VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pravděpodobně zavirovaný PC, prosím o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=142856

Stránka 1 z 1

Pravděpodobně zavirovaný PC, prosím o kontrolu logu

Napsal: 06 úno 2015 10:36
od Majkysek
Dobrý den,
pc se poslední dobou chová zvláštně, při stisku klávesy DEL se označují soubory - nesmažou se.
Správce úloh se vypne po pár vteřinách, pozadí plochy se mění na černou barvu.
Po stisknutí CTR + ALT + DEL se do správce úloh nedostanu. Teď se zase sami začali psát tečky a příspěvek píšu znovu...
Byl bych rád za každou pomoc. Eset nic nenajde.

EDIT: Tak bylo něco s klávesnicí
(tlačítko zamáčklé nebylo), po připojení jiné se pc chová normálně.
Přesto prosím o preventivní kontrolu logu děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Smoulici at 2015-02-06 10:56:27
Microsoft Windows 8.1
System drive C: has 124 GB (56%) free of 222 GB
Total RAM: 16309 MB (90% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:27, on 6. 2. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
C:\Users\Smoulici\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Users\Smoulici\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\trend micro\Smoulici.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Smoulici\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Remote Mouse] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Drivers] %AppData%\Microsoft\services.exe
O4 - Startup: Dropbox.lnk = C:\Users\Smoulici\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Sledovat výstrahy inkoustu - .lnk = ?
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Global Startup: Killer Network Manager.lnk = ?
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Oříznout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: photoSync service (peservice) - webEcoz, LLC. - C:\Program Files (x86)\photoSync\peservice.exe
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12408 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
dashost.exe {10f4a8b0-fd89-4cc1-bf071ea49f99e047}
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a6aaf1d2-8f15-42c2-8a5a-3aa1f3c2001e -SystemEventPortName:HostProcess-4d8bf897-6b72-4d09-b373-b16fd4d448a2 -IoCancelEventPortName:HostProcess-2de9a19f-26d3-4f86-a264-7b8c1a35901a -NonStateChangingEventPortName:HostProcess-aa83fc6a-361b-4e31-aafc-61987091eabf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3b794033-20da-4e0c-b990-2bf9dc8fa6ae -DeviceGroupId:WpdFsGroup
"C:\Program Files\iPod\bin\iPodService.exe"

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
"C:\Windows\TEMP\irstrtsv\scrncap.exe"
taskhostex.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
"C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe" -minimize
"C:\Users\Smoulici\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

"C:\Users\Smoulici\AppData\Roaming\uTorrent\uTorrent.exe"
"D:\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-27 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17 629256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-27 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-01-27 169768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Smoulici\AppData\Roaming\uTorrent\uTorrent.exe [2014-12-20 3502160]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"Remote Mouse"=C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2015-01-23 2050048]
"Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2014-09-17 127080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Windows Drivers"=C:\Users\Smoulici\AppData\Roaming\Microsoft\services.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2014-07-22 1014736]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-09-17 1518664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Killer Network Manager.lnk - C:\Windows\Installer\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe

C:\Users\Smoulici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Smoulici\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
Sledovat výstrahy inkoustu - .lnk - C:\Windows\system32\RunDll32.exe
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-02-06 10:30:00 ----D---- C:\rsit
2015-02-06 10:30:00 ----D---- C:\Program Files\trend micro
2015-02-04 18:56:05 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2015-02-04 11:36:33 ----D---- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-04 11:36:33 ----D---- C:\Program Files\iTunes
2015-02-04 11:36:33 ----D---- C:\Program Files\iPod
2015-02-04 11:36:33 ----D---- C:\Program Files (x86)\iTunes
2015-02-04 11:27:30 ----A---- C:\Windows\SYSWOW64\qps.txt
2015-02-04 11:09:46 ----D---- C:\ProgramData\photoSync
2015-02-04 11:08:10 ----D---- C:\Program Files (x86)\PhotoSync
2015-01-28 15:53:01 ----D---- C:\Users\Smoulici\AppData\Roaming\Opera Software
2015-01-28 15:52:50 ----D---- C:\Program Files (x86)\Opera
2015-01-28 15:52:47 ----D---- C:\Users\Smoulici\AppData\Roaming\OpenCandy
2015-01-28 15:52:47 ----D---- C:\Program Files\CrystalDiskMark
2015-01-28 15:45:44 ----D---- C:\Users\Smoulici\AppData\Roaming\Nero
2015-01-28 15:43:33 ----D---- C:\ProgramData\Nero
2015-01-28 15:43:31 ----D---- C:\Program Files (x86)\Seagate
2015-01-28 15:43:23 ----D---- C:\Users\Smoulici\AppData\Roaming\Seagate
2015-01-28 15:38:14 ----D---- C:\Users\Smoulici\AppData\Roaming\Leadertech
2015-01-22 10:35:09 ----N---- C:\Windows\system32\HPDiscoPMB011.dll
2015-01-22 10:35:06 ----D---- C:\Program Files (x86)\HP
2015-01-22 10:35:05 ----D---- C:\Program Files\HP
2015-01-19 13:42:45 ----A---- C:\Windows\system32\pdfcmon.dll
2015-01-19 13:42:44 ----D---- C:\Program Files\PDFCreator
2015-01-19 13:13:41 ----D---- C:\Users\Smoulici\AppData\Roaming\AMD
2015-01-19 09:36:10 ----A---- C:\Windows\system32\MetaViewer64.dll
2015-01-19 09:36:03 ----D---- C:\Users\Smoulici\AppData\Roaming\MetaQuotes
2015-01-19 09:32:37 ----A---- C:\Windows\system32\aspnet_counters.dll
2015-01-19 09:32:36 ----A---- C:\Windows\SYSWOW64\aspnet_counters.dll
2015-01-17 14:39:14 ----D---- C:\Nová složka
2015-01-14 14:03:12 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 14:03:11 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:03:11 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 14:03:11 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 14:03:11 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 14:03:11 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 14:03:06 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 14:03:06 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 14:03:06 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 14:03:06 ----A---- C:\Windows\system32\wer.dll
2015-01-14 14:03:06 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 14:03:06 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 14:03:06 ----A---- C:\Windows\system32\ci.dll
2015-01-14 14:03:06 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 14:03:05 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe

======List of files/folders modified in the last 1 month======

2015-02-06 10:54:30 ----D---- C:\Users\Smoulici\AppData\Roaming\uTorrent
2015-02-06 10:48:51 ----D---- C:\Users\Smoulici\AppData\Roaming\vlc
2015-02-06 10:37:32 ----D---- C:\Windows\Temp
2015-02-06 10:30:02 ----D---- C:\Windows\Prefetch
2015-02-06 10:30:00 ----RD---- C:\Program Files
2015-02-06 10:29:55 ----RD---- C:\Windows\System32
2015-02-06 10:29:55 ----D---- C:\Windows\Inf
2015-02-06 10:29:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-06 10:24:40 ----D---- C:\Users\Smoulici\AppData\Roaming\Dropbox
2015-02-06 10:24:29 ----D---- C:\Windows\system32\Tasks
2015-02-06 10:21:27 ----D---- C:\Windows
2015-02-06 10:17:55 ----D---- C:\Windows\system32\sru
2015-02-06 09:53:19 ----SHD---- C:\System Volume Information
2015-02-06 09:34:38 ----D---- C:\Windows\Microsoft.NET
2015-02-06 09:31:12 ----D---- C:\Windows\system32\config
2015-02-06 09:27:48 ----D---- C:\Windows\WinSxS
2015-02-06 09:27:48 ----D---- C:\Windows\CbsTemp
2015-02-06 09:27:47 ----D---- C:\Windows\SysWOW64
2015-02-05 13:12:52 ----D---- C:\Windows\SoftwareDistribution
2015-02-04 18:56:05 ----RD---- C:\Program Files (x86)
2015-02-04 18:54:42 ----D---- C:\Windows\debug
2015-02-04 11:39:23 ----SHD---- C:\Windows\Installer
2015-02-04 11:39:22 ----SHD---- C:\Config.Msi
2015-02-04 11:39:22 ----D---- C:\Program Files\Common Files
2015-02-04 11:36:33 ----HD---- C:\ProgramData
2015-02-04 11:36:33 ----D---- C:\Program Files\Common Files\Apple
2015-02-04 11:36:20 ----D---- C:\ProgramData\Apple
2015-02-04 11:11:08 ----D---- C:\Program Files (x86)\Remote Mouse
2015-02-03 20:31:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-31 22:43:55 ----D---- C:\Program Files (x86)\TeamViewer
2015-01-25 11:22:53 ----D---- C:\Windows\system32\DriverStore
2015-01-25 10:53:36 ----D---- C:\Windows\system32\drivers
2015-01-23 11:01:51 ----D---- C:\Windows\rescache
2015-01-22 10:35:08 ----D---- C:\Windows\system32\catroot
2015-01-22 10:35:06 ----D---- C:\Windows\twain_32
2015-01-22 10:35:06 ----D---- C:\ProgramData\HP
2015-01-22 10:29:43 ----D---- C:\Users\Smoulici\AppData\Roaming\TeamViewer
2015-01-21 11:32:50 ----HD---- C:\Program Files\WindowsApps
2015-01-21 11:32:50 ----D---- C:\Windows\AppReadiness
2015-01-19 10:39:15 ----RD---- C:\Windows\assembly
2015-01-19 10:39:10 ----D---- C:\Windows\system32\catroot2
2015-01-19 09:29:51 ----D---- C:\Program Files (x86)\Raptr
2015-01-19 09:28:03 ----D---- C:\Program Files\AMD
2015-01-15 17:29:24 ----SD---- C:\Users\Smoulici\AppData\Roaming\Microsoft
2015-01-14 17:24:38 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-14 14:19:31 ----D---- C:\Windows\system32\MRT
2015-01-14 14:17:13 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2014-10-10 241368]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 BfLwf;@oem2.inf,%BfLwf_Desc%;Qualcomm Atheros Bandwidth Control; C:\Windows\system32\DRIVERS\bwcW8x64.sys [2014-09-11 97968]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2014-11-21 294600]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;@oem16.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-06-21 223232]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 irstrtdv;@oem9.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\Windows\System32\drivers\irstrtdv.sys [2013-11-25 20192]
R3 Ke2200;@oem1.inf,%BFTN.Service.DispName%;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\e22w8x64.sys [2014-03-27 130224]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-03 126976]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\System32\drivers\serscan.sys [2014-10-29 11776]
S0 amdkmafd;@oem14.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 AndnetBus;@oem38.inf,%LGSI.Service.Desc%;LGE Mobile USB Composite Device; C:\Windows\System32\drivers\lgandnetbus64.sys []
S3 AndNetDiag;@oem33.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 ANDNetModem;@oem35.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 dg_ssudbus;@oem28.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 Netaapl;@oem22.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2014-08-15 23040]
S3 ssudmdm;@oem29.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 USBAAPL64;@oem21.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-08-15 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WinUsb;@oem31.inf,%WinUSB_SvcDesc%;SAMSUNG Android USB Driver; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2014-11-20 116224]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2013-07-29 781280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-09-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-09-03 405976]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2014-03-17 162800]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-09-19 387584]
R2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2014-09-17 16000]
R2 Seagate MobileBackup Service;Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [2014-09-17 157776]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-01-30 5429520]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-01-27 643880]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-27 107912]
S2 peservice;photoSync service; C:\Program Files (x86)\photoSync\peservice.exe [2014-08-04 41472]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2014-11-27 1357104]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-27 107912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]

-----------------EOF-----------------

Re: Pravděpodobně zavirovaný PC, prosím o kontrolu logu

Napsal: 06 úno 2015 17:25
od Roli
Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Nakonec použij Mbam z mého popdisu a dej mi sem z něj log, předem nic nemazat !

