,6f,6a,70,
62,65,6a,64,00,00
"halelgpfnjacfond"=hex:6b,61,61,6e,61,65,6e,69,70,67,6b,62,6f,6b,6a,6f,6a,70,
62,65,6a,64,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-05-21 12:57:15
ComboFix-quarantined-files.txt 2013-05-21 10:57
.
Před spuštěním: Volných bajtů: 58 428 219 392
Po spuštění: Volných bajtů: 57 736 818 688
.
- - End Of File - - 971EA29D56009661F45EB0E75370F01F

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex: Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log . a odskusaj pocitac, a napis ze co a ako.

tak tady je výsledný log z combofixu:

počítač odzkouším během zítřka, ono ty okna nevyskakovaly pravidelně a dneska jsem moc na internetu nebyl, tak pak dám vědět.
Jinak zatím moc a moc díky za pomoc!!!


ComboFix 13-05-20.01 - jiri.domes 21.05.2013 14:14:41.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3071.2139 [GMT 2:00]
Spuštěný z: c:\users\jiri.domes\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\jiri.domes\Desktop\CFScript.txt
AV: AVG Anti-Virus Business Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Anti-Virus Business Edition 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Anti-Virus Business Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\DeleteOnReboot.bat"
"c:\windows\system32\drivers\739EEACF.bin"
"c:\windows\Tasks\{EFDFDC05-1BE2-497F-BCD8-FB317827DFB1}.job"
"c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\INSTALL.LOG
c:\programdata\BetterSoft\SaveByClick
c:\programdata\BetterSoft\SaveByClick\profile.ini
c:\programdata\BetterSoft\SaveByClick\SaveByClick.exe
c:\windows\DeleteOnReboot.bat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\739EEACF.bin
c:\windows\system32\system
c:\windows\system32\Thumbs.db
c:\windows\Tasks\{EFDFDC05-1BE2-497F-BCD8-FB317827DFB1}.job
c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-21 do 2013-05-21 )))))))))))))))))))))))))))))))
.
.
2013-05-21 12:20 . 2013-05-21 12:22 -------- d-----w- c:\users\jiri.domes\AppData\Local\temp
2013-05-21 12:20 . 2013-05-21 12:20 -------- d-----w- c:\users\prospect\AppData\Local\temp
2013-05-21 12:20 . 2013-05-21 12:20 -------- d-----w- c:\users\martin.stanovsky\AppData\Local\temp
2013-05-21 12:20 . 2013-05-21 12:20 -------- d-----w- c:\users\JIRI~1~DOM\AppData\Local\temp
2013-05-21 10:30 . 2013-05-21 10:30 -------- d-----w- c:\windows\ERUNT
2013-05-21 10:30 . 2013-05-21 10:30 -------- d-----w- C:\JRT
2013-05-21 10:09 . 2013-05-21 10:09 -------- d-----w- C:\_OTL
2013-05-21 05:53 . 2013-05-21 06:00 -------- d-----w- c:\program files\trend micro
2013-05-21 05:53 . 2013-05-21 05:54 -------- d-----w- C:\rsit
2013-05-21 05:53 . 2013-05-21 05:53 -------- d-----w- c:\programdata\StarApp
2013-05-16 04:59 . 2013-05-16 05:27 -------- d-----w- c:\program files\Common Files\Adobe
2013-05-15 04:52 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 04:52 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 04:52 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 04:52 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 04:52 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 04:52 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 04:52 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 04:52 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-14 11:23 . 2013-05-14 11:23 -------- d-----w- c:\users\jiri.domes\AppData\Local\Siemens,_s.r.o
2013-05-14 11:22 . 2013-05-14 11:22 -------- d-----w- c:\users\jiri.domes\AppData\Roaming\Siemens
2013-05-06 12:10 . 2013-05-06 12:10 -------- d-----w- c:\windows\system32\Fonts
2013-05-06 11:51 . 2013-05-06 12:10 -------- d-----w- c:\program files\ZWCAD+ 2012 CSY
2013-05-03 06:39 . 2013-05-21 05:45 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-05-03 06:39 . 2013-05-21 10:24 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2013-05-03 06:30 . 2013-05-03 06:30 -------- d-----w- c:\users\jiri.domes\AppData\Roaming\AVG2013
2013-05-03 06:29 . 2013-05-03 06:29 -------- d-----w- c:\users\jiri.domes\AppData\Roaming\TuneUp Software
2013-05-03 06:28 . 2013-05-03 06:28 -------- d-----w- C:\$AVG
2013-05-03 06:25 . 2013-05-03 06:45 -------- d-----w- c:\users\jiri.domes\AppData\Local\Avg2013
2013-05-02 04:45 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{03175299-F60C-4251-B1CF-0B6BF7A34715}\mpengine.dll
2013-04-24 05:34 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-24 05:29 . 2013-04-24 05:29 -------- d-----w- c:\program files\Common Files\Java
2013-04-24 05:28 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 05:01 . 2012-04-04 04:13 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-16 05:01 . 2011-05-18 05:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-06 12:21 . 2012-02-15 06:47 6656 ----a-w- c:\windows\system32\Ry4CoInst.dll
2013-05-06 12:21 . 2012-02-15 06:47 26976 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2013-05-06 12:21 . 2012-02-15 06:47 20648 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2013-04-13 04:45 . 2013-05-15 04:52 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 04:52 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-29 05:51 . 2013-03-29 05:51 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-29 05:51 . 2013-03-29 05:51 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-29 05:51 . 2013-03-29 05:51 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-29 05:51 . 2013-03-29 05:51 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-03-29 05:51 . 2013-03-29 05:51 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-03-29 05:51 . 2013-03-29 05:51 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-29 05:51 . 2013-03-29 05:51 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-03-29 05:51 . 2013-03-29 05:51 361984 ----a-w- c:\windows\system32\html.iec
2013-03-29 05:51 . 2013-03-29 05:51 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-29 05:51 . 2013-03-29 05:51 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-03-29 05:51 . 2013-03-29 05:51 158720 ----a-w- c:\windows\system32\msls31.dll
2013-03-29 05:51 . 2013-03-29 05:51 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-03-29 05:51 . 2013-03-29 05:51 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-29 05:51 . 2013-03-29 05:51 138752 ----a-w- c:\windows\system32\wextract.exe
2013-03-29 05:51 . 2013-03-29 05:51 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-29 05:51 . 2013-03-29 05:51 12800 ----a-w- c:\windows\system32\mshta.exe
2013-03-29 05:51 . 2013-03-29 05:51 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-22 08:33 . 2013-03-22 08:33 98304 ----a-w- c:\windows\system32\LFC.exe
2013-03-19 05:04 . 2013-04-10 04:52 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 04:52 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48 . 2013-04-10 04:52 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 04:52 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-11 23:10 . 2009-12-28 16:29 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-03-05 05:24 . 2012-06-27 06:05 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-05 05:24 . 2010-04-19 09:56 782240 ----a-w- c:\windows\system32\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mouse Suite 98 Daemon"="c:\program files\Lenovo\Mouse Suite\ICO.EXE" [2009-01-04 65536]
"LenovoFSC"="c:\program files\Lenovo\FanSpeedControl\LenovoFSC.exe" [2009-06-26 49152]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-02 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-02 151064]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-08-11 622592]
"PWRAGD"="c:\progra~1\ThinkPad\UTILIT~1\DPMHost.exe" [2009-08-13 72256]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2007-12-17 61440]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [x]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [x]
S2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 SuperIO;Lenovo ASD HWM Driver;c:\windows\system32\DRIVERS\spio.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: rtscs.cz\intranet
TCP: DhcpNameServer = 192.168.7.2
FF - ProfilePath - c:\users\jiri.domes\AppData\Roaming\Mozilla\Firefox\Profiles\myc2tvih.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG2013\avgrsx.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVG\AVG2013\avgnsx.exe
c:\program files\AVG\AVG2013\avgemcx.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\AVG\AVG2013\avgcsrvx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\ThinkPad\Utilities\SCHTASK.EXE
c:\windows\system32\sppsvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Celkový čas: 2013-05-21 14:25:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-21 12:25
ComboFix2.txt 2013-05-21 10:57
.
Před spuštěním: Volných bajtů: 57 708 572 672
Po spuštění: Volných bajtů: 57 646 116 864
.
- - End Of File - - C6E54EDC0E475B1FB9BE8CF23CF67001

