Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Otto on Łt 25.04.2017 at 23:20:13,60.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK No Internet Access Detected
Launched: C:\Users\Otto\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-04-25-194007.log 3087 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\Invalidprefs.js deleted
C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\jetpack deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"bdwteffv20@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff" [24.04.2017 20:11]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"bdwteffv20@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff" [24.04.2017 20:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- Xmarks - %ProfilePath%\extensions\foxmarks@kei.com
- Pln Penenka Litika - %ProfilePath%\extensions\@plnapenezenkacz-firefox-extension.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default
5971E6AA5ED20C181395D8E91AFC49A4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll - Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gannpgaobkkhmpomoijebaigcapoeebl - No path found[]

Bitdefender Wallet - Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl
Chrome Media Router - Otto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Startpages ======================

C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Preferences
"urls_to_restore_on_startup": [ "http://www.google.com" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Otto\AppData\Local\Seznam.cz\User Data\Default\Preferences was reset successfully
C:\Users\Otto\AppData\Local\Seznam.cz\User Data\Default\Secure Preferences was reset successfully
C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Otto\AppData\Local\Seznam.cz\User Data\Default\Web Data was reset successfully
C:\Users\Otto\AppData\Local\Seznam.cz\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brccboot.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brinstck.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brolink0.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brotherhelp.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brscutil.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brstmonw.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccsetup528.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\excel.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\express.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msoxmled.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mstore.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\offdiag.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\powerpnt.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sidebar.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winword.exe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zps.exe deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Otto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Otto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Otto\AppData\Local\Mozilla\Firefox\Profiles\hfi04hwg.default\cache2 emptied successfully
C:\Users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\storage\default\https+++www.youtube.com\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Otto\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Otto\AppData\Local\Seznam.cz\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=15 folders=13 70394824 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Otto\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Otto\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 25.04.2017 at 23:29:06,08 ======================

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.




Vlož nový log z HJT + informuj o problémech

RogueKiller V12.10.6.0 (x64) [Apr 24 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Otto [Práva správce]
Started from : C:\Users\Otto\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 04/26/2017 20:37:31 (Duration : 00:14:41)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][Firefox:Config] hfi04hwg.default : user_pref("browser.startup.homepage", "http://www.seznam.cz/"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 0a51fc1920679da194b2dd19884d4208
[BSP] 1fcb73c66dfbc51c854628e015723e8e : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: USB Mass Storage Device USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Zemana AntiMalware 2.72.2.388 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.4.26
Operating System : Windows 7 64-bit
Processor : 4X Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz
BIOS Mode : Legacy
CUID : 12F3D158CA2F371B05AC10
Scan Type : Skenování systému
Duration : 6m 19s
Scanned Objects : 59386
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Nebyly zjištěny žádné hrozby

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:29:30, on 26.4.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)

FIREFOX: 53.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Users\Otto\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O3 - Toolbar: Bitdefender - Portmonka - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: ProductAgentService - Bitdefender - C:\Program Files\Bitdefender Agent\ProductAgentService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 6496 bytes

Odinstaluj:
vše od AVG


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

# DelFix v1.013 - Logfile created 27/04/2017 at 10:57:13
# Updated 17/04/2016 by Xplode
# Username : Otto - OTTO-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2017-04-25-194007.log
Deleted : C:\Users\Otto\Desktop\adwcleaner_6.046.exe
Deleted : C:\Users\Otto\Desktop\JRT.exe
Deleted : C:\Users\Otto\Desktop\HijackThis.exe
Deleted : C:\Users\Otto\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Otto\Desktop\zoek.exe

~ Cleaning system restore ...

Deleted : RP #35 [Zemana AntiMalware 26.4.2017 21:06:01 | 04/26/2017 19:06:02]
Deleted : RP #37 [Revo Uninstaller Pro's restore point - AVG PC TuneUp | 04/27/2017 08:46:00]

New restore point created !

########## - EOF - ##########

No ještě mě trvá tak minutu než naskočí Windows nevím jestli je to tím že se spouští i tyto programy Malwarebytes,Sophos Virus Removal Tool,Zemana AntiMalware

Sophos Virus Removal Tool,Zemana AntiMalware -- můžeš odinstalovat.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