Re: Pravděpodobně zavirovaný PC, prosím o kontrolu logu

Napsal: 07 úno 2015 09:27
od Majkysek
Ccleaner používám pravidelně.
Ještě dotaz Mbam se mi velice líbí a licence pro 3 pc neni drahá je možná ho používat místo antiviru nod 32? Případně kombinace obou (to se mi ale nechce platit dbě licence). Případně doporučujete jiný program pro komplexní ochranu? Děkuji

Log z AdwCleaner:
# AdwCleaner v4.110 - Logfile created 07/02/2015 at 09:21:13
# Updated 05/02/2015 by Xplode
# Database : 2015-02-05.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Smoulici - SMOULIK
# Running from : C:\Users\Smoulici\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\Users\Smoulici\AppData\Local\Temp\Positive Finds
Folder Deleted : C:\Users\Smoulici\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Smoulici\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v42.0.2292.0

[C:\Users\Smoulici\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [1273 bytes] - [07/02/2015 09:20:14]
AdwCleaner[S0].txt - [1212 bytes] - [07/02/2015 09:21:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1271 bytes] ##########

Log z Mbam
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 7. 2. 2015
Čas skenování: 9:31:09
Protokol: mbam.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.07.03
Databáze rootkitů: v2015.02.03.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Smoulici

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 350775
Uplynulý čas: 3 min, 39 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 1
Malware.Trace, HKU\S-1-5-21-1988914767-1438290490-4040935541-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DC3_FEXEC, , [386720fb3a50ff37472b1c55eb19ab55],

Hodnoty registru: 2
Trojan.Banker, HKU\S-1-5-21-1988914767-1438290490-4040935541-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|shell,

%AppData%\Microsoft\services.exe,explorer.exe, , [bfe0dd3e7b0f55e105dd8bb313f1649c]
Backdoor.PWin.Gen, HKU\S-1-5-21-1988914767-1438290490-4040935541-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER

\RUN|Windows Drivers, %AppData%\Microsoft\services.exe, , [a7f8c2593b4f999da299e6fe1be87789]

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 1
PUP.Adware.Agent, C:\Users\Smoulici\AppData\Local\Temp\PositiveFinds\Setup.exe, , [ffa0eb301f6b68cefecca066639dcb35],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Re: Pravděpodobně zavirovaný PC, prosím o kontrolu logu

Napsal: 07 úno 2015 21:56
od Roli
Majkysek píše:Ještě dotaz Mbam se mi velice líbí a licence pro 3 pc neni drahá je možná ho používat místo antiviru nod 32? Případně kombinace obou (to se mi ale nechce platit dbě licence). Případně doporučujete jiný program pro komplexní ochranu? Děkuji
Mbam není třeba kupovat stačí jej mít jako skener na občasnou kontrolu, ale raději log hodit sem - občas se totiž spelete.

Jinak to co našel nech smazat a pak dej vědět jak se PC chová.

Žádná komplexní ochrana vlastně neexistuje, vždy je to na uživateli a běžně stačí antivir - Avast, Microsoft Security Essentials.

Re: Pravděpodobně zavirovaný PC, prosím o kontrolu logu

Napsal: 09 úno 2015 12:34
od Majkysek
Dobře velice děkuji za pomoc.
Vypadá to , že pc je v pohodě.
Až mi vyprší ESET licence, tak přejdu na obyčejný Defender a nechám si i tu free licenci na mbam.

Re: Pravděpodobně zavirovaný PC, prosím o kontrolu logu

Napsal: 09 úno 2015 16:15
od Roli
Majkysek píše:Až mi vyprší ESET licence, tak přejdu na obyčejný Defender a nechám si i tu free licenci na mbam.
Raději bych dal Microsoft Security Essentials, Windows Defender nee.
Majkysek píše:Dobře velice děkuji za pomoc.
Není zač a :closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz