vycistit PC

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: vycistit PC

Příspěvekod jaro3 » 16 bře 2016 10:13

Platform: Windows 7 -------------doinstaluj si SP1!)

log z Combofixu není celý , chybí začátek!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
Uživatelský avatar
divine
Level 5.5
Level 5.5
Příspěvky: 2788
Registrován: červenec 12
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: vycistit PC

Příspěvekod divine » 25 bře 2016 17:33

ComboFix 16-03-19.01 - Flex 25.03.2016 17:11:29.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8190.5227 [GMT 1:00]
Running from: c:\users\Flex\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2016-02-25 to 2016-03-25 )))))))))))))))))))))))))))))))
.
.
2016-03-25 16:18 . 2016-03-25 16:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-25 14:43 . 2016-03-25 14:43 119808 ----a-r- c:\users\Flex\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2016-03-24 11:21 . 2016-03-24 11:21 -------- d-----w- c:\windows\system32\SPReview
2016-03-24 11:20 . 2016-03-24 11:20 -------- d-----w- c:\windows\system32\EventProviders
2016-03-24 11:17 . 2010-11-20 13:28 1731936 ----a-w- c:\windows\system32\ntdll.dll
2016-03-24 11:16 . 2010-11-20 13:29 345600 ----a-w- c:\windows\system32\fveapi.dll
2016-03-24 11:15 . 2010-11-20 13:13 6144 ----a-w- c:\windows\system32\drivers\en-US\rdvgkmd.sys.mui
2016-03-24 11:15 . 2010-11-20 13:11 4096 ----a-w- c:\windows\system32\drivers\en-US\tsusbhub.sys.mui
2016-03-24 11:15 . 2010-11-20 13:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui
2016-03-24 11:15 . 2010-11-20 12:57 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2016-03-24 11:15 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2016-03-24 11:15 . 2010-11-20 13:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui
2016-03-24 11:15 . 2010-11-20 13:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui
2016-03-24 11:15 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2016-03-24 11:15 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2016-03-24 11:15 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2016-03-24 11:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2016-03-24 10:55 . 2016-02-19 01:53 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43975C21-2A74-427A-B97A-F8DB4E318D7C}\mpengine.dll
2016-03-23 17:01 . 2016-03-23 17:01 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-23 13:49 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-03-23 13:49 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-03-23 13:49 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-03-23 13:49 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-03-23 13:49 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-03-16 16:16 . 2016-03-16 16:17 -------- d-----w- c:\program files (x86)\Audio Sliders 3
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\SysWow64\cs
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\SysWow64\XPSViewer
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\cs-CZ
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\system32\cs
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2016-03-16 14:57 . 2016-03-16 14:57 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui
2016-03-15 20:05 . 2016-03-15 20:06 -------- d-----w- c:\users\Flex\AppData\Local\SlimWare Utilities Inc
2016-03-15 20:04 . 2016-03-25 16:18 -------- d-----w- c:\users\Flex\AppData\Local\Temp