ComboFix 17-04-16.01 - Otto 27.04.2017 16:58:05.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4048.2733 [GMT 2:00]
Spuštěný z: c:\users\Otto\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
FW: Bitdefender Firewall *Enabled* {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
SP: Bitdefender Antispyware *Disabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Otto\AppData\Roaming\inst.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-03-27 do 2017-04-27 )))))))))))))))))))))))))))))))
.
.
2017-04-27 15:04 . 2017-04-27 15:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2017-04-27 15:04 . 2017-04-27 15:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-04-27 09:56 . 2017-04-27 09:56 -------- d-----w- c:\users\Otto\AppData\Local\Adobe
2017-04-27 08:39 . 2017-04-27 08:39 -------- d-----w- c:\users\Otto\AppData\Local\CrashDumps
2017-04-26 18:56 . 2017-04-27 14:52 -------- d-----w- c:\users\Otto\AppData\Local\Zemana
2017-04-25 21:26 . 2017-04-25 21:20 24064 ----a-w- c:\windows\zoek-delete.exe
2017-04-25 21:26 . 2017-04-27 15:04 -------- d-----w- c:\users\Otto\AppData\Local\Temp
2017-04-25 21:25 . 2017-04-25 21:29 -------- d-----w- C:\zoek
2017-04-25 11:40 . 2017-04-26 18:37 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-04-25 11:39 . 2017-04-25 12:01 -------- d-----w- c:\programdata\RogueKiller
2017-04-24 10:11 . 2017-04-24 10:11 -------- d-----w- c:\users\Otto\AppData\Local\Diagnostics
2017-04-23 16:37 . 2017-04-23 20:45 -------- d-----w- c:\users\Otto\AppData\Local\HappyFoto-FOTO-CZ
2017-04-23 13:43 . 2016-11-25 06:15 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2017-04-23 13:43 . 2016-11-25 06:15 287232 ----a-w- c:\windows\system32\drivers\hw_quusbnet.sys
2017-04-23 13:43 . 2016-11-25 06:15 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
2017-04-23 13:43 . 2016-11-25 06:15 2152176 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01009.dll
2017-04-23 13:43 . 2016-11-25 06:15 18816 ----a-w- c:\windows\system32\drivers\ew_usbccgpfilter.sys
2017-04-23 13:43 . 2016-11-25 06:15 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2017-04-23 13:43 . 2016-11-25 06:15 1721576 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2017-04-23 13:43 . 2016-11-25 06:15 126592 ----a-w- c:\windows\system32\drivers\hw_cdcacm.sys
2017-04-23 13:43 . 2016-11-25 06:15 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2017-04-23 13:43 . 2016-11-25 06:15 1002728 ----a-w- c:\windows\system32\drivers\winusbcoinstaller2.dll
2017-04-23 13:43 . 2017-04-23 13:44 -------- d-----w- c:\program files (x86)\HiSuite
2017-04-23 13:43 . 2017-04-23 13:44 -------- d-----w- c:\users\Otto\AppData\Local\Hisuite
2017-04-22 13:24 . 2017-04-22 13:24 -------- d-----w- c:\users\Otto\AppData\Local\Seznam.cz
2017-04-22 13:24 . 2017-04-22 13:24 -------- d-----w- c:\users\Otto\AppData\Local\Chromium
2017-04-22 12:58 . 2017-04-27 08:48 -------- d-----w- c:\programdata\Avg
2017-04-22 12:58 . 2017-04-24 10:59 -------- d-----w- c:\users\Otto\AppData\Local\Avg
2017-04-22 12:25 . 2017-04-22 12:43 -------- d-----w- c:\program files (x86)\PhotoInstrument
2017-04-22 11:56 . 2017-04-22 11:56 -------- d-----w- c:\program files\Inpaint
2017-04-21 21:44 . 2017-04-21 21:44 -------- d-----w- c:\users\Otto\AppData\Local\ESET
2017-04-21 20:03 . 2017-04-27 14:51 -------- d-----w- c:\programdata\Malwarebytes
2017-04-21 20:01 . 2017-04-21 20:01 -------- d-----w- c:\programdata\Malwarebytes-BackupByMalwarebytesPortable
2017-04-20 16:44 . 2017-04-20 16:45 -------- d-----w- c:\users\Otto\AppData\Local\Google
2017-04-20 16:44 . 2017-04-20 16:45 -------- d-----w- c:\program files (x86)\Google
2017-04-19 19:31 . 2017-04-19 19:31 -------- d-----w- c:\users\Otto\dwhelper
2017-04-18 19:45 . 2017-04-18 20:26 -------- d-----w- c:\users\Otto\AppData\Roaming\ControlCenter4
2017-04-18 19:34 . 2017-04-18 19:34 -------- d-----w- C:\Brother
2017-04-18 19:33 . 2017-04-18 20:02 -------- d-----w- c:\program files (x86)\ControlCenter4
2017-04-18 19:29 . 2013-04-15 09:29 180224 ----a-w- c:\windows\SysWow64\BROSNMP.DLL
2017-04-18 19:27 . 2013-05-09 11:34 2560 ------w- c:\windows\SysWow64\BrDctF2S.dll
2017-04-18 19:27 . 2013-01-10 11:56 253952 ------w- c:\windows\SysWow64\NSSearch.dll
2017-04-18 19:27 . 2010-03-15 17:45 73728 ------w- c:\windows\SysWow64\BrDctF2.dll
2017-04-18 19:27 . 2007-12-13 20:16 5120 ------w- c:\windows\SysWow64\BrDctF2L.dll
2017-04-18 19:23 . 2017-04-18 19:23 -------- d-----w- c:\users\Otto\AppData\Roaming\InstallShield
2017-04-18 19:23 . 2017-04-18 19:23 -------- d-----w- c:\programdata\InstallShield
2017-04-14 15:39 . 2017-04-23 19:34 -------- d-----w- c:\users\Otto\AppData\Roaming\vlc
2017-04-14 15:38 . 2017-04-14 15:38 -------- d-----w- c:\program files (x86)\VideoLAN
2017-04-14 15:05 . 2017-04-14 15:26 82816 ----a-w- c:\users\Otto\AppData\Roaming\pcouffin.sys
2017-04-14 15:05 . 2017-04-14 15:26 -------- d-----w- c:\users\Otto\AppData\Roaming\Vso
2017-04-14 15:05 . 2017-04-21 10:24 -------- d-----w- c:\programdata\VSO
2017-04-14 15:05 . 2017-04-14 15:05 -------- d-----w- c:\program files (x86)\VSO
2017-04-11 18:19 . 2017-03-08 20:11 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2017-04-11 18:18 . 2016-08-22 16:19 1386496 ----a-w- c:\windows\system32\diagtrack.dll
2017-04-11 18:08 . 2017-04-11 18:08 6230616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-04-07 19:58 . 2017-04-07 19:58 -------- d-----w- c:\users\Otto\AppData\Local\Macromedia
2017-04-07 19:55 . 2017-04-11 18:08 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-04-07 19:55 . 2017-04-11 18:08 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-04-07 19:55 . 2017-04-11 18:08 -------- d-----w- c:\windows\system32\Macromed
2017-04-07 19:55 . 2017-04-11 18:08 -------- d-----w- c:\windows\SysWow64\Macromed
2017-04-07 18:36 . 2017-04-07 18:36 -------- d-----r- c:\users\Otto\AppData\Roaming\Brother
2017-04-01 16:26 . 2017-04-01 16:26 -------- d-----w- c:\program files\Zoner
2017-04-01 16:19 . 2017-04-01 16:54 -------- d-----w- c:\users\Otto\AppData\Local\Zoner
2017-04-01 16:19 . 2017-04-01 16:19 -------- d-----w- c:\users\Otto\AppData\Roaming\Zoner
2017-03-30 19:54 . 2017-03-30 19:54 -------- d-s---w- c:\windows\system32\CompatTel
2017-03-30 19:54 . 2017-03-30 19:54 -------- d-----w- c:\windows\system32\appraiser
