Extremne zasekany, ale vykonny PC Vyřešeno

[jaro3]

Ty nástroje mají přednastaveno , co mají mazat.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Stáhni si Registry Defrag

na svojí plochu a spusť ho. Program se nainstaluje a potom se spustí.
Zavři si nejprve všechny ostatní programy a prohlížeče a deaktivuj antivir.

Klikni na „Next“.
Program proskenuje registry a vytvoří nový bod obnovy. Poté restartuje PC. Po restartu program můžeš zavřít.

Opravdu že vše OK? Měl si tam Rogue...a nedal si log po výmazu z MbAM..

[Reklama]

[MachrCZ]

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

at to mazu jak mazu, vzdy kdyz udelam scan znova, je to tam furt.. = nejde to vymazat :/

[MachrCZ]

# DelFix v1.011 - Logfile created 14/09/2015 at 15:01:27
# Updated 18/08/2015 by Xplode
# Username : Blejzr - BLEJZR-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Blejzr\Desktop\JRT.txt
Deleted : C:\Users\Blejzr\Downloads\adwcleaner_5.007.exe
Deleted : C:\Users\Blejzr\Downloads\JRT.exe
Deleted : C:\Users\Blejzr\Downloads\hijackthis.exe
Deleted : C:\Users\Blejzr\Downloads\hijackthis.log
Deleted : C:\Users\Blejzr\Downloads\RogueKillerX64.exe
Deleted : C:\Users\Blejzr\Downloads\TFC.exe
Deleted : C:\Users\Blejzr\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #178 [JRT Pre-Junkware Removal | 09/12/2015 13:53:59]
Deleted : RP #179 [Removed Logitech Gaming Software 5.10. | 09/12/2015 16:05:00]
Deleted : RP #180 [Windows Update | 09/12/2015 16:31:51]
Deleted : RP #181 [zoek.exe restore point | 09/13/2015 22:17:28]
Deleted : RP #182 [Windows Update | 09/14/2015 02:35:58]

New restore point created !

########## - EOF - ##########

[MachrCZ]

registry

neslo to restartovat pres ten registry program, psalo to pristup odepren, tak jsem to udelal rucne a v pohode..

Mbam jsem promazal hned po prvnim testu co jsem nasel, byl tam tusim jeden vir.. Rogue je co? Muzu to nechat protestovat jeste jednou teda..

Kde sem to zas nabral? Pouzivam AVAST a pravidelne zde hazu logy, abych si udrzel PC cistej a stejne co kazde dva mesice tam vzdy neco je.. to je hruza :(

Prijde mi ze to lepe jede, nicmene, vzhledem ke komponentum co v PC jsou, to stejne startuje desne pomalu a celkove rozjezd PC trva nekolik minut.. Nez se spusti firefox po zapnuti PC, nabehne skype apod... Firefox se vzdy nekolikrat prosekne s tou hlaskou neodpovida a pak se zas odsekne.. vetsinou jen na startu systemu a pak uz to beha svizne... rozhodne lepsi nez to bylo.. :)

[MachrCZ]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14.9.2015
Čas skenování: 15:13
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.14.03
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Blejzr

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 423932
Uplynulý čas: 10 min, 38 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

tady dodatecne scan z mbam

[jaro3]