ok, stacis.

Tak okna už nevyskakují, takže paráda... škoda, že ta špína nejde dostat z počítače nějakým běžným způsobem. že to nenajde ani antivir...
Ještě mne tak napadá, že vždy, když poprvé po zapnutí počítače najedu na stránky xperia.cz, tak se celý počítač na půl minuty sekne. Na domácím počítači mi to nedělá... může to být taky nějakým virem, nebo spíše nějaká chyba firefoxu?

jinak děkuji moc za pomoc

bezny sposob?/,,tak len strucne,,,no dnesne smejdy uz nepisu kinderhackeri, ale specialisti, oni velmi dobre poznaju kazde AV, a vedia ich obist.,,,

Premenuj ikonku combofixu na uninstall
a spust, klik,ok,ok,o,,,combofix sa odinstaluje z pc.

FireFox, najlepsie je ak FireFox obnovis do zakladneho nastavenia. nestaci len pre instalovat.
Navod najdes tu v mojom blogu:
http://www.viruskasino.com/2013/04/obno ... dacov.html
takze sprav to, a odskusaj.

Comofix odinstalován, firefox obnoven, ale na těch stránkách se seká pořád...

spust prikazovy riadok ako spravca, a napis tam tento prikaz
ipconfig /flushdns
Enter.

