Chytil jsem nějaký breberky

Reklama

Speed_dead · Příspěvekod **Speed_dead** » 09 srp 2016 00:19

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:19:11, on 9.8.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0494)

FIREFOX: 24.0 (cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
E:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
E:\Program FIles 2\Final Mate\LaunchFinalMate.exe
C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Razer\SurroundRedist\bin\RzMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
E:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
C:\Users\User\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Wondershare Player 1.6.0 - {43D9786F-A485-683B-9B5B-ACC97ABC17FC} - C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEVENT~1.EXE
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Player\DelayPluginI.exe
O4 - HKLM\..\Run: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized
O4 - HKLM\..\Run: [zBrowser Launcher] e:\Program Files (x86)\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Razer Surround Redist] C:\Program Files (x86)\Razer\SurroundRedist\bin\RzMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Stronghold AntiMalware] e:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
O4 - HKCU\..\Run: [AshSnap] E:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe
O4 - HKCU\..\Run: [StartMenuX] "e:\Program Files\Start Menu X\StartMenuX.exe"
O4 - HKCU\..\Run: [LaunchFinalMate] E:\Program FIles 2\Final Mate\LaunchFinalMate.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe -autostart
O4 - HKCU\..\Run: [Wunderlist] "C:\Program Files (x86)\Wunderlist2\Wunderlist.exe" /silent
O4 - HKCU\..\Run: [AllMyNotes] E:\Program FIles 2\AllMyNotes Organizer\AllMyNotes.exe -autostartup
O4 - HKCU\..\Run: [Kryptel Shredder] "E:\Program FIles 2\Kryptel\Shredder.exe" /startup
O4 - HKCU\..\Run: [3C315CB7C05A2A2BFAEAFA05AE1603CA95A938F0._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [KMPConnect] C:\Program Files (x86)\KMPConnect\kair_view.exe
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Folder Size] E:\Program Files\FolderSize\FolderSize.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Gmail Notifier.exe] C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe /startup
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = User\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EaseUS EverySync.lnk = E:\Program FIles 2\EaseUS EverySync\bin\EverySync.exe
O4 - Startup: irista uploader.lnk = E:\Program FIles 2\Canon Irsta\Irista.exe
O4 - Global Startup: Advanced Recent Access.lnk = C:\Users\User\AppData\Roaming\TSSI\Advanced Recent Access\Advanced Recent Access.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: Quietzone.lnk = C:\Program Files (x86)\Quietzone\RQZ\rvsgui.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{86ab0dbd-174d-4f3a-a224-32433942aeaf}: NameServer = 192.168.2.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: WSIEChrome - {6D02ED5F-FD0D-4C4C - (no file)
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Ashampoo Core Tuner 2 Service (ACT2_Service) - Unknown owner - E:\Program FIles 2\Ashampoo Core Tuner 2\ACT2Service.exe
O23 - Service: Clock Adjuster (Adjuster) - AltrixSoft - E:\Program FIles 2\Chronograph\adjust.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced Task Scheduler Service (advschedulerbsc) - Southsoftware.com - E:\Program FIles 2\Advanced Task Scheduler\advscheduler_service.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - E:\Program FIles 2\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: Bacula File Backup Service (Bacula-fd) - Unknown owner - C:\Program Files\Bacula\bacula-fd.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) - CyberGhost S.R.L - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: DAZ Content Management Service (DAZContentManagementService) - Unknown owner - C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
O23 - Service: Desura Install Service - Desura Net Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: Služba defragmentace (DfSdkS) - mst software GmbH, Germany - e:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Folder Size (FolderSize) - Brio - E:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Quietzone Communication and Storage Service (rccsvc) - Returnil and its licensors - C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe
O23 - Service: Realtek11nCU - Realtek - C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Quietzone Core Service (rsssvc) - Returnil and its licensors - C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe
O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service_KAir (ServiceKAirModule) - Unknown owner - C:\Program Files (x86)\KMPConnect\KMPConnectService.exe
O23 - Service: Siemens PLM License Server - Flexera Software LLC. - e:\Program Files\Siemens\PLMLicenseServer\lmgrd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem117.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Unknown owner - C:\Program Files (x86)\Wondershare\WAF\WsAppService.exe (file missing)

--
End of file - 18702 bytes

Speed_dead · Příspěvekod **Speed_dead** » 09 srp 2016 00:23

Dneska se PC choval vcelku slušně, ale ještě včera na mě vyskakovaly různá reklamní okna. Musím na PC chvíli ještě pracovat, abych se ujistil, že jsem se jich opravdu zbavil. Stačilo kliknout na libovolný normální odkaz a občas se na mě otvírala reklama na úplně obyčejné věci jako třeba betonové dlaždice, na online hry a další. Dneska nic, ale uvidím, zda jsme je úplně vyhubili, jelikož jsem na něm byl docela krátkce.