2017-03-30 19:44 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2017-03-30 19:44 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2017-03-30 19:42 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2017-03-30 19:42 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2017-03-30 19:42 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2017-03-30 19:42 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2017-03-30 19:42 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2017-03-30 19:42 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2017-03-30 19:42 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2017-03-30 19:38 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2017-03-30 19:38 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2017-03-30 19:38 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2017-03-30 19:38 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2017-03-30 19:38 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2017-03-30 19:38 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2017-03-30 19:38 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2017-03-30 19:38 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2017-03-30 19:38 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2017-03-30 19:35 . 2015-07-09 17:58 82944 ----a-w- c:\windows\system32\dwmapi.dll
2017-03-30 19:35 . 2015-07-09 17:58 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2017-03-30 19:35 . 2015-07-09 17:42 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2017-03-30 19:35 . 2015-07-09 17:42 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2017-03-30 19:35 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2017-03-30 19:35 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2017-03-30 19:35 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2017-03-30 19:35 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2017-03-30 19:34 . 2015-05-25 18:19 113664 ----a-w- c:\windows\system32\sechost.dll
2017-03-30 19:34 . 2015-05-25 18:18 47104 ----a-w- c:\windows\system32\typeperf.exe
2017-03-30 19:34 . 2015-05-25 18:18 404992 ----a-w- c:\windows\system32\tracerpt.exe
2017-03-30 19:34 . 2015-05-25 18:18 43008 ----a-w- c:\windows\system32\relog.exe
2017-03-30 19:34 . 2015-05-25 18:18 104448 ----a-w- c:\windows\system32\logman.exe
2017-03-30 19:34 . 2015-05-25 18:18 19456 ----a-w- c:\windows\system32\diskperf.exe
2017-03-30 19:34 . 2015-05-25 18:01 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2017-03-30 19:34 . 2015-05-25 18:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2017-03-30 19:34 . 2015-05-25 18:00 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2017-03-30 19:34 . 2015-05-25 18:00 37888 ----a-w- c:\windows\SysWow64\relog.exe
2017-03-30 19:34 . 2015-05-25 18:00 82944 ----a-w- c:\windows\SysWow64\logman.exe
2017-03-30 19:34 . 2015-05-25 18:00 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2017-03-30 19:30 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2017-03-30 19:29 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2017-03-30 19:29 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2017-03-30 19:27 . 2016-08-16 21:55 25088 ----a-w- c:\windows\system32\drivers\cs-CZ\usbport.sys.mui
2017-03-30 19:26 . 2016-03-09 19:00 396800 ----a-w- c:\windows\system32\webio.dll
2017-03-30 19:25 . 2016-02-05 20:22 8192 ----a-w- c:\windows\system32\drivers\cs-CZ\tpm.sys.mui
2017-03-30 19:25 . 2016-02-05 18:56 20480 ----a-w- c:\windows\system32\tbs.dll
2017-03-30 19:25 . 2016-02-05 18:54 109568 ----a-w- c:\windows\system32\fveapibase.dll
2017-03-30 19:25 . 2016-02-05 18:53 8192 ----a-w- c:\windows\system32\drivers\en-US\tpm.sys.mui
2017-03-30 19:25 . 2016-02-05 17:33 15360 ----a-w- c:\windows\SysWow64\tbs.dll
2017-03-30 19:25 . 2015-06-03 20:21 451080 ----a-w- c:\windows\system32\fveapi.dll
2017-03-30 19:25 . 2016-02-02 18:57 511488 ----a-w- c:\windows\system32\rpcss.dll
2017-03-30 19:25 . 2016-01-21 00:51 73664 ----a-w- c:\windows\system32\drivers\disk.sys
2017-03-30 19:25 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll
2017-03-30 19:25 . 2016-03-16 18:28 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2017-03-30 19:25 . 2016-03-16 18:28 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2017-03-30 19:25 . 2016-03-16 18:27 286720 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2017-03-30 19:24 . 2016-01-11 19:11 1684416 ----a-w- c:\windows\system32\drivers\ntfs.sys
2017-03-30 19:21 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2017-03-30 19:21 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2017-03-30 19:19 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-04-12 04:17 . 2017-03-25 17:53 14848 ----a-w- c:\windows\system32\slwga.dll
2017-04-12 04:17 . 2017-03-25 17:53 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2017-04-12 04:17 . 2017-03-25 17:53 419840 ----a-w- c:\windows\system32\systemcpl.dll
2017-03-25 18:46 . 2017-04-11 18:20 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2017-03-25 18:40 . 2017-03-25 18:40 29964 ----a-w- c:\programdata\agent.update.1490467245.bdinstall.bin
2017-03-25 18:31 . 2017-03-25 18:31 28467 ----a-w- c:\programdata\agent.1490466694.bdinstall.bin
2017-03-25 18:27 . 2017-03-25 18:27 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2017-03-25 18:27 . 2017-03-25 18:27 942592 ----a-w- c:\windows\system32\jsIntl.dll
2017-03-25 18:27 . 2017-03-25 18:27 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2017-03-25 18:27 . 2017-03-25 18:27 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2017-03-25 18:27 . 2017-03-25 18:27 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2017-03-25 18:27 . 2017-03-25 18:27 81408 ----a-w- c:\windows\system32\icardie.dll
2017-03-25 18:27 . 2017-03-25 18:27 77312 ----a-w- c:\windows\system32\tdc.ocx
2017-03-25 18:27 . 2017-03-25 18:27 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2017-03-25 18:27 . 2017-03-25 18:27 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2017-03-25 18:27 . 2017-03-25 18:27 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2017-03-25 18:27 . 2017-03-25 18:27 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2017-03-25 18:27 . 2017-03-25 18:27 62464 ----a-w- c:\windows\system32\pngfilt.dll
2017-03-25 18:27 . 2017-03-25 18:27 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2017-03-25 18:27 . 2017-03-25 18:27 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2017-03-25 18:27 . 2017-03-25 18:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2017-03-25 18:27 . 2017-03-25 18:27 48640 ----a-w- c:\windows\system32\mshtmler.dll
2017-03-25 18:27 . 2017-03-25 18:27 48128 ----a-w- c:\windows\system32\imgutil.dll
2017-03-25 18:27 . 2017-03-25 18:27 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2017-03-25 18:27 . 2017-03-25 18:27 30208 ----a-w- c:\windows\system32\licmgr10.dll
2017-03-25 18:27 . 2017-03-25 18:27 247808 ----a-w- c:\windows\system32\msls31.dll
