PC-HELP.CZ

Zemana AntiMalware 2.73.2.2 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.6.14
Operating System : Windows 7 64-bit
Processor : 4X Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz
BIOS Mode : Legacy
CUID : 12364BCAE41506E8FF3349
Scan Type : Skenování systému
Duration : 24m 8s
Scanned Objects : 104509
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Nebyly zjištěny žádné hrozby

ComboFix 17-05-16.01 - Jarda 14.06.2017 9:46.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8092.6102 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avira Antivirus *Disabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-05-14 do 2017-06-14 )))))))))))))))))))))))))))))))
.
.
2017-06-14 07:54 . 2017-06-14 07:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-06-14 07:14 . 2017-06-14 07:14 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2017-06-14 07:14 . 2017-06-14 07:14 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2017-06-14 07:14 . 2017-06-14 07:55 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-06-14 07:13 . 2017-06-14 07:13 -------- d-----w- c:\users\Jarda\AppData\Local\Zemana
2017-06-14 04:25 . 2017-06-14 04:25 64504 ----a-w- c:\windows\system32\drivers\avdevprot.sys
2017-06-14 00:27 . 2017-05-10 15:29 14183936 ----a-w- c:\windows\system32\shell32.dll
2017-06-13 19:15 . 2017-06-13 16:31 24064 ----a-w- c:\windows\zoek-delete.exe
2017-06-13 19:15 . 2017-06-14 07:54 -------- d-----w- c:\users\Jarda\AppData\Local\Temp
2017-06-13 16:31 . 2017-06-13 17:42 -------- d-----w- C:\zoek_backup
2017-06-13 08:54 . 2017-06-13 16:29 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-06-13 08:54 . 2017-06-13 16:26 -------- d-----w- c:\programdata\RogueKiller
2017-06-12 19:04 . 2017-06-12 19:04 -------- d-----w- c:\programdata\Sophos
2017-06-12 19:03 . 2017-06-12 19:03 -------- d-----w- c:\program files (x86)\Sophos
2017-06-12 18:00 . 2017-06-12 18:06 -------- d-----w- c:\users\Jarda\AppData\Local\Google
2017-06-12 17:59 . 2017-06-12 17:59 -------- d-----w- c:\program files (x86)\Google
2017-06-12 17:35 . 2017-06-12 17:35 188312 ----a-w- c:\windows\system32\drivers\MBAMChameleon.sys
2017-06-12 17:35 . 2017-06-14 02:47 84256 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-06-12 17:35 . 2017-06-14 01:42 113592 ----a-w- c:\windows\system32\drivers\farflt.sys
2017-06-12 17:35 . 2017-06-14 01:42 44960 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-06-12 17:34 . 2017-06-14 07:57 252832 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-06-12 17:34 . 2017-05-25 09:58 77376 ----a-w- c:\windows\system32\drivers\mbae64.sys
2017-06-12 17:34 . 2017-06-12 17:34 -------- d-----w- c:\program files\Malwarebytes
2017-06-12 17:21 . 2017-06-12 17:26 -------- d-----w- C:\AdwCleaner
2017-06-12 09:52 . 2017-06-12 09:52 -------- d-----w- c:\users\Jarda\AppData\Local\Lenovo
2017-06-12 09:50 . 2017-06-12 09:50 -------- d-----w- c:\users\Jarda\.QtWebEngineProcess
2017-06-12 09:50 . 2017-06-12 09:50 -------- d-----w- c:\users\Jarda\.LSC
2017-06-09 10:54 . 2017-06-09 10:54 -------- d-----w- c:\windows\Downloaded Installations
2017-06-02 19:18 . 2017-06-02 19:18 -------- d-----w- c:\users\Jarda\AppData\Local\2K Games
2017-05-24 00:06 . 2017-05-24 00:06 -------- d-----w- c:\programdata\Conexant
2017-05-24 00:06 . 2017-05-24 00:06 -------- d-----w- c:\users\Jarda\AppData\Local\Conexant
2017-05-23 10:40 . 2017-05-23 10:40 -------- d-----w- c:\windows\SysWow64\NV
2017-05-23 10:40 . 2017-05-23 10:40 -------- d-----w- c:\windows\system32\NV
2017-05-23 10:28 . 2017-05-23 10:28 -------- d-----w- c:\program files (x86)\VulkanRT
2017-05-23 10:28 . 2017-03-10 21:17 525600 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2017-05-23 10:28 . 2017-03-10 21:17 233760 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2017-05-23 10:28 . 2017-03-10 21:17 536864 ----a-w- c:\windows\system32\vulkan-1.dll
2017-05-23 10:28 . 2017-03-10 21:17 254240 ----a-w- c:\windows\system32\vulkaninfo.exe
2017-05-22 22:19 . 2017-05-03 20:21 48248 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-05-22 22:19 . 2017-05-03 20:21 175736 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-05-22 22:19 . 2017-05-03 20:21 143480 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-05-18 19:48 . 2017-05-18 19:48 -------- d-----w- c:\users\Jarda\AppData\Roaming\.mono
2017-05-18 19:48 . 2017-05-18 19:48 -------- d-----w- c:\programdata\.mono