2016-03-15 20:04 . 2014-02-13 22:59 24064 ----a-w- c:\windows\zoek-delete.exe
2016-03-15 19:45 . 2016-03-15 20:01 -------- d-----w- C:\zoek_backup
2016-03-15 19:13 . 2016-03-15 19:13 -------- d-----w- c:\program files\Realtek
2016-03-15 19:13 . 2016-03-15 19:13 -------- d-----w- c:\windows\SysWow64\RTCOM
2016-03-15 19:06 . 2016-03-15 19:06 -------- d-----w- c:\program files\SlimService
2016-03-15 19:06 . 2016-03-15 19:06 -------- d-----w- c:\program files\SlimCleaner Plus
2016-03-15 19:06 . 2016-03-15 19:06 -------- d-----w- c:\users\Flex\AppData\Local\Downloaded Installers
2016-03-15 15:08 . 2016-03-15 18:04 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-15 15:07 . 2016-03-15 15:40 -------- d-----w- c:\programdata\RogueKiller
2016-03-13 16:08 . 2016-03-13 16:08 -------- d-----w- c:\windows\system32\appmgmt
2016-03-13 15:53 . 2016-03-15 14:54 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-10 17:04 . 2016-03-10 17:04 -------- d-----w- c:\users\Flex\AppData\Roaming\Logitech
2016-03-10 16:39 . 2016-03-08 06:15 110016 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-03-10 16:39 . 2016-02-14 01:47 125720 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2016-03-10 16:39 . 2016-02-14 01:46 126232 ----a-w- c:\windows\system32\vulkan-1.dll
2016-03-10 16:39 . 2016-02-14 01:45 42264 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2016-03-10 16:39 . 2016-02-14 01:45 45848 ----a-w- c:\windows\system32\vulkaninfo.exe
2016-03-10 16:39 . 2016-03-10 16:39 -------- d-----w- c:\program files (x86)\VulkanRT
2016-03-10 16:06 . 2016-03-22 19:44 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-10 16:05 . 2016-03-10 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-10 16:05 . 2016-03-10 16:05 -------- d-----w- c:\programdata\Malwarebytes
2016-03-10 16:05 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-10 16:05 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-10 16:05 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-07 15:11 . 2016-03-07 15:14 -------- d-----w- c:\program files (x86)\Fallout 2
2016-03-06 14:59 . 2016-03-06 19:28 -------- d-----w- c:\program files (x86)\Assassins Creed IV Black Flag
2016-03-06 14:55 . 2016-03-06 14:55 -------- d-----w- c:\programdata\Steam
2016-03-06 14:15 . 2016-03-06 14:15 -------- d-----w- c:\users\Flex\AppData\Local\Setup Integrity Check
2016-03-02 16:35 . 2016-03-02 16:35 -------- d-----w- c:\users\Flex\AppData\Roaming\NVIDIA
2016-03-02 16:25 . 2016-03-25 14:35 -------- d-----w- c:\programdata\NVIDIA
2016-03-02 16:25 . 2016-03-08 06:27 2994232 ----a-w- c:\windows\system32\nvsvc64.dll
2016-03-02 16:25 . 2016-03-08 06:27 6369728 ----a-w- c:\windows\system32\nvcpl.dll
2016-03-02 16:25 . 2016-03-08 06:27 2561472 ----a-w- c:\windows\system32\nvsvcr.dll
2016-03-02 16:25 . 2016-03-08 06:27 1264064 ----a-w- c:\windows\system32\nvvsvc.exe
2016-03-02 16:25 . 2016-03-08 06:27 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-03-02 16:25 . 2016-03-08 06:27 69568 ----a-w- c:\windows\system32\nvshext.dll
2016-03-02 16:25 . 2016-03-08 06:27 532536 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-03-02 16:25 . 2016-03-08 06:27 392128 ----a-w- c:\windows\system32\nvmctray.dll
2016-03-02 16:25 . 2016-03-07 04:23 6203411 ----a-w- c:\windows\system32\nvcoproc.bin
2016-03-02 16:25 . 2016-02-23 23:58 215608 ----a-w- c:\windows\system32\OpenCL.dll
2016-03-02 16:25 . 2016-02-23 23:58 201664 ----a-w- c:\windows\SysWow64\OpenCL.dll
2016-03-02 16:23 . 2016-02-23 23:58 39240 ----a-w- c:\windows\system32\nvhdap64.dll
2016-03-02 16:23 . 2016-02-23 23:58 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2016-03-02 16:23 . 2016-02-23 23:58 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2016-03-02 16:23 . 2016-03-08 10:07 3711024 ----a-w- c:\windows\system32\nvapi64.dll
2016-03-02 16:23 . 2016-03-08 10:07 3283896 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-03-02 16:23 . 2016-03-08 10:07 14128496 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-03-02 16:23 . 2016-02-23 23:58 1922496 ----a-w- c:\windows\system32\nvdispco6436200.dll
2016-03-02 16:23 . 2016-02-23 23:58 1571776 ----a-w- c:\windows\system32\nvdispgenco6436200.dll
2016-03-01 06:53 . 2016-03-01 06:54 -------- d-----w- c:\users\Flex\AppData\Roaming\BSplayer
2016-03-01 06:53 . 2016-03-01 06:53 -------- d-----w- c:\users\Flex\AppData\Roaming\BSplayer Pro
2016-03-01 06:53 . 2016-03-01 06:53 -------- d-----w- c:\program files (x86)\Webteh
2016-02-28 18:28 . 2016-02-28 18:28 -------- d-----w- c:\users\Flex\AppData\Roaming\Steam
2016-02-27 13:45 . 2016-02-27 13:45 -------- d-----w- c:\users\Flex\AppData\Local\Fallout4
2016-02-27 12:46 . 2016-02-28 18:27 -------- d-----w- c:\program files (x86)\Fallout 4
2016-02-27 00:17 . 2016-02-27 00:16 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-27 00:17 . 2016-02-27 00:17 -------- d-----w- c:\users\Flex\AppData\Roaming\AVAST Software
2016-02-27 00:17 . 2016-02-27 00:17 -------- d-----w- c:\program files\Common Files\AV
2016-02-27 00:17 . 2016-02-27 00:17 -------- d-----w- c:\program files (x86)\Common Files\AV
2016-02-27 00:16 . 2016-02-27 00:17 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-27 00:16 . 2016-02-27 00:17 287016 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-02-27 00:16 . 2016-02-27 00:16 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-27 00:16 . 2016-03-10 05:57 107792 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2016-02-27 00:16 . 2016-02-27 00:16 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-27 00:16 . 2016-02-27 00:16 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-27 00:16 . 2016-02-27 00:16 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-27 00:16 . 2016-03-10 05:57 1070904 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-02-27 00:16 . 2016-02-27 00:16 52184 ----a-w- c:\windows\avastSS.scr
2016-02-27 00:15 . 2016-03-23 17:01 -------- d-----w- c:\program files\AVAST Software
2016-02-27 00:15 . 2016-03-23 17:01 -------- d-----w- c:\programdata\AVAST Software
2016-02-27 00:08 . 2016-02-27 00:08 -------- d-----w- c:\users\Flex\AppData\Local\ESET
2016-02-26 22:03 . 2016-02-26 22:03 -------- d-----w- c:\program files\WinRAR
2016-02-25 20:38 . 2016-02-25 20:38 -------- d-----w- c:\users\Flex\AppData\Roaming\Euro Truck Simulator 2
2016-02-25 20:14 . 2016-02-26 23:34 -------- d-----w- c:\program files (x86)\R.G. Mechanics
2016-02-25 19:56 . 2016-03-25 14:54 -------- d-----w- C:\Downloads
2016-02-25 19:55 . 2016-03-25 16:10 -------- d-----w- c:\users\Flex\AppData\Roaming\BitComet
2016-02-25 19:55 . 2016-02-25 19:55 -------- d-----w- c:\program files\BitComet
2016-02-24 19:47 . 2016-03-24 10:52 -------- d-----w- c:\users\Flex\AppData\Roaming\vlc
2016-02-24 19:47 . 2016-02-24 19:47 -------- d-----w- c:\program files\VideoLAN