2017-03-25 18:27 . 2017-03-25 18:27 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2017-03-25 18:27 . 2017-03-25 18:27 235520 ----a-w- c:\windows\system32\url.dll
2017-03-25 18:27 . 2017-03-25 18:27 235008 ----a-w- c:\windows\system32\elshyph.dll
2017-03-25 18:27 . 2017-03-25 18:27 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2017-03-25 18:27 . 2017-03-25 18:27 167424 ----a-w- c:\windows\system32\iexpress.exe
2017-03-25 18:27 . 2017-03-25 18:27 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2017-03-25 18:27 . 2017-03-25 18:27 143872 ----a-w- c:\windows\system32\wextract.exe
2017-03-25 18:27 . 2017-03-25 18:27 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2017-03-25 18:27 . 2017-03-25 18:27 13824 ----a-w- c:\windows\system32\mshta.exe
2017-03-25 18:27 . 2017-03-25 18:27 135680 ----a-w- c:\windows\system32\iepeers.dll
2017-03-25 18:27 . 2017-03-25 18:27 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2017-03-25 18:27 . 2017-03-25 18:27 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2017-03-25 18:27 . 2017-03-25 18:27 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2017-03-25 18:27 . 2017-03-25 18:27 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2017-03-25 18:27 . 2017-03-25 18:27 105984 ----a-w- c:\windows\system32\iesysprep.dll
2017-03-25 18:26 . 2017-03-25 18:26 68608 ----a-w- c:\windows\system32\taskhost.exe
2017-03-25 18:25 . 2017-03-25 18:25 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2017-03-25 18:25 . 2017-03-25 18:25 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2017-03-25 18:25 . 2017-03-25 18:25 363008 ----a-w- c:\windows\system32\dxgi.dll
2017-03-25 18:25 . 2017-03-25 18:25 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 296960 ----a-w- c:\windows\system32\d3d10core.dll
2017-03-25 18:25 . 2017-03-25 18:25 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2017-03-25 18:25 . 2017-03-25 18:25 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2017-03-25 18:25 . 2017-03-25 18:25 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2017-03-25 18:25 . 2017-03-25 18:25 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2017-03-25 18:25 . 2017-03-25 18:25 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2017-03-25 18:25 . 2017-03-25 18:25 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2017-03-25 18:25 . 2017-03-25 18:25 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2017-03-25 18:25 . 2017-03-25 18:25 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2017-03-25 18:25 . 2017-03-25 18:25 1238528 ----a-w- c:\windows\system32\d3d10.dll
2017-03-25 18:25 . 2017-03-25 18:25 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2017-03-25 18:25 . 2017-03-25 18:25 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2017-03-25 18:25 . 2017-03-25 18:25 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-03-25 18:22 . 2017-03-25 18:22 1887232 ----a-w- c:\windows\system32\d3d11.dll
2017-03-25 18:22 . 2017-03-25 18:22 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2017-03-25 17:59 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2017-03-25 17:59 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2017-03-25 17:58 . 2017-03-25 17:58 28467 ----a-w- c:\programdata\agent.1490464695.bdinstall.bin
2017-03-25 17:27 . 2017-03-25 17:27 28468 ----a-w- c:\programdata\agent.1490462865.bdinstall.bin
2017-03-25 17:04 . 2017-04-11 18:20 262144 ----a-w- c:\windows\system32\webcheck.dll
2017-03-25 16:52 . 2017-03-25 16:52 28467 ----a-w- c:\programdata\agent.1490460733.bdinstall.bin
2017-03-25 16:01 . 2017-03-25 15:56 305120 ----a-w- c:\windows\system32\drivers\ignis.sys
2017-03-25 15:57 . 2017-03-25 15:57 364887 ----a-w- c:\programdata\cl.1490457299.bdinstall.bin
2017-03-25 15:53 . 2017-03-25 15:53 47057 ----a-w- c:\programdata\agent.1490457201.bdinstall.bin
2017-03-22 12:05 . 2017-03-25 15:54 12774864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{94291E8A-D178-4278-8F3E-5C360D80FF4B}\mpengine.dll
2017-03-19 22:48 . 2017-03-19 22:48 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2017-03-19 22:48 . 2017-03-19 22:48 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2017-03-19 22:48 . 2017-03-19 22:48 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2017-03-19 22:48 . 2017-03-19 22:48 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2017-03-19 22:41 . 2017-03-19 22:41 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2017-03-19 22:41 . 2017-03-19 22:41 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2017-03-19 22:41 . 2017-03-19 22:41 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2017-03-19 22:41 . 2017-03-19 22:41 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2017-03-08 04:33 . 2017-04-11 18:20 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-03-08 04:22 . 2017-04-11 18:20 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-03-08 04:22 . 2017-04-11 18:20 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-03-08 04:21 . 2017-04-11 18:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe EXPRESS;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe EXPRESS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 Ignis;Ignis Service;c:\windows\system32\DRIVERS\ignis.sys;c:\windows\SYSNATIVE\DRIVERS\ignis.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\program files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe;c:\program files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [x]
S2 ProductAgentService;ProductAgentService;c:\program files\Bitdefender Agent\ProductAgentService.exe;c:\program files\Bitdefender Agent\ProductAgentService.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2017\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2017\updatesrv.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*Deregistered* - ESProtectionDriver
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-04-20 16:45 1373016 ----a-w- c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2017\bdagent.exe" [2017-04-24 322312]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
------- Asociace souborů -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
SafeBoot-MBAMService
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,84,0b,c3,eb,48,35,43,9d,54,80,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,08,84,0b,c3,eb,48,35,43,9d,54,80,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2017-04-27 17:07:28
ComboFix-quarantined-files.txt 2017-04-27 15:07
.
Před spuštěním: Volných bajtů: 446 486 675 456
Po spuštění: Volných bajtů: 446 087 778 304
.
- - End Of File - - 668340CAE59DDE7248E47F2A7D225C41
A36C5E4F47E84449FF07ED3517B43A31