2017-05-18 19:48 . 2017-05-18 19:48 -------- d-----w- c:\users\Jarda\AppData\Roaming\Steam
2017-05-17 10:32 . 2017-05-17 10:32 261360 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\OSFINTL.DLL
2017-05-17 09:16 . 2017-05-17 09:16 61120 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.AdomdClient.resources.dll
2017-05-17 09:16 . 2017-05-17 09:16 48832 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Xmla.resources.dll
2017-05-17 09:16 . 2017-05-17 09:16 20672 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Streaming.resources.dll
2017-05-17 09:16 . 2017-05-17 09:16 192192 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Amo.resources.dll
2017-05-17 09:06 . 2017-05-17 09:06 3263744 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\MSOINTL.DLL
2017-05-16 10:40 . 2017-05-16 10:40 26941184 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2017-05-16 10:36 . 2017-05-16 10:36 8494784 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msolap110_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 74758336 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmdlocal_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 278208 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrw_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 21070528 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmsrv_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 196800 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrwbin_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 11484864 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmgdsrv_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 37551360 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2017-05-16 01:06 . 2017-05-16 01:06 650944 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.AdomdClient.dll
2017-05-16 01:06 . 2017-05-16 01:06 1482432 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.Amo.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-06-14 04:25 . 2017-03-17 07:58 34128 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2017-06-14 04:25 . 2017-03-17 07:58 185032 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2017-06-14 04:25 . 2017-03-17 07:58 149976 ----a-w- c:\windows\system32\drivers\avipbb.sys
2017-06-14 03:31 . 2016-05-12 20:23 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-06-14 03:31 . 2016-05-12 20:23 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-06-14 01:10 . 2016-05-12 09:13 133627792 -c--a-w- c:\windows\system32\MRT.exe
2017-05-21 04:24 . 2017-06-14 00:27 345600 ----a-w- c:\windows\system32\schannel.dll
2017-05-21 04:24 . 2017-06-14 00:27 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-05-21 04:06 . 2017-06-14 00:27 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-05-21 04:06 . 2017-06-14 00:27 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-05-18 07:33 . 2017-01-26 01:53 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-05-18 07:33 . 2016-10-28 23:44 406736 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-05-18 07:33 . 2016-10-21 15:24 491208 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-05-18 07:33 . 2016-10-21 15:24 4090016 ----a-w- c:\windows\system32\nvapi64.dll
2017-05-18 07:33 . 2016-09-04 17:14 3603672 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-05-18 07:33 . 2016-05-11 20:17 170360 ----a-w- c:\windows\system32\nvinitx.dll
2017-05-18 07:33 . 2016-05-11 20:17 148200 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-05-18 05:55 . 2016-10-12 23:58 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-05-18 05:48 . 2016-05-11 20:25 6437824 ----a-w- c:\windows\system32\nvcpl.dll
2017-05-18 05:48 . 2016-05-11 20:25 2479736 ----a-w- c:\windows\system32\nvsvc64.dll
2017-05-18 05:48 . 2016-05-11 20:25 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-05-18 05:48 . 2016-05-11 20:25 69752 ----a-w- c:\windows\system32\nvshext.dll
2017-05-18 05:48 . 2016-05-11 20:25 548984 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-05-18 05:48 . 2016-05-11 20:25 392312 ----a-w- c:\windows\system32\nvmctray.dll
2017-05-18 05:48 . 2016-05-11 20:25 1762936 ----a-w- c:\windows\system32\nvsvcr.dll
2017-05-18 05:48 . 2016-05-11 20:25 146880 ----a-w- c:\windows\SysWow64\oemdspif.dll
2017-05-16 18:09 . 2016-05-11 20:25 7993157 ----a-w- c:\windows\system32\nvcoproc.bin