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-24 16:05 . 2016-02-19 23:09 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2016-03-24 16:05 . 2016-02-19 20:55 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2016-03-24 16:04 . 2016-02-19 20:55 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-03-24 15:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2016-03-24 15:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2016-03-16 14:57 . 2016-03-16 14:57 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2016-03-16 14:57 . 2016-03-16 14:57 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2016-03-16 14:57 . 2016-03-16 14:57 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2016-03-16 14:56 . 2016-03-16 14:56 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2016-03-16 14:56 . 2016-03-16 14:56 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2016-03-16 14:56 . 2016-03-16 14:56 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2016-02-23 13:37 . 2016-02-19 20:55 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2016-02-22 10:54 . 2016-02-22 10:54 53248 ----a-r- c:\users\Flex\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2016-02-20 15:37 . 2016-02-20 15:37 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-02-20 15:37 . 2016-02-20 15:34 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-02-17 06:40 . 2016-02-19 22:56 1571624 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-02-17 06:40 . 2016-02-19 22:56 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-02-17 06:40 . 2016-02-19 22:56 1903344 ----a-w- c:\windows\system32\nvspcap64.dll
2016-02-17 06:40 . 2016-02-19 22:56 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-02-17 06:40 . 2016-02-19 22:56 112216 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-02-14 01:47 . 2016-02-14 01:47 125720 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-3-0.dll
2016-02-14 01:46 . 2016-02-14 01:46 126232 ----a-w- c:\windows\system32\vulkan-1-1-0-3-0.dll
2016-02-14 01:45 . 2016-02-14 01:45 42264 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
2016-02-14 01:45 . 2016-02-14 01:45 45848 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-3-0.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-03-10 3074128]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2016-01-15 4177784]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-02-10 50599552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-03-23 7139256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;TsUsbFlt [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam C210(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 05:37 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2016-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-19 18:40]
.
2016-03-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-02-19 18:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-27 00:16 905248 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-02-17 2789248]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-02-17 1903344]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 16408320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-03-25 17:20:20
ComboFix-quarantined-files.txt 2016-03-25 16:20
ComboFix2.txt 2016-03-23 17:01
ComboFix3.txt 2016-03-15 20:22
.
Pre-Run: Volných bajtu: 345 919 172 608
Post-Run: Volných bajtu: 345 411 428 352
.
- - End Of File - - 30208B4E0EEF4032613D88E8ABBCBBBA
A36C5E4F47E84449FF07ED3517B43A31
Pokud píši bez diakritiky, tak jsem na mobilu!

Návod na základní diagnostiku počítače
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: vycistit PC

Příspěvekod jerabina » 25 bře 2016 23:42

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::

Folder::
c:\programdata\RogueKiller
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
SkypeUpdate

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"=-
"DAEMON Tools Lite Automount"=-

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť:
Obrázek
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Uživatelský avatar
divine
Level 5.5
Level 5.5
Příspěvky: 2788
Registrován: červenec 12
Bydliště: Praha
Pohlaví: Muž
Stav:
Offline

Re: vycistit PC

Příspěvekod divine » 05 dub 2016 19:33

ComboFix 16-04-01.01 - Flex 05.04.2016 19:19:06.4.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8190.6517 [GMT 2:00]
Running from: c:\users\Flex\Desktop\ComboFix.exe
Command switches used :: c:\users\Flex\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.29.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.110\49.0.2623.110_49.0.2623.87_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\RogueKiller
c:\programdata\RogueKiller\config.ini
c:\programdata\RogueKiller\Logs\RKreport_DEL_03152016_204203.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_03152016_192753.json
c:\programdata\RogueKiller\vt.cache
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2016-03-05 to 2016-04-05 )))))))))))))))))))))))))))))))
.
.
2016-04-05 17:25 . 2016-04-05 17:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-03-30 12:31 . 2016-03-22 02:10 112184 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-03-25 14:43 . 2016-03-25 14:43 119808 ----a-r- c:\users\Flex\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2016-03-24 11:21 . 2016-03-24 11:21 -------- d-----w- c:\windows\system32\SPReview
2016-03-24 11:20 . 2016-03-24 11:20 -------- d-----w- c:\windows\system32\EventProviders
2016-03-24 11:17 . 2010-11-20 13:28 1731936 ----a-w- c:\windows\system32\ntdll.dll
2016-03-24 11:16 . 2010-11-20 13:29 345600 ----a-w- c:\windows\system32\fveapi.dll
2016-03-24 11:15 . 2010-11-20 13:13 6144 ----a-w- c:\windows\system32\drivers\en-US\rdvgkmd.sys.mui
2016-03-24 11:15 . 2010-11-20 13:11 4096 ----a-w- c:\windows\system32\drivers\en-US\tsusbhub.sys.mui
2016-03-24 11:15 . 2010-11-20 13:01 2560 ----a-w- c:\windows\system32\drivers\en-US\rdpwd.sys.mui
2016-03-24 11:15 . 2010-11-20 12:57 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2016-03-24 11:15 . 2010-11-20 13:26 399872 ----a-w- c:\windows\system32\dpx.dll
2016-03-24 11:15 . 2010-11-20 13:11 6144 ----a-w- c:\windows\system32\drivers\en-US\IPMIDrv.sys.mui
2016-03-24 11:15 . 2010-11-20 13:10 4608 ----a-w- c:\windows\system32\drivers\en-US\kbdclass.sys.mui
2016-03-24 11:15 . 2010-11-20 12:21 189952 ----a-w- c:\windows\SysWow64\wdscore.dll
2016-03-24 11:15 . 2010-11-20 12:21 363008 ----a-w- c:\windows\SysWow64\wbemcomn.dll
2016-03-24 11:15 . 2010-11-20 12:19 606208 ----a-w- c:\windows\SysWow64\wbem\fastprox.dll
2016-03-24 11:15 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2016-03-24 10:55 . 2016-02-19 01:53 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43975C21-2A74-427A-B97A-F8DB4E318D7C}\mpengine.dll
2016-03-23 17:01 . 2016-03-23 17:01 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-03-23 13:49 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-03-23 13:49 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2016-03-23 13:49 . 2011-04-09 07:02 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2016-03-23 13:49 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-03-23 13:49 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-03-16 21:30 . 2016-03-16 21:30 128792 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-5-1.dll
2016-03-16 21:29 . 2016-03-16 21:29 41752 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-5-1.exe
2016-03-16 21:29 . 2016-03-16 21:29 127768 ----a-w- c:\windows\system32\vulkan-1-1-0-5-1.dll
2016-03-16 21:28 . 2016-03-16 21:28 45848 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-5-1.exe
2016-03-16 16:16 . 2016-03-16 16:17 -------- d-----w- c:\program files (x86)\Audio Sliders 3
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\SysWow64\cs
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\SysWow64\XPSViewer
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\SysWow64\drivers\cs-CZ
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\SysWow64\wbem\cs-CZ
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\cs-CZ
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\system32\cs
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\system32\drivers\cs-CZ
2016-03-16 14:58 . 2016-03-16 14:58 -------- d-----w- c:\windows\system32\drivers\UMDF\cs-CZ
2016-03-16 14:58 . 2016-03-24 15:06 -------- d-----w- c:\windows\system32\wbem\cs-CZ
2016-03-16 14:57 . 2016-03-16 14:57 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\cs-CZ\LXKPTPRC.DLL.mui
2016-03-15 20:05 . 2016-03-15 20:06 -------- d-----w- c:\users\Flex\AppData\Local\SlimWare Utilities Inc
2016-03-15 20:04 . 2016-04-05 17:28 -------- d-----w- c:\users\Flex\AppData\Local\Temp
2016-03-15 20:04 . 2014-02-13 22:59 24064 ----a-w- c:\windows\zoek-delete.exe
2016-03-15 19:45 . 2016-03-15 20:01 -------- d-----w- C:\zoek_backup
2016-03-15 19:13 . 2016-03-15 19:13 -------- d-----w- c:\program files\Realtek
2016-03-15 19:13 . 2016-03-15 19:13 -------- d-----w- c:\windows\SysWow64\RTCOM
2016-03-15 19:06 . 2016-03-15 19:06 -------- d-----w- c:\program files\SlimService
2016-03-15 19:06 . 2016-03-15 19:06 -------- d-----w- c:\program files\SlimCleaner Plus
2016-03-15 19:06 . 2016-03-15 19:06 -------- d-----w- c:\users\Flex\AppData\Local\Downloaded Installers
2016-03-15 15:08 . 2016-03-15 18:04 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-03-13 16:08 . 2016-03-13 16:08 -------- d-----w- c:\windows\system32\appmgmt
2016-03-13 15:53 . 2016-03-15 14:54 -------- d-----w- c:\program files (x86)\AdwCleaner
2016-03-10 17:04 . 2016-03-10 17:04 -------- d-----w- c:\users\Flex\AppData\Roaming\Logitech
2016-03-10 16:39 . 2016-03-16 21:30 128792 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2016-03-10 16:39 . 2016-03-16 21:29 41752 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2016-03-10 16:39 . 2016-03-16 21:29 127768 ----a-w- c:\windows\system32\vulkan-1.dll
2016-03-10 16:39 . 2016-03-16 21:28 45848 ----a-w- c:\windows\system32\vulkaninfo.exe
2016-03-10 16:39 . 2016-03-30 12:31 -------- d-----w- c:\program files (x86)\VulkanRT
2016-03-10 16:37 . 2016-03-08 10:07 1924152 ----a-w- c:\windows\system32\nvdispco6436451.dll
2016-03-10 16:37 . 2016-03-08 10:07 1571776 ----a-w- c:\windows\system32\nvdispgenco6436451.dll
2016-03-10 16:06 . 2016-03-22 19:44 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-03-10 16:05 . 2016-03-10 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-03-10 16:05 . 2016-03-10 16:05 -------- d-----w- c:\programdata\Malwarebytes
2016-03-10 16:05 . 2015-10-05 08:50 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-03-10 16:05 . 2015-10-05 08:50 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-03-10 16:05 . 2015-10-05 08:50 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-03-07 15:11 . 2016-03-07 15:14 -------- d-----w- c:\program files (x86)\Fallout 2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-04-05 16:10 . 2016-02-19 23:09 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2016-04-05 16:10 . 2016-02-19 20:55 348360 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2016-04-05 16:09 . 2016-02-19 20:55 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-03-24 15:02 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2016-03-24 15:02 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2016-03-22 04:12 . 2016-03-02 16:23 3714472 ----a-w- c:\windows\system32\nvapi64.dll
2016-03-22 04:12 . 2016-03-02 16:23 3286992 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-03-22 04:12 . 2016-03-02 16:23 14128840 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-03-22 02:25 . 2016-03-02 16:25 6369728 ----a-w- c:\windows\system32\nvcpl.dll
2016-03-22 02:25 . 2016-03-02 16:25 2993088 ----a-w- c:\windows\system32\nvsvc64.dll
2016-03-22 02:25 . 2016-03-02 16:25 2561472 ----a-w- c:\windows\system32\nvsvcr.dll
2016-03-22 02:25 . 2016-03-02 16:25 1264064 ----a-w- c:\windows\system32\nvvsvc.exe
2016-03-22 02:25 . 2016-03-02 16:25 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-03-22 02:25 . 2016-03-02 16:25 69568 ----a-w- c:\windows\system32\nvshext.dll
2016-03-22 02:25 . 2016-03-02 16:25 532536 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-03-22 02:25 . 2016-03-02 16:25 393784 ----a-w- c:\windows\system32\nvmctray.dll
2016-03-18 18:10 . 2016-03-02 16:25 6253721 ----a-w- c:\windows\system32\nvcoproc.bin
2016-03-16 14:57 . 2016-03-16 14:57 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\qwavedrv.sys.mui
2016-03-16 14:57 . 2016-03-16 14:57 2560 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\scfilter.sys.mui
2016-03-16 14:57 . 2016-03-16 14:57 5632 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\ndiscap.sys.mui
2016-03-16 14:56 . 2016-03-16 14:56 50176 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\tcpip.sys.mui
2016-03-16 14:56 . 2016-03-16 14:56 15360 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\pacer.sys.mui
2016-03-16 14:56 . 2016-03-16 14:56 27136 ----a-w- c:\windows\SysWow64\drivers\cs-CZ\bfe.dll.mui
2016-03-10 05:57 . 2016-02-27 00:16 107792 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2016-03-10 05:57 . 2016-02-27 00:16 1070904 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2016-02-27 00:17 . 2016-02-27 00:16 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-27 00:17 . 2016-02-27 00:16 287016 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2016-02-27 00:16 . 2016-02-27 00:17 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-27 00:16 . 2016-02-27 00:16 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-27 00:16 . 2016-02-27 00:16 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-27 00:16 . 2016-02-27 00:16 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-27 00:16 . 2016-02-27 00:16 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-27 00:16 . 2016-02-27 00:16 52184 ----a-w- c:\windows\avastSS.scr
2016-02-23 23:58 . 2016-03-02 16:25 215608 ----a-w- c:\windows\system32\OpenCL.dll
2016-02-23 23:58 . 2016-03-02 16:25 201664 ----a-w- c:\windows\SysWow64\OpenCL.dll
2016-02-23 23:58 . 2016-03-02 16:23 39240 ----a-w- c:\windows\system32\nvhdap64.dll
2016-02-23 23:58 . 2016-03-02 16:23 205456 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2016-02-23 23:58 . 2016-03-02 16:23 1572496 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2016-02-23 23:58 . 2016-03-02 16:23 1922496 ----a-w- c:\windows\system32\nvdispco6436200.dll
2016-02-23 23:58 . 2016-03-02 16:23 1571776 ----a-w- c:\windows\system32\nvdispgenco6436200.dll
2016-02-23 13:37 . 2016-02-19 20:55 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2016-02-22 10:54 . 2016-02-22 10:54 53248 ----a-r- c:\users\Flex\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2016-02-20 15:37 . 2016-02-20 15:37 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-02-20 15:37 . 2016-02-20 15:34 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-02-17 06:40 . 2016-02-19 22:56 1571624 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-02-17 06:40 . 2016-02-19 22:56 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-02-17 06:40 . 2016-02-19 22:56 1903344 ----a-w- c:\windows\system32\nvspcap64.dll
2016-02-17 06:40 . 2016-02-19 22:56 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-02-17 06:40 . 2016-02-19 22:56 112216 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-02-14 01:47 . 2016-02-14 01:47 125720 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-3-0.dll
2016-02-14 01:46 . 2016-02-14 01:46 126232 ----a-w- c:\windows\system32\vulkan-1-1-0-3-0.dll
2016-02-14 01:45 . 2016-02-14 01:45 42264 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
2016-02-14 01:45 . 2016-02-14 01:45 45848 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-3-0.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-02-10 50599552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-03-23 7139256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;TsUsbFlt [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam C210(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-31 01:47 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-27 00:16 905248 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-02-17 2789248]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-02-17 1903344]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 16408320]
.
------- Supplementary Scan -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2016-04-05 19:31:45 - machine was rebooted
ComboFix-quarantined-files.txt 2016-04-05 17:31
ComboFix2.txt 2016-03-25 16:20
ComboFix3.txt 2016-03-23 17:01
ComboFix4.txt 2016-03-15 20:22
.
Pre-Run: Volných bajtu: 342 500 290 560
Post-Run: Volných bajtu: 342 036 832 256
.
- - End Of File - - D4C52CB2E1D9A4520841809D01633598
A36C5E4F47E84449FF07ED3517B43A31
Pokud píši bez diakritiky, tak jsem na mobilu!

Návod na základní diagnostiku počítače
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: vycistit PC

Příspěvekod jaro3 » 06 dub 2016 09:41

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu, klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy? + nový log z HJT
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 45 hostů