https://en.wikipedia.org/wiki/Rogue_security_software

https://en.wikipedia.org/wiki/List_of_r ... y_software

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[MachrCZ]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-09-14 17:33:41
-----------------------------
17:33:41.147 OS Version: Windows x64 6.1.7601 Service Pack 1
17:33:41.147 Number of processors: 4 586 0x3C03
17:33:41.147 ComputerName: BLEJZR-PC UserName: Blejzr
17:33:43.089 Initialize success
17:33:50.130 VM: initialized successfully
17:33:50.130 VM: Intel CPU supported virtualized
17:33:59.220 VM: supported disk I/O ataport.SYS
17:34:02.900 AVAST engine defs: 15091400
17:34:13.920 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:34:13.920 Disk 0 Vendor: SAMSUNG_HD501LJ CR100-12 Size: 476938MB BusType: 11
17:34:14.030 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
17:34:14.030 Disk 1 Vendor: ST1000DM003-1ER162 CC43 Size: 953869MB BusType: 11
17:34:14.130 VM: Disk 1 MBR read successfully
17:34:14.130 Disk 1 MBR scan
17:34:14.140 Disk 1 Windows 7 default MBR code
17:34:14.140 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
17:34:14.150 Disk 1 Boot: NTFS code=2
17:34:14.170 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
17:34:14.220 Disk 1 scanning C:\Windows\system32\drivers
17:34:21.790 Service scanning
17:34:28.550 Service MSICDSetup E:\CDriver64.sys **LOCKED** 21
17:34:29.450 Service NTIOLib_1_0_C E:\NTIOLib_X64.sys **LOCKED** 21
17:34:35.040 Modules scanning
17:34:35.040 Disk 1 trace - called modules:
17:34:35.050 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:34:35.060 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80078b7060]
17:34:35.060 3 CLASSPNP.SYS[fffff8800192f43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80075ff060]
17:34:35.940 AVAST engine scan C:\Windows
17:34:38.020 AVAST engine scan C:\Windows\system32
17:37:39.644 AVAST engine scan C:\Windows\system32\drivers
17:37:50.464 AVAST engine scan C:\Users\Blejzr
17:46:56.395 AVAST engine scan C:\ProgramData
17:48:17.805 Disk 1 statistics 5476205/0/18 @ 3,85 MB/s
17:48:17.815 Scan finished successfully
17:48:57.105 Disk 1 MBR has been saved successfully to "C:\Users\Blejzr\Desktop\MBR.dat"
17:48:57.105 The log file has been saved successfully to "C:\Users\Blejzr\Desktop\aswMBR.txt"

[MachrCZ]

ComboFix 15-09-07.01 - Blejzr 14.09.2015 17:52:18.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.8120.5495 [GMT 2:00]
Spuštěný z: c:\users\Blejzr\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DSCN2962.JPG
C:\DSCN2963.JPG
C:\DSCN2964.JPG
C:\DSCN2965.JPG
C:\DSCN2966.JPG
C:\DSCN2967.JPG
C:\DSCN2968.JPG
C:\DSCN2971.JPG
c:\users\Blejzr\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-08-14 do 2015-09-14 )))))))))))))))))))))))))))))))
.
.
2015-09-14 15:59 . 2015-09-14 15:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-09-14 13:56 . 2015-09-14 13:56 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75817BB6-10FA-48BC-90FB-5125584ADF60}\offreg.1528.dll
2015-09-14 13:03 . 2015-09-14 13:04 -------- d-----w- c:\program files (x86)\AusLogics Registry Defrag
2015-09-13 22:38 . 2015-09-14 15:59 -------- d-----w- c:\users\Blejzr\AppData\Local\Temp
2015-09-13 22:38 . 2015-09-13 22:16 24064 ----a-w- c:\windows\zoek-delete.exe
2015-09-12 16:06 . 2015-09-12 16:06 -------- d-----w- c:\windows\system32\appmgmt
2015-09-12 14:33 . 2015-09-12 14:33 -------- d-----w- c:\users\Blejzr\AppData\Local\Logitech
2015-09-12 14:29 . 2015-09-12 14:29 -------- d-----w- c:\program files\Common Files\Logitech
2015-09-12 14:19 . 2015-09-12 14:19 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75817BB6-10FA-48BC-90FB-5125584ADF60}\offreg.2260.dll
2015-09-11 15:08 . 2015-09-11 15:08 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75817BB6-10FA-48BC-90FB-5125584ADF60}\offreg.2996.dll
2015-09-11 15:04 . 2015-09-11 15:04 -------- d-----w- c:\users\Blejzr\AppData\Roaming\New Technology Studio
2015-09-11 15:04 . 2015-09-11 15:04 -------- d-----w- c:\users\Blejzr\AppData\Local\New Technology Studio
2015-09-11 12:09 . 2015-08-20 02:18 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75817BB6-10FA-48BC-90FB-5125584ADF60}\mpengine.dll
2015-09-10 13:31 . 2015-07-23 00:06 5568960 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-09-06 02:38 . 2015-09-06 02:51 -------- d-----w- c:\users\Blejzr\AppData\Local\A
2015-09-06 01:30 . 2015-09-11 15:04 -------- d-----w- C:\Grand Theft Auto V
2015-09-04 15:49 . 2015-09-04 15:49 -------- d-----w- C:\CSM
2015-08-24 08:14 . 2015-08-24 08:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-08-24 08:14 . 2015-08-24 08:14 -------- d-----r- c:\program files (x86)\Skype
2015-08-23 18:42 . 2015-08-23 18:43 -------- d-----w- C:\4 - Přijel Kuba se Zuzanou
2015-08-20 14:18 . 2015-08-26 13:56 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-08-16 18:50 . 2015-08-16 18:50 -------- d-----w- c:\windows\SysWow64\vbox
2015-08-16 18:50 . 2015-08-16 18:50 -------- d-----w- c:\windows\system32\vbox
2015-08-16 14:04 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 14:04 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 11:41 . 2015-08-16 11:41 -------- d-----w- c:\programdata\ATI
2015-08-16 11:38 . 2015-08-16 11:38 -------- d-----w- c:\program files (x86)\AMD
2015-08-16 11:15 . 2015-07-28 20:09 17344 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-08-16 11:15 . 2015-07-28 20:05 774656 ----a-w- c:\windows\system32\invagent.dll
2015-08-16 11:15 . 2015-07-28 20:05 743424 ----a-w- c:\windows\system32\generaltel.dll
2015-08-16 11:15 . 2015-07-28 20:05 437760 ----a-w- c:\windows\system32\devinv.dll
2015-08-16 11:15 . 2015-07-28 20:05 1116672 ----a-w- c:\windows\system32\appraiser.dll
2015-08-16 11:15 . 2015-07-28 20:05 69120 ----a-w- c:\windows\system32\acmigration.dll
2015-08-16 11:15 . 2015-07-28 20:05 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-08-16 11:15 . 2015-07-28 19:55 1148416 ----a-w- c:\windows\system32\aeinv.dll
2015-08-16 11:15 . 2015-07-15 18:15 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-08-16 11:15 . 2015-07-15 18:10 1743360 ----a-w- c:\windows\system32\sysmain.dll
2015-08-16 11:14 . 2015-07-15 20:26 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2015-08-16 11:14 . 2015-07-15 18:10 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-08-16 11:14 . 2015-07-15 18:02 2560 ----a-w- c:\windows\system32\drivers\en-US\mountmgr.sys.mui
2015-08-16 11:14 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2015-08-16 10:57 . 2015-08-16 10:57 115152 ----a-w- c:\windows\system32\drivers\ngvss.sys
2015-08-16 10:57 . 2015-08-16 10:57 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-08-16 10:57 . 2015-08-16 10:57 43112 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-14 13:13 . 2015-05-30 11:30 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-13 19:51 . 2014-10-24 22:03 37624 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-08-26 16:37 . 2014-09-18 16:54 134753440 ----a-w- c:\windows\system32\MRT.exe
2015-08-16 11:21 . 2014-09-19 17:13 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-16 11:21 . 2014-09-19 17:13 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-16 10:58 . 2014-09-20 19:38 1048344 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-08-16 10:57 . 2014-09-20 19:38 150672 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-08-16 10:57 . 2014-09-20 19:38 447944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-08-16 10:57 . 2014-09-20 19:38 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-08-16 10:57 . 2014-09-20 19:38 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-08-16 10:57 . 2014-09-20 19:38 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-08-16 10:57 . 2014-09-20 19:38 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-08-16 10:57 . 2014-09-20 19:38 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-08-05 17:56 . 2015-09-10 13:32 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-08-04 06:29 . 2015-08-04 06:29 107784 ----a-w- c:\windows\system32\amdave64.dll
2015-08-04 06:29 . 2014-11-21 02:09 100568 ----a-w- c:\windows\SysWow64\amdave32.dll
2015-08-04 06:28 . 2015-08-04 06:28 141792 ----a-w- c:\windows\system32\amdhcp64.dll
2015-08-04 06:28 . 2015-08-04 06:28 128384 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\atimpc64.dll
2015-08-04 06:28 . 2015-08-04 06:28 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2015-08-04 06:28 . 2015-08-04 06:28 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2015-08-04 06:28 . 2015-08-04 06:28 152056 ----a-w- c:\windows\system32\atiuxp64.dll
2015-08-04 06:28 . 2015-08-04 06:28 133016 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2015-08-04 06:28 . 2014-04-18 02:42 120144 ----a-w- c:\windows\system32\atiu9p64.dll
2015-08-04 06:28 . 2014-04-18 02:42 102616 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2015-08-04 06:28 . 2014-04-18 02:42 1445224 ----a-w- c:\windows\system32\aticfx64.dll
2015-08-04 06:28 . 2014-04-18 02:42 1193904 ----a-w- c:\windows\SysWow64\aticfx32.dll
2015-08-04 06:28 . 2015-08-04 06:28 11948704 ----a-w- c:\windows\system32\atidxx64.dll
2015-08-04 06:28 . 2015-08-04 06:28 10094152 ----a-w- c:\windows\SysWow64\atidxx32.dll
2015-08-04 06:28 . 2014-04-18 02:42 7929616 ----a-w- c:\windows\SysWow64\atiumdva.dll
2015-08-04 06:28 . 2014-04-18 02:42 7408936 ----a-w- c:\windows\SysWow64\atiumdag.dll
2015-08-04 06:27 . 2014-04-18 02:42 8893160 ----a-w- c:\windows\system32\atiumd6a.dll
2015-08-04 06:27 . 2014-04-18 02:42 8779872 ----a-w- c:\windows\system32\atiumd64.dll
2015-08-04 06:25 . 2015-08-04 06:25 297672 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2015-08-04 06:23 . 2015-08-04 06:23 21622784 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2015-08-04 06:19 . 2015-08-04 06:19 235008 ----a-w- c:\windows\system32\clinfo.exe
2015-08-04 06:18 . 2015-08-04 06:18 47785472 ----a-w- c:\windows\system32\amdocl64.dll
2015-08-04 06:14 . 2015-08-04 06:14 39714304 ----a-w- c:\windows\SysWow64\amdocl.dll
2015-08-04 06:09 . 2015-08-04 06:09 65024 ----a-w- c:\windows\system32\OpenCL.dll
2015-08-04 06:09 . 2015-08-04 06:09 59392 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-08-04 05:58 . 2015-08-04 05:58 27535872 ----a-w- c:\windows\system32\amdocl12cl64.dll
2015-08-04 05:57 . 2015-08-04 05:57 22318592 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2015-08-04 04:12 . 2015-08-04 04:12 127488 ----a-w- c:\windows\system32\mantle64.dll
2015-08-04 04:12 . 2015-08-04 04:12 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2015-08-04 04:11 . 2015-08-04 04:11 6477312 ----a-w- c:\windows\system32\amdmantle64.dll
2015-08-04 03:43 . 2015-08-04 03:43 5068288 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2015-08-04 03:21 . 2015-08-04 03:21 93696 ----a-w- c:\windows\system32\mantleaxl64.dll
2015-08-04 03:21 . 2015-08-04 03:21 86528 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2015-08-04 02:55 . 2015-08-04 02:55 30752256 ----a-w- c:\windows\system32\atio6axx.dll
2015-08-04 02:32 . 2015-08-04 02:32 25299968 ----a-w- c:\windows\SysWow64\atioglxx.dll
2015-08-04 02:25 . 2015-08-04 02:25 367104 ----a-w- c:\windows\system32\atiapfxx.exe
2015-08-04 02:25 . 2015-08-04 02:25 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2015-08-04 02:25 . 2015-08-04 02:25 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2015-08-04 02:24 . 2015-08-04 02:24 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2015-08-04 02:24 . 2015-08-04 02:24 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2015-08-04 02:24 . 2015-08-04 02:24 15716864 ----a-w- c:\windows\system32\aticaldd64.dll
2015-08-04 02:21 . 2015-08-04 02:21 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2015-08-04 02:21 . 2015-08-04 02:21 50688 ----a-w- c:\windows\system32\amdmmcl6.dll
2015-08-04 02:21 . 2015-08-04 02:21 39424 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2015-08-04 02:07 . 2014-04-18 01:30 442368 ----a-w- c:\windows\system32\atidemgy.dll
2015-08-04 02:07 . 2015-08-04 02:07 160256 ----a-w- c:\windows\system32\atieah64.exe
2015-08-04 02:07 . 2015-08-04 02:07 143872 ----a-w- c:\windows\SysWow64\atieah32.exe
2015-08-04 02:07 . 2015-08-04 02:07 204800 ----a-w- c:\windows\system32\amdgfxinfo64.dll
2015-08-04 02:07 . 2015-08-04 02:07 189952 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll
2015-08-04 02:07 . 2015-08-04 02:07 29696 ----a-w- c:\windows\system32\atimuixx.dll
2015-08-04 02:07 . 2015-08-04 02:07 672768 ----a-w- c:\windows\system32\atieclxx.exe
2015-08-04 02:06 . 2015-08-04 02:06 246784 ----a-w- c:\windows\system32\atiesrxx.exe
2015-08-04 02:05 . 2015-08-04 02:05 190976 ----a-w- c:\windows\system32\atitmm64.dll
2015-08-04 01:48 . 2015-06-23 01:21 865792 ----a-w- c:\windows\system32\coinst_15.20.dll
2015-08-04 01:48 . 2015-08-04 01:48 89088 ----a-w- c:\windows\system32\atisamu64.dll
2015-08-04 01:47 . 2015-08-04 01:47 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2015-08-04 01:43 . 2014-04-18 01:09 1247744 ----a-w- c:\windows\system32\atiadlxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 926720 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2015-08-04 01:43 . 2015-08-04 01:43 926720 ----a-w- c:\windows\SysWow64\atiadlxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2015-08-04 01:43 . 2015-08-04 01:43 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2015-08-04 01:42 . 2015-08-04 01:42 156672 ----a-w- c:\windows\system32\atig6txx.dll