2017-05-12 18:03 . 2017-06-14 00:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1893496 ----a-w- c:\windows\system32\nvspcap64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1477240 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-05-03 20:21 . 2016-10-13 00:00 121464 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1755256 ----a-w- c:\windows\system32\nvspbridge64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1317496 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2017-05-01 22:32 . 2017-05-08 21:53 1988032 ----a-w- c:\windows\system32\nvdispco6438205.dll
2017-05-01 22:32 . 2017-05-08 21:53 1589696 ----a-w- c:\windows\system32\nvdispgenco6438205.dll
2017-04-21 15:34 . 2017-05-10 17:41 1133568 ----a-w- c:\windows\system32\cdosys.dll
2017-04-21 15:15 . 2017-05-10 17:41 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2017-04-20 01:57 . 2017-04-26 10:16 1988216 ----a-w- c:\windows\system32\nvdispco6438189.dll
2017-04-20 01:57 . 2017-04-26 10:16 1589880 ----a-w- c:\windows\system32\nvdispgenco6438189.dll
2017-04-17 15:37 . 2017-05-10 17:41 512000 ----a-w- c:\windows\system32\rpcss.dll
2017-04-17 15:37 . 2017-05-10 17:41 2065408 ----a-w- c:\windows\system32\ole32.dll
2017-04-17 15:37 . 2017-05-10 17:41 876544 ----a-w- c:\windows\system32\oleaut32.dll
2017-04-17 15:37 . 2017-05-10 17:41 26112 ----a-w- c:\windows\system32\oleres.dll
2017-04-17 15:37 . 2017-05-10 17:41 8704 ----a-w- c:\windows\system32\comcat.dll
2017-04-17 15:12 . 2017-05-10 17:41 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2017-04-17 15:12 . 2017-05-10 17:41 1417728 ----a-w- c:\windows\SysWow64\ole32.dll
2017-04-17 15:12 . 2017-05-10 17:41 26112 ----a-w- c:\windows\SysWow64\oleres.dll
2017-04-17 14:54 . 2017-05-10 17:41 7168 ----a-w- c:\windows\SysWow64\comcat.dll
2017-04-12 15:32 . 2017-05-10 17:41 229376 ----a-w- c:\windows\system32\wintrust.dll
2017-04-12 15:32 . 2017-05-10 17:41 1483776 ----a-w- c:\windows\system32\crypt32.dll
2017-04-12 15:32 . 2017-05-10 17:41 190976 ----a-w- c:\windows\system32\cryptsvc.dll
2017-04-12 15:32 . 2017-05-10 17:41 141824 ----a-w- c:\windows\system32\cryptnet.dll
2017-04-12 15:26 . 2017-05-10 17:41 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2017-04-12 15:25 . 2017-05-10 17:41 1176064 ----a-w- c:\windows\SysWow64\crypt32.dll
2017-04-12 15:25 . 2017-05-10 17:41 145920 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2017-04-12 15:25 . 2017-05-10 17:41 106496 ----a-w- c:\windows\SysWow64\cryptnet.dll
2017-04-07 15:34 . 2017-05-10 17:41 986856 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2017-04-07 15:34 . 2017-05-10 17:41 265448 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2017-04-07 15:30 . 2017-05-10 17:41 144384 ----a-w- c:\windows\system32\cdd.dll
2017-04-05 14:55 . 2017-05-10 17:41 460800 ----a-w- c:\windows\system32\drivers\srv.sys
2017-04-05 14:55 . 2017-05-10 17:41 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2017-04-05 14:55 . 2017-05-10 17:41 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
2017-04-04 15:34 . 2017-05-10 17:41 1895656 ----a-w- c:\windows\system32\drivers\tcpip.sys
2017-04-04 15:34 . 2017-05-10 17:41 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2017-04-04 15:34 . 2017-05-10 17:41 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2017-04-04 14:53 . 2017-05-10 17:41 496128 ----a-w- c:\windows\system32\drivers\afd.sys
2017-04-01 03:20 . 2017-04-07 10:06 1988032 ----a-w- c:\windows\system32\nvdispco6438165.dll
2017-04-01 03:20 . 2017-04-07 10:06 1591352 ----a-w- c:\windows\system32\nvdispgenco6438165.dll
2017-04-01 00:41 . 2017-04-07 10:06 76840 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-03-26 18:33 . 2017-03-26 18:33 28344 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2017-03-17 00:59 . 2017-04-02 10:00 1983424 ----a-w- c:\windows\system32\nvdispco6437892.dll
2017-03-17 00:59 . 2017-04-02 10:00 1589696 ----a-w- c:\windows\system32\nvdispgenco6437892.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-02-23 07:34 1743664 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-02-23 07:34 1743664 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-02-23 07:34 1743664 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2017-06-08 3042592]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2016-06-22 4299968]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-05-22 97512]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2017-06-14 918008]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-20 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-7-2 1391480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wdm_usb;wdm_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]