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

ComboFix 17-04-16.01 - Otto 27.04.2017 20:23:55.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4048.2608 [GMT 2:00]
Spuštěný z: c:\users\Otto\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Otto\Desktop\CFScript.txt
AV: Bitdefender Antivirus *Disabled/Updated* {3FB17364-4FCC-0FA7-6BBF-973897395371}
FW: Bitdefender Firewall *Enabled* {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
SP: Bitdefender Antispyware *Disabled/Updated* {84D09280-69F6-0029-510F-AC4AECBE19CC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Avg
c:\programdata\Avg\AWL\appdata.dat
c:\programdata\Avg\AWL\AvgRep.xml
c:\programdata\Avg\AWL\boot_perf.json
c:\programdata\Avg\AWL\lsdb2.json
c:\programdata\Avg\AWL\lsdb2.json.old
c:\programdata\Avg\AWL\Program Statistics\ProgramStatistics.2013.tudb
c:\programdata\Avg\AWL\swh_stats.json
c:\programdata\Avg\AWL\TUProgMan.10.tudb
c:\programdata\Avg\AWL\TUProgManagerCache.10.tudb
c:\programdata\Avg\AWL\TUReportData.10.tudb
c:\programdata\Avg\AWL\TUTuningIndex.10.2.tudb
c:\programdata\Avg\AWL\TUUtilitiesSvc.13.tudb
c:\programdata\Avg\AWL005C8B517AEDB0AE124911DC3139A84A.xml
c:\users\Otto\AppData\Local\Avg
c:\users\Otto\AppData\Local\Avg\AWL\Backups\00000001.rcb
c:\users\Otto\AppData\Local\Avg\AWL\Backups\00000002.rcb
c:\users\Otto\AppData\Local\Avg\AWL\Backups\00000003.rcb
c:\users\Otto\AppData\Local\Avg\AWL\Backups\00000004.rcb
c:\users\Otto\AppData\Local\Avg\AWL\Speed Optimizer\SpeedOptimizerStates.xml
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwbasedll.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwbasedll.log.lock
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwdll.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwdll.log.lock
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log.1
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log.2
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log.3
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log.4
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log.5
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgfmwui.log.lock
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log.1
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log.2
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log.3
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log.4
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log.5
c:\users\Otto\AppData\Local\Avg\log\fmw1\avgmsgdisp.log.lock
c:\users\Otto\AppData\Local\Avg\log\fmw1\common.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\common.log.lock
c:\users\Otto\AppData\Local\Avg\log\fmw1\commonpriv.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\commonpriv.log.lock
c:\users\Otto\AppData\Local\Avg\log\fmw1\Cookies-journal
c:\users\Otto\AppData\Local\Avg\log\fmw1\Cookies
c:\users\Otto\AppData\Local\Avg\log\fmw1\data_0
c:\users\Otto\AppData\Local\Avg\log\fmw1\data_1
c:\users\Otto\AppData\Local\Avg\log\fmw1\data_2
c:\users\Otto\AppData\Local\Avg\log\fmw1\data_3
c:\users\Otto\AppData\Local\Avg\log\fmw1\f_00000a
c:\users\Otto\AppData\Local\Avg\log\fmw1\f_00000c
c:\users\Otto\AppData\Local\Avg\log\fmw1\chromium_dbg.log
c:\users\Otto\AppData\Local\Avg\log\fmw1\index
c:\users\Otto\AppData\Local\Avg\log\fmw1\Visited Links
c:\users\Otto\AppData\Local\Avg\log\tu16\avglng.log
c:\users\Otto\AppData\Local\Avg\log\tu16\avglng.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\commonpriv.log
c:\users\Otto\AppData\Local\Avg\log\tu16\commonpriv.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\delphiplugins.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\delphiplugins.log
c:\users\Otto\AppData\Local\Avg\log\tu16\delphiplugins.log.1
c:\users\Otto\AppData\Local\Avg\log\tu16\delphiplugins.log.2
c:\users\Otto\AppData\Local\Avg\log\tu16\delphiplugins.log.3
c:\users\Otto\AppData\Local\Avg\log\tu16\delphiplugins.log.4
c:\users\Otto\AppData\Local\Avg\log\tu16\diskdoctor.log
c:\users\Otto\AppData\Local\Avg\log\tu16\diskexplorer.log
c:\users\Otto\AppData\Local\Avg\log\tu16\duplicatefinder.log
c:\users\Otto\AppData\Local\Avg\log\tu16\performanceoptimizer.log
c:\users\Otto\AppData\Local\Avg\log\tu16\powermodemanager.log
c:\users\Otto\AppData\Local\Avg\log\tu16\processmanager.log
c:\users\Otto\AppData\Local\Avg\log\tu16\regwiz.log
c:\users\Otto\AppData\Local\Avg\log\tu16\repairwizard.log
c:\users\Otto\AppData\Local\Avg\log\tu16\settingcenter.log
c:\users\Otto\AppData\Local\Avg\log\tu16\shortcutcleaner.log
c:\users\Otto\AppData\Local\Avg\log\tu16\shredder.log
c:\users\Otto\AppData\Local\Avg\log\tu16\sqldb.log
c:\users\Otto\AppData\Local\Avg\log\tu16\startupoptimizer.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tuclient.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tuclient.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\tucomm.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tucomm.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\tuinstallhelper.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tumessages.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tupk.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tupk.log.1
c:\users\Otto\AppData\Local\Avg\log\tu16\tupk.log.2
c:\users\Otto\AppData\Local\Avg\log\tu16\tupk.log.3
c:\users\Otto\AppData\Local\Avg\log\tu16\tupk.log.4
c:\users\Otto\AppData\Local\Avg\log\tu16\tupk.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\tuscan.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tuscan.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\tusetupca.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tusetupca.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\tuui.log
c:\users\Otto\AppData\Local\Avg\log\tu16\tuui.log.lock
c:\users\Otto\AppData\Local\Avg\log\tu16\uninstallmanager.log
c:\users\Otto\AppData\Local\ESET
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\esets_apiW.dll
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.dll
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Char_Cache\CACHE.NDB
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\http_update.eset.com\download\engineols3\update.ver
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\lastupd.ver
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod05DA.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod0751.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod0D85.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod14F5.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod15AD.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod2D7E.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod3273.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod367D.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod405E.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod40B8.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod5244.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod6146.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod7216.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\nod7979.nup