Příspěvekod **jaro3** » 09 srp 2016 09:02

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Deaktivuj si rezidenční štíty u svého antiviru i Windows Defenderu, nejlépe až do restartu PC.
Stáhni si AdsFix
http://www.telecharger.sosvirus.net/download/quickdiag/
nebo:
https://toolslib.net/downloads/viewdownload/20-adsfix/

klikni na „Télécharger“. A ulož si soubor na svojí plochu.
Poznámka: Ulož si svojí práci před pokračováním!
Zavři všechny ostatní programy a prohlížeče.
Spusť AdsFix.exe poklepáním ( u Windows Vista/7/8/8.1/10, klikni pravým myšítkem a z nabídky vyber "spustit jako správce")
Pro silně infikovaný PC to může trvat několik sekund, než se program spustí.
Nástroj se spustí a zobrazí se, vyhledávání a inicializace jejich aktualizaci, zobrazí se funkce nástroje.
Chceš-li odemknout nástroj pro čištění počítače, klikni na tlačítko „Option“ ("Možnosti")

Objeví se okno ,klikni na tlačítko „Unlock the deletion“ ("Odblokovat")
Klikneš-li přímo na "Clean" bez možnosti odemknutí, ukáže Vám nástroj okno , abyste nejprve nástroj odblokovali.
Pokud nástroj zjistí, že váš antivirový je stále aktivní, objeví se okno označující, že byste ho měli zakázat před klepnutím na tlačítko "OK" pro pokračování čištění AdsFix.
Pak klikni na tlačítko „Clean“ (Vyčistit) poté , co se zveřejní možnosti.
Zadejte svou "Zemi", a potvrďte tlačítkem "OK"
Nástroj provede zálohu registru.
Obrazovka zmizí a nástroj začne pracovat ...
Při čištění, Tě může nástroj vyzvat k odstranění proxy, klepni na tlačítko "Delete".

Na konci čištění, se AdsFix zeptá, zda: chceš nechat zprávu odeslat do Infekční laboratoře k analýze? .... Klikni na "OK" to umožní aktualizovat nástroj..

Pro kompletní vyčištění,vás nástroj vyzve k restartování počítače, klepněte na tlačítko "OK".
Pak se PC restartuje.
Po spuštění PC se objeví zpráva na ploše.
Nicméně, pokud se zpráva neobjeví na ploše, nachází se také zde => C: \ AdsFix_[b](datum_hodina_minuta_).txt [/b]Bude to jen hostovat na upload.sosvirus a zveřejnění své zprávy na Virus fóru SOS.
Zkopíruj sem celý obsah té zprávy.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:52

Tak jsem se dostal k pokračování čištění.

Obrazovka zmizí a nástroj začne pracovat ...
Při čištění, Tě může nástroj vyzvat k odstranění proxy, klepni na tlačítko "Delete".

Na konci čištění, se AdsFix zeptá, zda: chceš nechat zprávu odeslat do Infekční laboratoře k analýze? .... Klikni na "OK" to umožní aktualizovat nástroj..

Obrazovka nezmizela, jen se změnila. Ukazoval se počet proskenovaných souborů, počet pozměněných a smazaných. Ukazovalo to dole nějaký klíče z registru a pak procenta, jak skenování postupuje. Bylo dost pomalý. Ráno, když jsem šel do práce to boly po 13 hodinách skenování na 60% a proskenoval necelý milion čehosi. V té době hlásil asi 60 smazání. Teď když jsem přišel domů, tak jsem kliknul, abych probudil PC ze spánku a zahlídnul jsem AdsFix a přes něj nějaký chybový okno s cestou na nějaký soubor v adresáří obsahující (x86). Vzápětí okno zmizelo. Mám pustit znovu AdsFix , když se mě AdsFix kvůli chybě nezeptal nebo mám pokračovat na FarbarRecovery Scan Tool?

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:53

Tohle je log, co vytvořil, ač spadnul:

---------- | AdsFix | g3n-h@ckm@n | 3_15.08.2016.1

----- Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- Start 19:45:35 - 15/08/2016

update on : 15/08/2016 | 16.45 by g3n-h@ckm@n
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFixAntiAdware
C:\Users\User\Desktop\adsfix_3_15.08.2016.1.exe
Boot: Normal boot
[User (Administrator)] - [SPEEDEAD] - (Czech republic [0405])
SID = S-1-5-21-1307476702-397689000-4170537798-1000 || [55736572205e5e]
PC : Gigabyte Technology Co., Ltd. - Z77-D3H - To be filled by O.E.M.
Processor : X64 - 3193 - Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Bios : American Megatrends Inc. - 08/21/2012 - V.F18
CoreTemp : 29.8 C

CPU #1 value:6 %
CPU #2 value:0 %
CPU #3 value:0 %
CPU #4 value:0 %
Total Overall CPU Usage value:2 %

System : Windows 10 Pro (64 bits) Professional
RAM memory = Total (MB) : 8346 | Free (MB) : 4797
Pagefile = Total (MB) : 8960 | Free (MB) : 5081
Virtual = Total (MB) : 4194 | Free (MB) : 3895

C:\ -> [Fixed] | [OS-SSD] | Total : 111.25 Go | Free : 14.05 Go -> NTFS (SSD) [ATA]
E:\ -> [Fixed] | [WD 3TB] | Total : 2794.39 Go | Free : 637.1 Go -> NTFS [ATA]
J:\ -> [CDROM] | [Elektor2012] | Total : 1.94 Go | Free : 0 Go -> UDF [FileBackedVirtual]

Registry saved, to restore : Click on Options & Restore the register (C:\AdsFix\Save\Registry [15.08.2016 @ 19_45_34]) or an element
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"

---------- | Windows Updates

---------- | Browsers

IE : 11.0.10586.545 (© Microsoft Corporation. Všechna práva vyhrazena.)
GC : 52.0.2743.116 (Copyright 2016 Google Inc. All rights reserved.)
MS-Edge : 11.0.10586.545 (© Microsoft Corporation. All rights reserved.)

---------- | Security (atcav : 3)

FW : ESET Personální firewall Disabled
WMI : OK
WU: Windows Update Service [Manual(3)] = Order
AS: Windows Defender [Manual(3)] = Order
FW: Windows FireWall Service [Auto(2)] = Started
WMI: Windows Management Instrumentation (System Information) [Auto(2)] = Started

---------- | FlashPlayer

ActiveX : 22.0.0.209

---------- | Killed processes

1296 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 358.91.) - (8.17.13.5891) = C:\Windows\System32\nvvsvc.exe
1320 | [Owner : LOCAL SERVICE |Parent : 1060(svchost.exe)] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (10.0.10586.0) = C:\Windows\System32\WUDFHost.exe
1404 | [Owner : SYSTEM |Parent : 1296()] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.5891) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1412 | [Owner : SYSTEM |Parent : 1296()] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 358.91.) - (8.17.13.5891) = C:\Windows\System32\nvvsvc.exe
1640 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Returnil and its licensors - Quietzone Communication and Storage Service.) - (4.0.17281.7326) = C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe
1648 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Returnil and its licensors - Quietzone Core Service.) - (4.0.17281.7326) = C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe
1544 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Microsoft Corporation - Spooler SubSystem App.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe
2452 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.19.1728) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2460 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.ABBYY (BIT Software) - ABBYY network license server.) - (1.0.0.317) = C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
2576 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.AltrixSoft - Chronograph's time adjusting service.) - (1.0.0.0) = E:\Program FIles 2\Chronograph\adjust.exe
2596 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.CobianSoft, Luis Cobian - Cobian Backup Gravity VSC Requester.) - (11.0.0.0) = C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
2604 | [Owner : SYSTEM |Parent : 856(services.exe)] - (. - RichVideo Module.) - (2.0.1.7413) = C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
2612 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - (2.0.4.5627) = C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
2696 | [Owner : SYSTEM |Parent : 856(services.exe)] - (. - .) - (0.0.0.0) = E:\Program FIles 2\Ashampoo Core Tuner 2\ACT2Service.exe
2712 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.24.388.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe
2720 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (8.1.0.1252) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
2728 | [Owner : SYSTEM |Parent : 856(services.exe)] - (. - .) - (0.0.0.0) = C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
2772 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Southsoftware.com - Advanced Task Scheduler x64 Edition Service.) - (3.3.0.608) = E:\Program FIles 2\Advanced Task Scheduler\advscheduler_service.exe
2780 | [Owner : SYSTEM |Parent : 856(services.exe)] - (. - .) - (0.0.0.0) = E:\Program FIles 2\Ashampoo HDD Control 2\AHDDC2_Service.exe
2792 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Brio - FolderSize Service.) - (1.6.0.0) = E:\Program Files\FolderSize\FolderSizeSvc.exe
2872 | [Owner : LOCAL SERVICE |Parent : 1060(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.10586.0) = C:\Windows\System32\dasHost.exe
3096 | [Owner : NETWORK SERVICE |Parent : 856(services.exe)] - (.Microsoft Corporation - Message Queuing Service.) - (10.0.10586.0) = C:\Windows\System32\mqsvc.exe
3112 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Logitech Inc. - Logitech LVPrcSrv Module..) - (12.10.1110.0) = C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
3124 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
3248 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - (2.0.4.5627) = C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
3256 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Realtek - RtlService MFC Application.) - (700.1006.416.2010) = C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
3264 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.AVerMedia TECHNOLOGIES, Inc. - AVer Update Service.) - (2.0.2.4) = C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
3280 | [Owner : SYSTEM |Parent : 856(services.exe)] - (. - ScheduleService Module.) - (1.0.0.46) = C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
3288 | [Owner : SYSTEM |Parent : 856(services.exe)] - (. - .) - (1.0.0.0) = C:\Program Files (x86)\KMPConnect\KMPConnectService.exe
3296 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2015.130.1601.5) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
3324 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Microsoft Corporation - Updates Skype Click to Call.) - (8.3.0.9150) = C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
3432 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.VIA Technologies, Inc. - Service binary.) - (0.1.0.0) = C:\Windows\System32\ViakaraokeSrv.exe
3452 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.AVerMedia - AVerRemote MFC Application.) - (1.0.1.31) = C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
3464 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.11.4.0) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
3476 | [Owner : NETWORK SERVICE |Parent : 856(services.exe)] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) - (8.3.0.9150) = C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
3700 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.A-Volute - Maelstrom VAD Streaming Service.) - (1.1.58.1854) = C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
3708 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
4004 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.IObit - Product Updater.) - (2.1.5.933) = C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
4028 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.CyberGhost S.R.L - CyberGhost VPN Service.) - (5.0.14.7) = C:\Program Files\CyberGhost 5\Service.exe
4112 | [Owner : SYSTEM |Parent : 996(svchost.exe)] - (.Logitech Inc. - Logitech LVPrS64H Module..) - (12.10.1110.0) = C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
4424 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Flexera Software LLC. - Flexera Software LLC..) - (11.10.1.0) = E:\Program Files\Siemens\PLMLicenseServer\lmgrd.exe
4496 | [Owner : SYSTEM |Parent : 4424()] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe
4744 | [Owner : SYSTEM |Parent : 4424()] - (.Flexera Software LLC. - Flexera Software LLC..) - (11.10.1.0) = E:\Program Files\Siemens\PLMLicenseServer\lmgrd.exe
5020 | [Owner : LOCAL SERVICE |Parent : 856(services.exe)] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.6.1038.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
5024 | [Owner : NETWORK SERVICE |Parent : 856(services.exe)] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.6.1038.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
5068 | [Owner : SYSTEM |Parent : 3288()] - (. - .) - (1.0.0.10) = C:\Program Files (x86)\KMPConnect\kmpconnectcore.exe
5200 | [Owner : _ashbackuppb_ |Parent : 856(services.exe)] - (. - .) - (0.0.0.0) = E:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupService-abpb.exe
5548 | [Owner : NETWORK SERVICE |Parent : 856(services.exe)] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
6544 | [Owner : _ashbackuppb_ |Parent : 5200()] - (. - .) - (0.0.0.0) = E:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\oxHelper.exe
6816 | [Owner : SYSTEM |Parent : 3124()] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
6916 | [Owner : User |Parent : 872(svchost.exe)] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe
7044 | [Owner : User |Parent : 872(svchost.exe)] - (.Greatis Software - Detects Rootkits in background.) - (7.1.0.434) = E:\Program FIles 2\UnHackMe\hackmon.exe
6308 | [Owner : User |Parent : 996(svchost.exe)] - (. - .) - (10.1.2123.36) = C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
388 | [Owner : User |Parent : 5844(explorer.exe)] - (.OrdinarySoft - StartMenuX/StartMenu10.) - (5.8.5.36) = E:\Program Files\Start Menu X\StartMenuX.exe
7220 | [Owner : User |Parent : 996(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe
8136 | [Owner : SYSTEM |Parent : 3256()] - (.Realtek Semiconductor Corp. - RtWLan ( For Vista / Win7) Application(External Registrar).) - (700.1634.408.2011) = C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
8284 | [Owner : User |Parent : 872(svchost.exe)] - (.Microsoft Corporation - Task Scheduler Engine.) - (10.0.10586.494) = C:\Windows\System32\taskeng.exe
8684 | [Owner : User |Parent : 1404()] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.5891) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
8764 | [Owner : User |Parent : 8684()] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.6.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1144 | [Owner : User |Parent : 8284()] - (.Bitsum - Process Lasso management console.) - (6.5.0.0) = C:\Program Files\Process Lasso\ProcessLasso.exe
2968 | [Owner : User |Parent : 996(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10586.545) = C:\Windows\System32\SettingSyncHost.exe
9080 | [Owner : User |Parent : 5844(explorer.exe)] - (.Logitech Inc. - Logitech Gaming Framework.) - (8.46.27.0) = C:\Program Files\Logitech Gaming Software\LCore.exe
9676 | [Owner : User |Parent : 5844(explorer.exe)] - (.Pelikan Software Kft. - priPrinter Dispatcher.) - (6.0.2.2255) = C:\Program Files\priPrinter\pritray.exe
9968 | [Owner : User |Parent : 5844(explorer.exe)] - (.Ashampoo GmbH & Co. KG - MediaSyncTray.) - (1.0.2.0) = E:\Program Files (x86)\Ashampoo\Ashampoo Media Sync\MediaSyncTray.exe
10172 | [Owner : User |Parent : 5844(explorer.exe)] - (. - .) - (0.0.0.0) = E:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\backupClient-abpb.exe
9380 | [Owner : User |Parent : 5844(explorer.exe)] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9.) - (9.0.0.1) = E:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe
9824 | [Owner : User |Parent : 5844(explorer.exe)] - (. - .) - (0.0.0.0) = E:\Program FIles 2\Final Mate\LaunchFinalMate.exe
9804 | [Owner : User |Parent : 10172()] - (. - .) - (0.0.0.0) = E:\Program Files\Ashampoo\Ashampoo Backup Pro 10\bin\oxHelper.exe
9964 | [Owner : SYSTEM |Parent : 788(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.10586.420) = C:\Windows\System32\fontdrvhost.exe
4332 | [Owner : User |Parent : 5844(explorer.exe)] - (.Vladonai Software (http://www.vladonai.com) - AllMyNotes Organizer.) - (2.80.0.572) = E:\Program FIles 2\AllMyNotes Organizer\AllMyNotes.exe
10060 | [Owner : User |Parent : 5844(explorer.exe)] - (.Google Inc. - Google Chrome.) - (52.0.2743.116) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
9424 | [Owner : User |Parent : 5844(explorer.exe)] - (.Dropbox, Inc. - Dropbox Update.) - (1.3.27.7) = C:\Users\User\AppData\Local\Dropbox\Update\DropboxUpdate.exe
9084 | [Owner : User |Parent : 5844(explorer.exe)] - (.Brio - Folder Size Window.) - (0.1.0.1) = E:\Program Files\FolderSize\FolderSize.exe
8168 | [Owner : User |Parent : 5844(explorer.exe)] - (.Skype Technologies S.A. - Skype .) - (7.26.0.101) = C:\Program Files (x86)\Skype\Phone\Skype.exe
8396 | [Owner : User |Parent : 5844(explorer.exe)] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6390.509) = C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
9912 | [Owner : User |Parent : 5844(explorer.exe)] - (.www.gmailnotifier.com - Gmail Notifier.) - (1.0.0.87) = C:\Program Files (x86)\Gmail Notifier\Gmail Notifier.exe
8320 | [Owner : User |Parent : 9656()] - (.Desura Net Pty Ltd - Desura Main Exe.) - (0.0.20.2) = E:\Program FIles 2\Desura 2\desura.exe
9612 | [Owner : User |Parent : 5644()] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) - (1.0.0.120) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
8076 | [Owner : User |Parent : 5844(explorer.exe)] - (. - HIDRec Application - AVerHID.) - (1.0.0.9) = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
8804 | [Owner : User |Parent : 5844(explorer.exe)] - (.AVerMedia TECHNOLOGIES, Inc. - AVerQuick.) - (1.0.0.48) = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
5212 | [Owner : User |Parent : 5644()] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (2.3.0.1) = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
7680 | [Owner : User |Parent : 5844(explorer.exe)] - (.Returnil and its licensors - Quietzone User Interface.) - (4.0.17281.7326) = C:\Program Files (x86)\Quietzone\RQZ\rvsgui.exe
8112 | [Owner : User |Parent : 5644()] - (.Zemana Ltd. - Zemana AntiLogger User Interface.) - (1.9.3.525) = C:\Program Files (x86)\AntiLogger\AntiLogger.exe
9356 | [Owner : User |Parent : 5844(explorer.exe)] - (.Dropbox, Inc. - Dropbox.) - (7.4.30.0) = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
6124 | [Owner : User |Parent : 5844(explorer.exe)] - (.CHENGDU Yiwo Tech Development Co., Ltd. - .) - (2.0.0.0) = E:\Program FIles 2\EaseUS EverySync\bin\EverySync.exe
11048 | [Owner : User |Parent : 5644()] - (.BlueStack Systems, Inc. - BlueStacks Agent.) - (2.0.4.5627) = C:\Program Files (x86)\BlueStacks\HD-Agent.exe
10960 | [Owner : User |Parent : 5644()] - (.Razer Inc. - RzMonitor.) - (1.0.5.0) = C:\Program Files (x86)\Razer\SurroundRedist\bin\RzMonitor.exe
11168 | [Owner : User |Parent : 856(services.exe)] - (.Microsoft Corporation - Host Process for Windows Services.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe
10916 | [Owner : User |Parent : 5644()] - (.Security Stronghold - Stronghold AntiMalware.) - (1.2.0.27) = E:\Program Files (x86)\Stronghold AntiMalware\StrongholdAntiMalware.exe
10884 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Intel Corporation - Local Manageability Service.) - (8.1.0.1252) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
5672 | [Owner : SYSTEM |Parent : 856(services.exe)] - (.Intel Corporation - User Notification Service.) - (8.1.0.1252) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
3864 | [Owner : User |Parent : 7044()] - (.Greatis Software - Detects and removes rootkits.) - (7.11.0.435) = E:\Program FIles 2\UnHackMe\Unhackme.exe
9072 | [Owner : SYSTEM |Parent : 872(svchost.exe)] - (.Microsoft Corporation - Task Scheduler Engine.) - (10.0.10586.494) = C:\Windows\System32\taskeng.exe

---------- | Tasks

Deleted successfully : Advanced Registry Care Pro AutoStart
Deleted successfully : FileSearchyPro_SkipUAC
Deleted successfully : CreateChoiceProcessTask

---------- | Services

---------- | AppCertDlls | AppInit_DLLs

---------- | DNSapi.dll

C:\WINDOWS\System32\dnsapi.dll : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll : \drivers\etc\hosts

---------- | Hosts

---------- | SafeBoot

---------- | Winsock

---------- | DNS

---------- | Register

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:53

Deleted successfully : HKLM\SOFTWARE\Classes\.hislider : HiSlider.hislider
Deleted successfully : HKLM\SOFTWARE\Classes\AvrDataMgr.AvrDataMgr : AvrDataMgr Class
Deleted successfully : HKLM\SOFTWARE\Classes\AvrDataMgr.AvrDataMgr.1 : AvrDataMgr Class
Deleted successfully : HKLM\SOFTWARE\Classes\AvrParserElfDwarf.AvrParserElfDwarfComp : ELF/DWARF
Deleted successfully : HKLM\SOFTWARE\Classes\AvrParserElfDwarf.AvrParserElfDwarfComp.1 : ELF/DWARF
Deleted successfully : HKLM\SOFTWARE\Classes\Download.SwInstaller : SwInstaller Class
Deleted successfully : HKLM\SOFTWARE\Classes\Download.SwInstaller.1 : SwInstaller Class
Deleted successfully : HKLM\SOFTWARE\Classes\Download.SwInstallerAttributes.1 : SwInstallerAttributes Class
Deleted successfully : HKLM\SOFTWARE\Classes\HiSlider.hislider : "E:\Program FIles 2\Hi Slider\HiSlider.exe" -s"%1"
Deleted successfully : HKLM\SOFTWARE\Classes\MarkupPropertySheet.MarkupPropertySheet : MarkupPropertySheet Class
Deleted successfully : HKLM\SOFTWARE\Classes\MarkupPropertySheet.MarkupPropertySheet.1 : MarkupPropertySheet Class
Deleted successfully : HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl : SwInstallerCtl Class
Deleted successfully : HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1 : SwInstallerCtl Class
Deleted successfully : HKLM\SOFTWARE\Classes\WebBind.WebBind : WebBind Class
Deleted successfully : HKLM\SOFTWARE\Classes\WebBind.WebBind.1 : WebBind Class
Deleted successfully : HKLM\SOFTWARE\Classes\WSBrowserAppMgr.ChromeProtocol :
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe : #
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\StowDeskBar.EXE : #
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\{6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} : SoftwareUpdateApp #
Deleted successfully : HKLM\SOFTWARE\Classes\AppID\{AE69DED1-9A74-454B-AB47-327FCAA0C4A0} : StowDeskBar #
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\Download.SwInstallerAttributes : SwInstallerAttributes Class
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\AppID\SoftwareUpdateAdmin.DLL : #
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1FF7385D-1648-4930-AF5B-0F1A00A5189F} : C:\Program Files (x86)\Atmel\AVR Tools\AvrStudio4\dll\AvrDataMgr.dll
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{28310B1B-B757-4b87-9AFA-8E5FAF126156}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4DB2E429-B905-479A-9EFF-F7CBD9FD52DE} : C:\Windows\SysWow64\Adobe\Director\SwDir_1200112.dll
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D02ED5F-FD0D-4C4C-91F9-46ED6A18CEA7} : C:\ProgramData\Wondershare\Player\WSBrowserAppMgr.dll
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BEBDC1DF-D793-4F6C-B8FF-E831A1C2595C} : C:\Windows\SysWow64\bzpdfc.dll #
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D21ED08F-6B88-45EC-A71C-6BD453B561D0}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D616F350-D622-11CE-AAC5-0020AF0B99A3} : E:\Program FIles 2\1AVShare\sof2spec.ax #
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D67AE2EB-5D5C-49F4-B358-6680CC868477} : C:\Program Files (x86)\Atmel\AVR Tools\Parsers\AvrParserElfDwarf.dll
Deleted successfully : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\JustCloud
Deleted successfully : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update lucky leap
Deleted successfully : HKLM\SOFTWARE\Microsoft\Tracing\JustCloud_RASAPI32
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\HD-UpdaterService_RASAPI32
Deleted successfully : [HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]~[E:\Download\DriverBoosterPro15\Setup.exe]
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Digital River
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\hislider
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\AppDataLow\Software\Smartbar
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Digital River
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\hislider
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\IObit
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\keen software house
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\TENCENT
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Engelmann Media
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Lubomir Dykast : <?xml version="1.0" encoding="utf-16"?>
<GUI xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:53

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:54

Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Manic : l9AFGVJFWtxPYJhLu5qByjU5eQ/0b5cWrjc3+TIUoyYyh86w+6rTLH3DQ1V6QynfHC0Fy8UeBM0m1iIgaxqNB/r8CRl7IBJGyraxY5ElUklkyQBXnk9ChM8/spMTNMDd9EUvpwekKHC/cwTd4Wvsyy0SowunyaY8xdQbNcju4cg=
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Nagarsoft : lwAgAQQAAADTXmFNnAzRAawAZW1haWw9c3BlZWRlYWRAZ21haWwuY29tfHBvd2VyTGljZW5zZT0wfHNlcmlhbD1TVEQtOTYyRC05NkIyLTkwRTgtNDA4OC1HT3xzdXBwb3J0RXhwaXJlRGF0ZT0yMDE1MTAyMnxuYW1lPVNwZWVkIERlYWR8bXVzdEluc3RhbGxCeT0yMDE1MTAyMnxub1VwZGF0ZXM9MXxjb21wYW55PUZSRUUgTElDRU5TRRLhjqqXhtEyEsc63mtV/mZGquXaxV47h2SdUcdxYFg0icHdFdKvTDRHuMiHF5DcfLL9g8rtiWyaPXwUph3B+Be+fev7YuDbORpwbAdplkWEuCx67D5OvJ2W5w+9N094l+VceoSpd6CVMw+sNpq/tM9uSQvEyCZSvIgWDXuH/yhaBV2jA49UNd3BOLvoorwNSr7J6XrsmZs/Ezzj7gILds7EZZPbXbTYdJABdXaJ+jxvL8l4LGZ3b+xBCGpIYcSdlWnLXr0bQ8REya7AIez8QBn5fiFY/wg2RFS6VrsPEYEwPo8cHGwHHDrHx/2fChqbVJFzbiLY1L9nXsr61RvD7Bg=
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Nico Mak Computing
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\PCWinSoft
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Engelmann Media
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\PCWinSoft
Deleted successfully : [HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope] :