R4 Mobizen plugin;Mobizen plugin;c:\program files (x86)\RSUPPORT\MobizenService\MobizenService.exe;c:\program files (x86)\RSUPPORT\MobizenService\MobizenService.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 avdevprot;avdevprot;c:\windows\system32\DRIVERS\avdevprot.sys;c:\windows\SYSNATIVE\DRIVERS\avdevprot.sys [x]
S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys;c:\windows\SYSNATIVE\Drivers\avusbflt.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMFarflt;MBAMFarflt;c:\windows\system32\drivers\farflt.sys;c:\windows\SYSNATIVE\drivers\farflt.sys [x]
S3 MBAMProtection;MBAMProtection;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MBAMWEBPROTECTION
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-06-10 00:41 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-06-10 00:41 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-06-10 00:41 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-12-15 564352]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2016-05-11 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2016-05-11 6202416]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2017-05-03 1893496]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2011-12-06 1654400]
"Malwarebytes TrayApp"="c:\program files\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [2017-05-09 3146704]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-06-12 15510672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{38602f72-a7f8-456b-84e5-6e200dc99917} - c:\programdata\Package Cache\{38602f72-a7f8-456b-84e5-6e200dc99917}\VC_redist.x86.exe
AddRemove-{b9b31169-be62-4b82-9e65-d47c99299ba1} - c:\programdata\Package Cache\{b9b31169-be62-4b82-9e65-d47c99299ba1}\Avira.OE.Setup.Bundle.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{dab68466-3a7d-41a8-a5cf-415e3ff8ef71} - c:\programdata\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_26_0_0_126_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_26_0_0_126_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_26_0_0_126_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_26_0_0_126_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.26"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\program files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
c:\program files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
.
**************************************************************************
.
Celkový čas: 2017-06-14 10:06:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-06-14 08:06
.
Před spuštěním: Volných bajtů: 73 099 333 632
Po spuštění: Volných bajtů: 72 399 339 520
.
- - End Of File - - 8EF21298788E4080707E9CE363A5C9E0
A36C5E4F47E84449FF07ED3517B43A31

AV: Avira Antivirus *Disabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
trvale vypni AV: Malwarebytes

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
Folder::
c:\program files\Common Files\AV\Spybot - Search and Destroy
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotPostWindows10UpgradeReInstall"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_26_0_0_126_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_26_0_0_126_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_26_0_0_126_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_26_0_0_126_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.26"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_26_0_0_126.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\SYSNATIVE\DRIVERS\avdevprot.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

ComboFix 17-05-16.14 - Jarda 15.06.2017 0:15.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8092.6090 [GMT 2:00]
Spuštěný z: c:\users\Jarda\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jarda\Desktop\CFScript.txt
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\program files\Common Files\AV\Spybot - Search and Destroy
c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe
c:\program files\Common Files\AV\Spybot - Search and Destroy\Upgrade.exe
c:\program files\Common Files\AV\Spybot - Search and Destroy\userdata.cab
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-05-14 do 2017-06-14 )))))))))))))))))))))))))))))))
.
.