2015-08-04 01:42 . 2015-08-04 01:42 141824 ----a-w- c:\windows\SysWow64\atigktxx.dll
2015-08-04 01:42 . 2015-08-04 01:42 665088 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2015-08-04 01:37 . 2015-08-04 01:37 102912 ----a-w- c:\windows\system32\hsa-thunk64.dll
2015-08-04 01:37 . 2015-08-04 01:37 102400 ----a-w- c:\windows\SysWow64\hsa-thunk.dll
2015-08-04 01:35 . 2015-08-04 01:35 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2015-08-03 10:12 . 2015-06-19 07:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2015-07-23 00:02 . 2015-09-10 13:31 342016 ----a-w- c:\windows\system32\schannel.dll
2015-07-22 17:53 . 2015-09-10 13:31 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-07-22 17:53 . 2015-09-10 13:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-07-15 10:20 . 2015-07-15 10:20 96256 ----a-w- c:\windows\system32\drivers\AtihdW76.sys
2015-07-15 10:20 . 2015-07-15 10:20 103424 ----a-w- c:\windows\system32\DelayAPO.dll
2015-07-04 18:07 . 2015-07-15 13:49 2087424 ----a-w- c:\windows\system32\ole32.dll
2015-07-04 17:48 . 2015-07-15 13:49 1414656 ----a-w- c:\windows\SysWow64\ole32.dll
2015-06-23 11:30 . 2010-11-21 03:27 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-18 06:41 . 2015-05-30 11:30 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-06-18 06:41 . 2015-05-30 11:30 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-18 06:41 . 2015-05-30 11:30 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-06-17 17:47 . 2015-07-15 13:52 404992 ----a-w- c:\windows\system32\gdi32.dll
2015-06-17 17:37 . 2015-07-15 13:52 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-06-16 23:01 . 2015-06-16 23:01 1202856 ----a-w- c:\windows\SysWow64\FM20.DLL
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-08-19 2899136]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-25 6480664]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-08-07 53735968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"SUPER CHARGER"="c:\program files (x86)\MSI\SUPER CHARGER\SUPER CHARGER.exe" [2014-02-21 1047536]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-08-26 6111824]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2015-07-27 56080]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
.
c:\users\Blejzr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CompControl 2.01.lnk - c:\program files (x86)\CompControl 2.01\control.exe [2003-10-4 36864]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CMUAC;Headset6400x1 Device Driver;c:\windows\system32\DRIVERS\Headset6400x1.SYS;c:\windows\SYSNATIVE\DRIVERS\Headset6400x1.SYS [x]
R3 cpuz137;cpuz137;c:\program files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64;c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MSICDSetup;MSICDSetup;e:\cdriver64.sys;e:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;e:\ntiolib_x64.sys;e:\NTIOLib_X64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 ngvss;ngvss; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\SUPER CHARGER\ChargeService.exe;c:\program files (x86)\MSI\SUPER CHARGER\ChargeService.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys;c:\program files (x86)\MSI\SUPER CHARGER\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-09-02 22:24 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\45.0.2454.85\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-09-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-19 11:21]
.
2015-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 11:52]
.
2015-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-09-18 11:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-08-16 10:57 778056 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 164016 ----a-w- c:\users\Blejzr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-14 7575768]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~3\Office15\EXCEL.EXE/3000
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~3\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 94.142.233.120 94.142.233.140
FF - ProfilePath - c:\users\Blejzr\AppData\Roaming\Mozilla\Firefox\Profiles\onelrn77.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-KALENDARE_KALENDARE - c:\windows\system32\KALENDARE_KALENDARE_uninstaller.exe
AddRemove-TmNationsForever_is1 - g:\tmnationsforever\unins000.exe
AddRemove-UmF5bWFuTGVnZW5kcw==_is1 - g:\rayman legends\unins000.exe
AddRemove-{15134cb0-b767-4960-a911-f2d16ae54797} - c:\programdata\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{53d408db-eb91-43fb-9d8f-167681c19763} - c:\programdata\Package Cache\{53d408db-eb91-43fb-9d8f-167681c19763}\VS2013.4.exe
AddRemove-{7dbba119-718a-4f68-b33e-454dc8aa5faf} - c:\programdata\Package Cache\{7dbba119-718a-4f68-b33e-454dc8aa5faf}\VS12-KB2932965.exe
AddRemove-{7f51bdb9-ee21-49ee-94d6-90afc321780e} - c:\programdata\Package Cache\{7f51bdb9-ee21-49ee-94d6-90afc321780e}\vcredist_x64.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{96a8b90c-0a91-4e76-ab34-730c23923d11} - c:\programdata\Package Cache\{96a8b90c-0a91-4e76-ab34-730c23923d11}\vs_community.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe
AddRemove-UnityWebPlayer - c:\users\Blejzr\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\EverestDriver]
"ImagePath"="\??\c:\program files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2015-09-14 18:02:57
ComboFix-quarantined-files.txt 2015-09-14 16:02
.
Před spuštěním: Volných bajtů: 263 317 217 280
Po spuštění: Volných bajtů: 263 140 155 392
.
- - End Of File - - 7C6C54A5DA4C7E2750DCFB1EC132FDB0
5C616939100B85E558DA92B899A0FC36