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:54

{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]~[DefaultScope]
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\7af3d008_0 : {0.0.0.00000000}.{0faf7d56-815a-421b-a051-2bfcd85019f8}|\Device\HarddiskVolume2\Users\User\AppData\Local\Temp\nsdB09.tmp\bi_client.exe%b{00000000-0000-0000-0000-000000000000}
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\a27a5c88_0 : {0.0.0.00000000}.{0faf7d56-815a-421b-a051-2bfcd85019f8}|\Device\HarddiskVolume2\Users\User\AppData\Local\Temp\BetterInstaller.exe%b{00000000-0000-0000-0000-000000000000}
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} : 1
Deleted successfully : HKU\S-1-5-21-1307476702-397689000-4170537798-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5D7F2B5D-AB66-467A-B87C-2951EF5BBC9B} : 1
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F16B1D3924020A725CFACF64D19DC36 : E:\Program Files\Siemens\NX 10.0\UGII\bitmaps\high_quality.1x.bma
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\13D79CCEBE9FE675A8C0A0E8FD30AF0F : E:\Program Files (x86)\Visual\Common7\IDE\PrivateAssemblies\Xceed.Wpf.DataGrid.dll
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EE156209CEF4EB5AA5ECE16377F0AB6 : E:\Program Files (x86)\Visual\Common7\IDE\PrivateAssemblies\Xceed.Wpf.Controls.dll
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EB18DA0663F392A88C738373B3CEEE2 : E:\Program FIles 2\Panavue ImageAssembler\InstallManagerPiA3.exe
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\633FB2405D7A9B356810CA0A5F6B46CB : E:\Program Files\FXhome\HitFilm 3 Express\mocha\bin\QtSvg4.dll
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1CD8B68CBBE09554B2B9DB9582A5870 : E:\Program Files\FXhome\HitFilm 3 Express\ippccu8-8.2.dll
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C29AF2AEEED8054B83C0F8AB5F5DA8A :

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:54

[C:\Windows\Installer\47d485.msi]
Deleted successfully : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\SharedDLLs]~[E:\Program FIles 2\1AVShare\sof2spec.ax]
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software Informer_is1 : (Software Informer 1.2) "C:\Program Files\Software Informer\unins000.exe" -> C:\Program Files\Software Informer\
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObit Surfing Protection_is1 : (Surfing Protection) "C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe" -> C:\Program Files (x86)\IObit\Surfing Protection\
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KC Softwares AVIToolbox_is1 : (KC Softwares AVIToolbox)

Speed_dead · Příspěvekod **Speed_dead** » 16 srp 2016 19:55

"E:\Program FIles 2\AVIToolbox\unins000.exe" -> E:\Program FIles 2\AVIToolbox\
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{645C273A-98F6-441A-9DD9-3147F97FA659}_is1 : (1AVShare version 1.7.7.71) E:\Program FIles 2\1AVShare\SmUninst.exe -> E:\Program FIles 2\1AVShare\
Deleted successfully : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A2FA92C7-DEEE-4508-8BC3-F0A85B5FADA8} : (CinemaHD 4 Free) MsiExec.exe /I{A2FA92C7-DEEE-4508-8BC3-F0A85B5FADA8} -> C:\Program Files (x86)\Engelmann Media\CinemaHD 4 Free\

Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Re: Chytil jsem nějaký breberky

Kdo je online