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\data\updfiles\upd.ver
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em000_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em001_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em002_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em003_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em004_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em005_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em006_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\em023_32.dat
c:\users\Otto\AppData\Local\ESET\ESETOnlineScanner\Modules\esets_api.stg
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-03-27 do 2017-04-27 )))))))))))))))))))))))))))))))
.
.
2017-04-27 18:30 . 2017-04-27 18:30 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2017-04-27 09:56 . 2017-04-27 09:56 -------- d-----w- c:\users\Otto\AppData\Local\Adobe
2017-04-27 08:39 . 2017-04-27 08:39 -------- d-----w- c:\users\Otto\AppData\Local\CrashDumps
2017-04-26 18:56 . 2017-04-27 14:52 -------- d-----w- c:\users\Otto\AppData\Local\Zemana
2017-04-25 21:26 . 2017-04-25 21:20 24064 ----a-w- c:\windows\zoek-delete.exe
2017-04-25 21:26 . 2017-04-27 18:31 -------- d-----w- c:\users\Otto\AppData\Local\Temp
2017-04-25 21:25 . 2017-04-25 21:29 -------- d-----w- C:\zoek
2017-04-25 11:40 . 2017-04-26 18:37 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-04-25 11:39 . 2017-04-25 12:01 -------- d-----w- c:\programdata\RogueKiller
2017-04-24 10:11 . 2017-04-24 10:11 -------- d-----w- c:\users\Otto\AppData\Local\Diagnostics
2017-04-23 16:37 . 2017-04-23 20:45 -------- d-----w- c:\users\Otto\AppData\Local\HappyFoto-FOTO-CZ
2017-04-23 13:43 . 2016-11-25 06:15 33280 ----a-w- c:\windows\system32\drivers\usbser.sys
2017-04-23 13:43 . 2016-11-25 06:15 287232 ----a-w- c:\windows\system32\drivers\hw_quusbnet.sys
2017-04-23 13:43 . 2016-11-25 06:15 223232 ----a-w- c:\windows\system32\drivers\hw_quusbmdm.sys
2017-04-23 13:43 . 2016-11-25 06:15 2152176 ----a-w- c:\windows\system32\drivers\WUDFUpdate_01009.dll
2017-04-23 13:43 . 2016-11-25 06:15 18816 ----a-w- c:\windows\system32\drivers\ew_usbccgpfilter.sys
2017-04-23 13:43 . 2016-11-25 06:15 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2017-04-23 13:43 . 2016-11-25 06:15 1721576 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2017-04-23 13:43 . 2016-11-25 06:15 126592 ----a-w- c:\windows\system32\drivers\hw_cdcacm.sys
2017-04-23 13:43 . 2016-11-25 06:15 116864 ----a-w- c:\windows\system32\drivers\hw_usbdev.sys
2017-04-23 13:43 . 2016-11-25 06:15 1002728 ----a-w- c:\windows\system32\drivers\winusbcoinstaller2.dll
2017-04-23 13:43 . 2017-04-23 13:44 -------- d-----w- c:\program files (x86)\HiSuite
2017-04-23 13:43 . 2017-04-23 13:44 -------- d-----w- c:\users\Otto\AppData\Local\Hisuite
2017-04-22 13:24 . 2017-04-22 13:24 -------- d-----w- c:\users\Otto\AppData\Local\Seznam.cz
2017-04-22 13:24 . 2017-04-22 13:24 -------- d-----w- c:\users\Otto\AppData\Local\Chromium
2017-04-22 12:58 . 2017-04-27 08:47 -------- d-----w- c:\users\Otto\AppData\Local\AvgSetupLog
2017-04-22 12:25 . 2017-04-22 12:43 -------- d-----w- c:\program files (x86)\PhotoInstrument
2017-04-22 11:56 . 2017-04-22 11:56 -------- d-----w- c:\program files\Inpaint
2017-04-21 20:03 . 2017-04-27 14:51 -------- d-----w- c:\programdata\Malwarebytes
2017-04-21 20:01 . 2017-04-21 20:01 -------- d-----w- c:\programdata\Malwarebytes-BackupByMalwarebytesPortable
2017-04-20 16:44 . 2017-04-20 16:45 -------- d-----w- c:\users\Otto\AppData\Local\Google
2017-04-20 16:44 . 2017-04-20 16:45 -------- d-----w- c:\program files (x86)\Google
2017-04-19 19:31 . 2017-04-19 19:31 -------- d-----w- c:\users\Otto\dwhelper
2017-04-18 19:45 . 2017-04-18 20:26 -------- d-----w- c:\users\Otto\AppData\Roaming\ControlCenter4
2017-04-18 19:34 . 2017-04-18 19:34 -------- d-----w- C:\Brother
2017-04-18 19:33 . 2017-04-18 20:02 -------- d-----w- c:\program files (x86)\ControlCenter4
2017-04-18 19:29 . 2013-04-15 09:29 180224 ----a-w- c:\windows\SysWow64\BROSNMP.DLL
2017-04-18 19:27 . 2013-05-09 11:34 2560 ------w- c:\windows\SysWow64\BrDctF2S.dll
2017-04-18 19:27 . 2013-01-10 11:56 253952 ------w- c:\windows\SysWow64\NSSearch.dll
2017-04-18 19:27 . 2010-03-15 17:45 73728 ------w- c:\windows\SysWow64\BrDctF2.dll
2017-04-18 19:27 . 2007-12-13 20:16 5120 ------w- c:\windows\SysWow64\BrDctF2L.dll
2017-04-18 19:23 . 2017-04-18 19:23 -------- d-----w- c:\users\Otto\AppData\Roaming\InstallShield
2017-04-18 19:23 . 2017-04-18 19:23 -------- d-----w- c:\programdata\InstallShield
2017-04-14 15:39 . 2017-04-23 19:34 -------- d-----w- c:\users\Otto\AppData\Roaming\vlc
2017-04-14 15:38 . 2017-04-14 15:38 -------- d-----w- c:\program files (x86)\VideoLAN
2017-04-14 15:05 . 2017-04-14 15:26 82816 ----a-w- c:\users\Otto\AppData\Roaming\pcouffin.sys
2017-04-14 15:05 . 2017-04-14 15:26 -------- d-----w- c:\users\Otto\AppData\Roaming\Vso
2017-04-14 15:05 . 2017-04-21 10:24 -------- d-----w- c:\programdata\VSO
2017-04-14 15:05 . 2017-04-14 15:05 -------- d-----w- c:\program files (x86)\VSO
2017-04-11 18:19 . 2017-03-08 20:11 1019904 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2017-04-11 18:18 . 2016-08-22 16:19 1386496 ----a-w- c:\windows\system32\diagtrack.dll
2017-04-11 18:08 . 2017-04-11 18:08 6230616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-04-07 19:58 . 2017-04-07 19:58 -------- d-----w- c:\users\Otto\AppData\Local\Macromedia
2017-04-07 19:55 . 2017-04-11 18:08 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-04-07 19:55 . 2017-04-11 18:08 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-04-07 19:55 . 2017-04-11 18:08 -------- d-----w- c:\windows\system32\Macromed
2017-04-07 19:55 . 2017-04-11 18:08 -------- d-----w- c:\windows\SysWow64\Macromed
2017-04-07 18:36 . 2017-04-07 18:36 -------- d-----r- c:\users\Otto\AppData\Roaming\Brother
2017-04-01 16:26 . 2017-04-01 16:26 -------- d-----w- c:\program files\Zoner
2017-04-01 16:19 . 2017-04-01 16:54 -------- d-----w- c:\users\Otto\AppData\Local\Zoner
2017-04-01 16:19 . 2017-04-01 16:19 -------- d-----w- c:\users\Otto\AppData\Roaming\Zoner
2017-03-30 19:54 . 2017-03-30 19:54 -------- d-s---w- c:\windows\system32\CompatTel
2017-03-30 19:54 . 2017-03-30 19:54 -------- d-----w- c:\windows\system32\appraiser
2017-03-30 19:44 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2017-03-30 19:44 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2017-03-30 19:42 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2017-03-30 19:42 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2017-03-30 19:42 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2017-03-30 19:42 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2017-03-30 19:42 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2017-03-30 19:42 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2017-03-30 19:42 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2017-03-30 19:38 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2017-03-30 19:38 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2017-03-30 19:38 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2017-03-30 19:38 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2017-03-30 19:38 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2017-03-30 19:38 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2017-03-30 19:38 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2017-03-30 19:38 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2017-03-30 19:38 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2017-03-30 19:35 . 2015-07-09 17:58 82944 ----a-w- c:\windows\system32\dwmapi.dll
2017-03-30 19:35 . 2015-07-09 17:58 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2017-03-30 19:35 . 2015-07-09 17:42 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2017-03-30 19:35 . 2015-07-09 17:42 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2017-03-30 19:35 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2017-03-30 19:35 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2017-03-30 19:35 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2017-03-30 19:35 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2017-03-30 19:34 . 2015-05-25 18:19 113664 ----a-w- c:\windows\system32\sechost.dll
2017-03-30 19:34 . 2015-05-25 18:18 47104 ----a-w- c:\windows\system32\typeperf.exe
2017-03-30 19:34 . 2015-05-25 18:18 404992 ----a-w- c:\windows\system32\tracerpt.exe
2017-03-30 19:34 . 2015-05-25 18:18 43008 ----a-w- c:\windows\system32\relog.exe
2017-03-30 19:34 . 2015-05-25 18:18 104448 ----a-w- c:\windows\system32\logman.exe
2017-03-30 19:34 . 2015-05-25 18:18 19456 ----a-w- c:\windows\system32\diskperf.exe
2017-03-30 19:34 . 2015-05-25 18:01 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2017-03-30 19:34 . 2015-05-25 18:00 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2017-03-30 19:34 . 2015-05-25 18:00 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2017-03-30 19:34 . 2015-05-25 18:00 37888 ----a-w- c:\windows\SysWow64\relog.exe
2017-03-30 19:34 . 2015-05-25 18:00 82944 ----a-w- c:\windows\SysWow64\logman.exe
2017-03-30 19:34 . 2015-05-25 18:00 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2017-03-30 19:30 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2017-03-30 19:29 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2017-03-30 19:29 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2017-03-30 19:27 . 2016-08-16 21:55 25088 ----a-w- c:\windows\system32\drivers\cs-CZ\usbport.sys.mui
2017-03-30 19:26 . 2016-03-09 19:00 396800 ----a-w- c:\windows\system32\webio.dll
2017-03-30 19:25 . 2016-02-05 20:22 8192 ----a-w- c:\windows\system32\drivers\cs-CZ\tpm.sys.mui
2017-03-30 19:25 . 2016-02-05 18:56 20480 ----a-w- c:\windows\system32\tbs.dll
2017-03-30 19:25 . 2016-02-05 18:54 109568 ----a-w- c:\windows\system32\fveapibase.dll
2017-03-30 19:25 . 2016-02-05 18:53 8192 ----a-w- c:\windows\system32\drivers\en-US\tpm.sys.mui
2017-03-30 19:25 . 2016-02-05 17:33 15360 ----a-w- c:\windows\SysWow64\tbs.dll
2017-03-30 19:25 . 2015-06-03 20:21 451080 ----a-w- c:\windows\system32\fveapi.dll
2017-03-30 19:25 . 2016-02-02 18:57 511488 ----a-w- c:\windows\system32\rpcss.dll
2017-03-30 19:25 . 2016-01-21 00:51 73664 ----a-w- c:\windows\system32\drivers\disk.sys
2017-03-30 19:25 . 2016-03-16 18:50 156672 ----a-w- c:\windows\system32\mtxoci.dll
2017-03-30 19:25 . 2016-03-16 18:28 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2017-03-30 19:25 . 2016-03-16 18:28 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2017-03-30 19:25 . 2016-03-16 18:27 286720 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2017-03-30 19:24 . 2016-01-11 19:11 1684416 ----a-w- c:\windows\system32\drivers\ntfs.sys
2017-03-30 19:21 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2017-03-30 19:21 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2017-03-30 19:19 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2017-03-30 19:19 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2017-03-30 19:19 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2017-03-30 19:19 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-04-12 04:17 . 2017-03-25 17:53 14848 ----a-w- c:\windows\system32\slwga.dll
2017-04-12 04:17 . 2017-03-25 17:53 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2017-04-12 04:17 . 2017-03-25 17:53 419840 ----a-w- c:\windows\system32\systemcpl.dll
2017-03-25 18:46 . 2017-04-11 18:20 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2017-03-25 18:40 . 2017-03-25 18:40 29964 ----a-w- c:\programdata\agent.update.1490467245.bdinstall.bin
2017-03-25 18:31 . 2017-03-25 18:31 28467 ----a-w- c:\programdata\agent.1490466694.bdinstall.bin
2017-03-25 18:27 . 2017-03-25 18:27 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2017-03-25 18:27 . 2017-03-25 18:27 942592 ----a-w- c:\windows\system32\jsIntl.dll
2017-03-25 18:27 . 2017-03-25 18:27 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2017-03-25 18:27 . 2017-03-25 18:27 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2017-03-25 18:27 . 2017-03-25 18:27 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2017-03-25 18:27 . 2017-03-25 18:27 81408 ----a-w- c:\windows\system32\icardie.dll
2017-03-25 18:27 . 2017-03-25 18:27 77312 ----a-w- c:\windows\system32\tdc.ocx
2017-03-25 18:27 . 2017-03-25 18:27 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2017-03-25 18:27 . 2017-03-25 18:27 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2017-03-25 18:27 . 2017-03-25 18:27 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2017-03-25 18:27 . 2017-03-25 18:27 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2017-03-25 18:27 . 2017-03-25 18:27 62464 ----a-w- c:\windows\system32\pngfilt.dll
2017-03-25 18:27 . 2017-03-25 18:27 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2017-03-25 18:27 . 2017-03-25 18:27 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2017-03-25 18:27 . 2017-03-25 18:27 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2017-03-25 18:27 . 2017-03-25 18:27 48640 ----a-w- c:\windows\system32\mshtmler.dll
2017-03-25 18:27 . 2017-03-25 18:27 48128 ----a-w- c:\windows\system32\imgutil.dll
2017-03-25 18:27 . 2017-03-25 18:27 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2017-03-25 18:27 . 2017-03-25 18:27 30208 ----a-w- c:\windows\system32\licmgr10.dll
2017-03-25 18:27 . 2017-03-25 18:27 247808 ----a-w- c:\windows\system32\msls31.dll