PC se nerestartoval, tak ho jdu restartovat rucne..

[MachrCZ]

hmmm po combofixu se PC nacetl neskutecne rychle a ani se nesekl firefox.. to jsem dlouho nezazil..

ty anti rogue softwary, jaky mam stahnout? A muzu to vubec mit v PC aktivni soucasne s AVASTem? Pokud vim tak AVAST se nesneze se zadnym jinym antivirem.. :(

[jaro3]

Nic nestahujou , to jsou fake nástroje!

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate


Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

CF smazal nějaké fotky:
C:\DSCN2962.JPG
C:\DSCN2963.JPG
C:\DSCN2964.JPG
C:\DSCN2965.JPG
C:\DSCN2966.JPG
C:\DSCN2967.JPG
C:\DSCN2968.JPG
C:\DSCN2971.JPG

Chceš je vrátit?

[MachrCZ]

Koukal jsem ze mi smazal fotky.. Jsem si rikal co proti nim ma.. Docela rad bych koukl co to vubec bylo za fotky no.. ale nevim zda to pujde jeste nejak vratit..

zitra po praci to udelam, jinak se divim ze tam je toho jeste tolik :O Jsi nasel nejakou novou potvoru?

[jaro3]

Tak místo toho scriptu udělej tento:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
DEQUARANTINE::
C:\Qoobox\Quarantine\C:\DSCN2962.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2963.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2964.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2965.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2966.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2967.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2968.JPG.vir
C:\Qoobox\Quarantine\C:\DSCN2971.JPG.vir

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Spíš jen balast , zbytečnosti + klíč od McAfee..