VIRY.CZ

Dobrý den, po týdnu googlení a čistěním vším možným jsem na dně. Moc prosím o pomoc. Vir jsem si ze začátku myslel že je ten, co bývá na routeru (už jsem měl to štěstí) nenačítají se seznam, google, youtube atd a vyskočí hláška warning! internet exploreris curently out of date. Pleas update to continue. Po odkřížkování outdated browser detected. Ale bylo mi řečeno že jelikož mám na routeru druhý počítač který funguje a na wifi strejdu, kterému to jde taky bez problému, tak je to blbost. Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by user at 2014-07-15 18:20:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 171 GB (85%) free of 200 GB
Total RAM: 3326 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:20:20, on 15.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\user\Downloads\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-21-1944892300-379215589-3686594660-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User '?')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.8\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: vToolbarUpdater18.1.8 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\ToolbarUpdater.exe

--
End of file - 5088 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2012-02-09 3824640]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-06-17 5179408]
"vProt"=C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2014-07-14 2571288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.l3pacm"=l3codecp.acm
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.MLCY"=mlc.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-07-15 18:20:07 ----D---- C:\Program Files\trend micro
2014-07-15 18:20:06 ----D---- C:\rsit
2014-07-14 19:10:29 ----SHD---- C:\Config.Msi
2014-07-14 18:12:08 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-14 18:11:31 ----D---- C:\ProgramData\Malwarebytes
2014-07-14 18:11:31 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-07-14 18:11:31 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-07-14 18:11:31 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-14 18:11:31 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-07-14 17:46:02 ----D---- C:\Users\user\AppData\Roaming\AVG2014
2014-07-14 17:45:45 ----A---- C:\Windows\system32\drivers\avgtpx86.sys
2014-07-14 17:45:10 ----D---- C:\ProgramData\AVG Secure Search
2014-07-14 17:45:09 ----D---- C:\Program Files\Common Files\AVG Secure Search
2014-07-14 17:45:08 ----D---- C:\ProgramData\AVG SafeGuard toolbar
2014-07-14 17:45:07 ----D---- C:\Program Files\AVG SafeGuard toolbar
2014-07-14 17:44:09 ----D---- C:\Users\user\AppData\Roaming\TuneUp Software
2014-07-14 17:43:50 ----HD---- C:\$AVG
2014-07-14 17:43:50 ----D---- C:\ProgramData\AVG2014
2014-07-14 17:43:31 ----D---- C:\Program Files\AVG
2014-07-14 17:39:44 ----HD---- C:\ProgramData\Common Files
2014-07-14 17:39:44 ----D---- C:\ProgramData\MFAData
2014-06-17 16:22:02 ----A---- C:\Windows\system32\drivers\avgldx86.sys
2014-06-17 16:21:22 ----A---- C:\Windows\system32\drivers\avgtdix.sys
2014-06-17 16:18:00 ----A---- C:\Windows\system32\drivers\avglogx.sys
2014-06-17 16:17:58 ----A---- C:\Windows\system32\drivers\avgidshx.sys
2014-06-17 16:06:40 ----A---- C:\Windows\system32\drivers\avgidsdriverx.sys
2014-06-17 16:06:38 ----A---- C:\Windows\system32\drivers\avgdiskx.sys
2014-06-17 16:06:24 ----A---- C:\Windows\system32\drivers\avgmfx86.sys
2014-06-17 16:06:22 ----A---- C:\Windows\system32\drivers\avgrkx86.sys
2014-06-17 16:06:20 ----A---- C:\Windows\system32\drivers\avgidsshimx.sys

======List of files/folders modified in the last 1 month======

2014-07-15 18:20:08 ----D---- C:\Windows\temp
2014-07-15 18:20:07 ----RD---- C:\Program Files
2014-07-15 18:20:07 ----D---- C:\Windows\System32
2014-07-15 18:20:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-15 18:20:06 ----D---- C:\Windows\inf
2014-07-15 18:14:59 ----D---- C:\Windows
2014-07-14 19:28:45 ----D---- C:\Windows\SoftwareDistribution
2014-07-14 19:19:54 ----D---- C:\Windows\system32\catroot
2014-07-14 19:13:15 ----SHD---- C:\Windows\Installer
2014-07-14 19:13:15 ----HD---- C:\Program Files\InstallShield Installation Information
2014-07-14 19:13:13 ----D---- C:\Windows\system32\DriverStore
2014-07-14 19:13:02 ----SHD---- C:\System Volume Information
2014-07-14 19:11:24 ----D---- C:\ProgramData\Freemake
2014-07-14 19:11:21 ----D---- C:\Program Files\Freemake
2014-07-14 19:10:33 ----D---- C:\Windows\system32\config
2014-07-14 19:06:14 ----D---- C:\Windows\Prefetch
2014-07-14 19:01:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-07-14 19:01:22 ----D---- C:\Program Files\Mozilla Firefox
2014-07-14 19:01:21 ----D---- C:\Users\user\AppData\Roaming\Mozilla
2014-07-14 18:28:37 ----D---- C:\Windows\system32\drivers
2014-07-14 18:28:37 ----D---- C:\Windows\ServiceProfiles
2014-07-14 18:11:31 ----D---- C:\ProgramData
2014-07-14 17:55:37 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-07-14 17:45:09 ----D---- C:\Program Files\Common Files
2014-07-14 17:34:42 ----D---- C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-05-20 14392]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2010-08-23 11456]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2013-09-26 47928]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2014-06-17 199960]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2014-07-14 42784]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-05-20 5315584]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-20 152064]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 102888]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 313832]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-20 100352]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-07-15 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-17 13216]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-02-03 514152]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-11-11 1823344]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-20 5315584]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\user\AppData\Local\Temp\catchme.sys []
S3 CXPLRCAP;Capture Device; C:\Windows\system32\drivers\CxPlrCap.sys [2010-01-06 187776]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-20 172032]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2014\avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-11-11 27760]
R2 vToolbarUpdater18.1.8;vToolbarUpdater18.1.8; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\ToolbarUpdater.exe [2014-07-14 1813528]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14 262320]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-04-03 1343400]

-----------------EOF-----------------

Zdravím!
Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

ComboFix 14-07-15.04 - user 15.07.2014 23:03:25.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3326.2361 [GMT 2:00]
Spuštěný z: c:\users\user\Desktop\combofix.exe
AV: AVG Internet Security 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-15 do 2014-07-15 )))))))))))))))))))))))))))))))
.
.
2014-07-15 21:08 . 2014-07-15 21:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-15 21:08 . 2014-07-15 21:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-15 16:28 . 2014-07-15 16:28 -------- d-----w- c:\users\user\AppData\Local\ElevatedDiagnostics
2014-07-15 16:20 . 2014-07-15 16:20 -------- d-----w- c:\program files\trend micro
2014-07-15 16:20 . 2014-07-15 16:20 -------- d-----w- C:\rsit
2014-07-14 16:12 . 2014-07-15 20:58 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-14 16:11 . 2014-07-14 16:11 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-07-14 16:11 . 2014-07-14 16:11 -------- d-----w- c:\programdata\Malwarebytes
2014-07-14 16:11 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-14 16:11 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-14 16:11 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-14 15:46 . 2014-07-14 15:46 -------- d-----w- c:\users\user\AppData\Local\AVG SafeGuard toolbar
2014-07-14 15:46 . 2014-07-14 15:46 -------- d-----w- c:\users\user\AppData\Roaming\AVG2014
2014-07-14 15:45 . 2014-07-14 15:44 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2014-07-14 15:45 . 2014-07-14 15:45 -------- d-----w- c:\programdata\AVG Secure Search
2014-07-14 15:45 . 2014-07-14 15:45 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2014-07-14 15:45 . 2014-07-14 15:45 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
2014-07-14 15:45 . 2014-07-14 15:45 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2014-07-14 15:44 . 2014-07-14 15:44 -------- d-----w- c:\users\user\AppData\Roaming\TuneUp Software
2014-07-14 15:43 . 2014-07-14 15:44 -------- d-----w- c:\programdata\AVG2014
2014-07-14 15:43 . 2014-07-14 15:43 -------- d-----w- C:\$AVG
2014-07-14 15:43 . 2014-07-14 15:43 -------- d-----w- c:\program files\AVG
2014-07-14 15:39 . 2014-07-15 16:21 -------- d-----w- c:\programdata\MFAData
2014-07-14 15:39 . 2014-07-14 15:51 -------- d-----w- c:\users\user\AppData\Local\Avg2014
2014-07-14 15:39 . 2014-07-14 15:39 -------- d--h--w- c:\programdata\Common Files
2014-07-14 15:39 . 2014-07-14 15:39 -------- d-----w- c:\users\user\AppData\Local\MFAData
2014-06-17 14:22 . 2014-06-17 14:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-06-17 14:21 . 2014-06-17 14:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-06-17 14:18 . 2014-06-17 14:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-06-17 14:17 . 2014-06-17 14:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-06-17 14:06 . 2014-06-17 14:06 199960 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-06-17 14:06 . 2014-06-17 14:06 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-06-17 14:06 . 2014-06-17 14:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2014-06-17 14:06 . 2014-06-17 14:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-06-17 14:06 . 2014-06-17 14:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-14 15:55 . 2013-04-14 18:37 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-14 15:55 . 2013-04-14 18:37 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2012-02-09 3824640]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-06-17 5179408]
"vProt"="c:\program files\AVG SafeGuard toolbar\vprot.exe" [2014-07-14 2571288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave2"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2014\avgidsagent.exe [2014-06-27 3241488]
R3 CXPLRCAP;Capture Device;c:\windows\system32\drivers\CxPlrCap.sys [2010-01-06 187776]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-04-03 1343400]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2013-09-26 47928]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2014-06-17 199960]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-07-14 42784]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-20 172032]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2014\avgfws.exe [2014-06-17 1417160]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2014\avgwdsvc.exe [2014-06-17 289328]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-11-11 27760]
S2 vToolbarUpdater18.1.8;vToolbarUpdater18.1.8;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.8\ToolbarUpdater.exe [2014-07-14 1813528]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 102888]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 313832]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-07-15 110296]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2012-02-03 514152]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-11-11 1823344]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-14 15:55]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.99.14.108 8.8.8.8
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.8\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
čao. díky



.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-07-15 23:10:15
ComboFix-quarantined-files.txt 2014-07-15 21:10
ComboFix2.txt 2014-06-15 11:45
.
Před spuštěním: Volných bajtů: 179 036 622 848
Po spuštění: Volných bajtů: 178 755 076 096
.
- - End Of File - - 952CB78003F03E5E9A818BE33D8D1E2F
A36C5E4F47E84449FF07ED3517B43A31

Log vypadá OK. Nestáhl jste si náhodou toto: http://www.novinky.cz/internet-a-pc/bez ... i-tym.html ? Pokud ano, uveďte váš wifi router do továrního nastavení, pak znovu nastavte a změňte přístupové heslo. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

No já si myslím že na 100% ano, ale bylo mi řečeno mistrem odborníkem co nám router prodal a nastavoval i pro strejdu wifi, že pokud nejde jen jeden počítač ze tří, tak to tím určitě nebude...no nic, jdu mu tedy zavolat ať mi to předvede. Zatím díky

Zatím není zač!

Já ho prostě nemůžu dokopat aby přišel. Router resetovat nemůžu protože neznám nastavení pro wifi pro strejdu a nemůžu se ani na něj dostat, protože "odborník" při nastavení heslo někde zadupkal.
Pak mě teda ještě trošku nahlodalo že prej když je nakažený router, tak to blbne všem uživatelům což se neděje a když jsem zkoušel na různých stránkách test routeru (dnsChanger) , tak jeden z 5-ti napsal že pravděpodobně může být infikován, zbytek v pohodě. Vyměnil jsem antivir eset za avg free a teď to píše fake flash player, ale projevuje se to stejně. Firefox jsem resetoval do původního nastavení.

Tak, jako tak musíte resetovat router do továrního nastavení a znovu nakonfigurovat.

Tak pan "opravář" konečně dorazil. Zapnul jsem hujdu a světe div se, všechno ok. Ani po 15-minutách se žádný problém neobjevil (ještě předevčírem to nešlo) tak jsem hořce polknul, poděkoval dal stovku na benzín a šel na velkého panáka. Pašák mě ještě umyl prohlášením že za to asi můžou hvězdy a že se to občas stává a já nechápu, nechápu, nechápu. prostě z ničeho nic vše ok. Přikládám tedy ješte log z malwarebytes. Děkuji

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.8.2014
Scan Time: 20:20:42
Logfile: malwarebytes.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.26.06
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 280259
Time Elapsed: 7 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

I log je OK.

díky moc

Rádo se stalo!