2017-03-25 18:27 . 2017-03-25 18:27 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2017-03-25 18:27 . 2017-03-25 18:27 235520 ----a-w- c:\windows\system32\url.dll
2017-03-25 18:27 . 2017-03-25 18:27 235008 ----a-w- c:\windows\system32\elshyph.dll
2017-03-25 18:27 . 2017-03-25 18:27 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2017-03-25 18:27 . 2017-03-25 18:27 167424 ----a-w- c:\windows\system32\iexpress.exe
2017-03-25 18:27 . 2017-03-25 18:27 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2017-03-25 18:27 . 2017-03-25 18:27 143872 ----a-w- c:\windows\system32\wextract.exe
2017-03-25 18:27 . 2017-03-25 18:27 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2017-03-25 18:27 . 2017-03-25 18:27 13824 ----a-w- c:\windows\system32\mshta.exe
2017-03-25 18:27 . 2017-03-25 18:27 135680 ----a-w- c:\windows\system32\iepeers.dll
2017-03-25 18:27 . 2017-03-25 18:27 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2017-03-25 18:27 . 2017-03-25 18:27 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2017-03-25 18:27 . 2017-03-25 18:27 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2017-03-25 18:27 . 2017-03-25 18:27 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2017-03-25 18:27 . 2017-03-25 18:27 105984 ----a-w- c:\windows\system32\iesysprep.dll
2017-03-25 18:26 . 2017-03-25 18:26 68608 ----a-w- c:\windows\system32\taskhost.exe
2017-03-25 18:25 . 2017-03-25 18:25 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2017-03-25 18:25 . 2017-03-25 18:25 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2017-03-25 18:25 . 2017-03-25 18:25 363008 ----a-w- c:\windows\system32\dxgi.dll
2017-03-25 18:25 . 2017-03-25 18:25 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 296960 ----a-w- c:\windows\system32\d3d10core.dll
2017-03-25 18:25 . 2017-03-25 18:25 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2017-03-25 18:25 . 2017-03-25 18:25 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2017-03-25 18:25 . 2017-03-25 18:25 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2017-03-25 18:25 . 2017-03-25 18:25 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2017-03-25 18:25 . 2017-03-25 18:25 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2017-03-25 18:25 . 2017-03-25 18:25 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2017-03-25 18:25 . 2017-03-25 18:25 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2017-03-25 18:25 . 2017-03-25 18:25 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2017-03-25 18:25 . 2017-03-25 18:25 1238528 ----a-w- c:\windows\system32\d3d10.dll
2017-03-25 18:25 . 2017-03-25 18:25 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2017-03-25 18:25 . 2017-03-25 18:25 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2017-03-25 18:25 . 2017-03-25 18:25 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-03-25 18:25 . 2017-03-25 18:25 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2017-03-25 18:22 . 2017-03-25 18:22 1887232 ----a-w- c:\windows\system32\d3d11.dll
2017-03-25 18:22 . 2017-03-25 18:22 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2017-03-25 17:59 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2017-03-25 17:59 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2017-03-25 17:58 . 2017-03-25 17:58 28467 ----a-w- c:\programdata\agent.1490464695.bdinstall.bin
2017-03-25 17:27 . 2017-03-25 17:27 28468 ----a-w- c:\programdata\agent.1490462865.bdinstall.bin
2017-03-25 17:04 . 2017-04-11 18:20 262144 ----a-w- c:\windows\system32\webcheck.dll
2017-03-25 16:52 . 2017-03-25 16:52 28467 ----a-w- c:\programdata\agent.1490460733.bdinstall.bin
2017-03-25 16:01 . 2017-03-25 15:56 305120 ----a-w- c:\windows\system32\drivers\ignis.sys
2017-03-25 15:57 . 2017-03-25 15:57 364887 ----a-w- c:\programdata\cl.1490457299.bdinstall.bin
2017-03-25 15:53 . 2017-03-25 15:53 47057 ----a-w- c:\programdata\agent.1490457201.bdinstall.bin
2017-03-22 12:05 . 2017-03-25 15:54 12774864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{94291E8A-D178-4278-8F3E-5C360D80FF4B}\mpengine.dll
2017-03-19 22:48 . 2017-03-19 22:48 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2017-03-19 22:48 . 2017-03-19 22:48 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2017-03-19 22:48 . 2017-03-19 22:48 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2017-03-19 22:48 . 2017-03-19 22:48 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2017-03-19 22:41 . 2017-03-19 22:41 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2017-03-19 22:41 . 2017-03-19 22:41 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2017-03-19 22:41 . 2017-03-19 22:41 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2017-03-19 22:41 . 2017-03-19 22:41 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2017-03-08 04:33 . 2017-04-11 18:20 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-03-08 04:22 . 2017-04-11 18:20 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-03-08 04:22 . 2017-04-11 18:20 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-03-08 04:21 . 2017-04-11 18:19 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
R1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 Garmin Device Interaction Service;Garmin Device Interaction Service;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe EXPRESS;c:\program files (x86)\Garmin\Device Interaction Service\GarminService.exe EXPRESS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys;c:\windows\SYSNATIVE\DRIVERS\gzflt.sys [x]
S0 Ignis;Ignis Service;c:\windows\system32\DRIVERS\ignis.sys;c:\windows\SYSNATIVE\DRIVERS\ignis.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [x]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdvedisk.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe;c:\program files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe;c:\program files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [x]
S2 ProductAgentService;ProductAgentService;c:\program files\Bitdefender Agent\ProductAgentService.exe;c:\program files\Bitdefender Agent\ProductAgentService.exe [x]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2017\updatesrv.exe;c:\program files\Bitdefender\Bitdefender 2017\updatesrv.exe [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-04-20 16:45 1373016 ----a-w- c:\program files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="c:\program files\Bitdefender\Bitdefender 2017\bdagent.exe" [2017-04-24 322312]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.37 213.46.172.36
FF - ProfilePath - c:\users\Otto\AppData\Roaming\Mozilla\Firefox\Profiles\hfi04hwg.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Celkový čas: 2017-04-27 20:35:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-04-27 18:35
ComboFix2.txt 2017-04-27 15:07
.
Před spuštěním: Volných bajtů: 445 685 219 328
Po spuštění: Volných bajtů: 445 367 906 304
.
- - End Of File - - 6ECC45CA90959FF43F8F2DFA24ACDD8F
A36C5E4F47E84449FF07ED3517B43A31