Vytvorime súbor.bat.
1:Otvorte Notepad (Poznámkový blok) a skopíruj do neho text.
2:Potom klikneme na záložku Súbor v menu Uložiť ako..
3:Ako je Názov súboru, tak do toho riadku napíšeme:ping.bat
4:Typ súboru tak tam vyberiete všetky súbory .
5:A uložíme ho na plochu.
6: pravý klik a spustiť ako správca.
7:Súhlasíme "A" a stlačíme kláves Enter.
xperia.txt>log vloz sem.

tady to je:


Konfigurace protokolu IP syst‚mu Windows

N zev hostitele . . . . . . . . . : PC-11-1
Prim rnˇ pýˇpona DNS. . . . . . . : prospect.local
Typ uzlu . . . . . . . . . . . . : vçesmŘrov‚ vysˇl nˇ
Povoleno smŘrov nˇ IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Prohled vacˇ seznam pýˇpon DNS. . : prospect.local

Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:

Pýˇpona DNS podle pýipojenˇ . . . : prospect.local
Popis . . . . . . . . . . . . . . : Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
Fyzick  Adresa. . . . . . . . . . : 00-01-6C-56-72-FB
Protokol DHCP povolen . . . . . . : Ano
Automatick  konfigurace povolena : Ano
Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80::7cb3:b51e:508c:1f5e%10(Preferovan‚)
Adresa IPv4 . . . . . . . . . . . : 192.168.7.20(Preferovan‚)
Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0
Zap…jźeno . . . . . . . . . . . . : 22. kvŘtna 2013 9:05:02
Z p…jźka vyprçˇ . . . . . . . . . : 30. kvŘtna 2013 9:05:02
Věchozˇ br na . . . . . . . . . . : 192.168.7.2
Server DHCP . . . . . . . . . . . : 192.168.7.2
IAID DHCPv6 . . . . . . . . . . : 234881388
DUID klienta DHCPv6. . . . . . . : 00-01-00-01-12-8F-55-BC-00-01-6C-56-72-FB
Servery DNS . . . . . . . . . . . : 192.168.7.2
Prim rnˇ server WINS. . . . . . . : 192.168.7.2
Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno

Adapt‚r pro tunelov‚ pýipojenˇ isatap.prospect.local:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . : prospect.local
Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Fyzick  Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick  konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti* 9:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Microsoft 6to4 Adapter
Fyzick  Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick  konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ Teredo Tunneling Pseudo-Interface:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzick  Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick  konfigurace povolena : Ano
Server: prospect02.prospect.local
Address: 192.168.7.2

DNS request timed out.
timeout was 2 seconds.
Nazev: xperia.cz
Address: 46.28.105.77


Pýˇkaz PING na xperia.cz [46.28.105.77] - 32 bajt… dat:
OdpovŘÔ od 46.28.105.77: bajty=32 źas=21ms TTL=58
OdpovŘÔ od 46.28.105.77: bajty=32 źas=10ms TTL=58
OdpovŘÔ od 46.28.105.77: bajty=32 źas=9ms TTL=58

Statistika ping pro 46.28.105.77:
Pakety: Odeslan‚ = 3, Pýijat‚ = 3, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:
Minimum = 9ms, Maximum = 21ms, Pr…mŘr = 13ms

===========================================================================
Seznam rozhranˇ
10...00 01 6c 56 72 fb ......Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov  maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 192.168.7.2 192.168.7.20 10
127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306
127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306
127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
192.168.7.0 255.255.255.0 Propojen‚ 192.168.7.20 266
192.168.7.20 255.255.255.255 Propojen‚ 192.168.7.20 266
192.168.7.255 255.255.255.255 Propojen‚ 192.168.7.20 266
224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 192.168.7.20 266
255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
255.255.255.255 255.255.255.255 Propojen‚ 192.168.7.20 266
===========================================================================
Trval‚ trasy:
¦ dn‚

IPv6 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Rozhranˇ Metrika Cˇl v sˇti Br na
1 306 ::1/128 Propojen‚
10 266 fe80::/64 Propojen‚
10 266 fe80::7cb3:b51e:508c:1f5e/128
Propojen‚
1 306 ff00::/8 Propojen‚
10 266 ff00::/8 Propojen‚
===========================================================================
Trval‚ trasy:
¦ dn‚

Toto tu vyzera dobre, vycisti este Flash cache.
1.Kliknite na odkaz na prístup k svojim Flash cache.
http://www.macromedia.com/support/docum ... ger07.html
2.Teraz kliknite zložku,ktorá je pred podsledná na pravej strane.
3.V spodnej časti okna zobrazí zoznam webových stránok,ktoré ste navštívili.
4.Kliknite na Odstrániť všetky stránky,takto komplet vymažete cache vášho Adobe Flash playera.

Pouzi TFCleaner.
http://www.viruskasino.com/2010/12/prog ... TF-Cleaner
Restart a odskusaj.