2017-06-14 22:30 . 2017-06-14 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-06-14 07:14 . 2017-06-14 07:14 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2017-06-14 07:14 . 2017-06-14 07:14 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2017-06-14 07:14 . 2017-06-14 07:55 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-06-14 07:13 . 2017-06-14 07:13 -------- d-----w- c:\users\Jarda\AppData\Local\Zemana
2017-06-14 04:25 . 2017-06-14 04:25 64504 ----a-w- c:\windows\system32\drivers\avdevprot.sys
2017-06-14 00:27 . 2017-05-10 15:29 14183936 ----a-w- c:\windows\system32\shell32.dll
2017-06-13 19:15 . 2017-06-13 16:31 24064 ----a-w- c:\windows\zoek-delete.exe
2017-06-13 19:15 . 2017-06-14 22:34 -------- d-----w- c:\users\Jarda\AppData\Local\Temp
2017-06-13 16:31 . 2017-06-13 17:42 -------- d-----w- C:\zoek_backup
2017-06-13 08:54 . 2017-06-13 16:29 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-06-13 08:54 . 2017-06-13 16:26 -------- d-----w- c:\programdata\RogueKiller
2017-06-12 19:04 . 2017-06-12 19:04 -------- d-----w- c:\programdata\Sophos
2017-06-12 19:03 . 2017-06-12 19:03 -------- d-----w- c:\program files (x86)\Sophos
2017-06-12 18:00 . 2017-06-12 18:06 -------- d-----w- c:\users\Jarda\AppData\Local\Google
2017-06-12 17:59 . 2017-06-12 17:59 -------- d-----w- c:\program files (x86)\Google
2017-06-12 17:21 . 2017-06-12 17:26 -------- d-----w- C:\AdwCleaner
2017-06-12 09:52 . 2017-06-12 09:52 -------- d-----w- c:\users\Jarda\AppData\Local\Lenovo
2017-06-12 09:50 . 2017-06-12 09:50 -------- d-----w- c:\users\Jarda\.QtWebEngineProcess
2017-06-12 09:50 . 2017-06-12 09:50 -------- d-----w- c:\users\Jarda\.LSC
2017-06-09 10:54 . 2017-06-09 10:54 -------- d-----w- c:\windows\Downloaded Installations
2017-06-02 19:18 . 2017-06-02 19:18 -------- d-----w- c:\users\Jarda\AppData\Local\2K Games
2017-05-24 00:06 . 2017-05-24 00:06 -------- d-----w- c:\programdata\Conexant
2017-05-24 00:06 . 2017-05-24 00:06 -------- d-----w- c:\users\Jarda\AppData\Local\Conexant
2017-05-23 10:40 . 2017-06-14 08:02 -------- d-----w- c:\windows\SysWow64\NV
2017-05-23 10:40 . 2017-06-14 08:02 -------- d-----w- c:\windows\system32\NV
2017-05-23 10:28 . 2017-05-23 10:28 -------- d-----w- c:\program files (x86)\VulkanRT
2017-05-23 10:28 . 2017-03-10 21:17 525600 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2017-05-23 10:28 . 2017-03-10 21:17 233760 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2017-05-23 10:28 . 2017-03-10 21:17 536864 ----a-w- c:\windows\system32\vulkan-1.dll
2017-05-23 10:28 . 2017-03-10 21:17 254240 ----a-w- c:\windows\system32\vulkaninfo.exe
2017-05-22 22:19 . 2017-05-03 20:21 48248 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2017-05-22 22:19 . 2017-05-03 20:21 175736 ----a-w- c:\windows\system32\nvaudcap64v.dll
2017-05-22 22:19 . 2017-05-03 20:21 143480 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2017-05-18 19:48 . 2017-05-18 19:48 -------- d-----w- c:\users\Jarda\AppData\Roaming\.mono
2017-05-18 19:48 . 2017-05-18 19:48 -------- d-----w- c:\programdata\.mono
2017-05-18 19:48 . 2017-05-18 19:48 -------- d-----w- c:\users\Jarda\AppData\Roaming\Steam
2017-05-17 10:32 . 2017-05-17 10:32 261360 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\OSFINTL.DLL
2017-05-17 09:16 . 2017-05-17 09:16 61120 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.AdomdClient.resources.dll
2017-05-17 09:16 . 2017-05-17 09:16 48832 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Xmla.resources.dll
2017-05-17 09:16 . 2017-05-17 09:16 20672 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Streaming.resources.dll
2017-05-17 09:16 . 2017-05-17 09:16 192192 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\cs-cz\Microsoft.Excel.Amo.resources.dll
2017-05-17 09:06 . 2017-05-17 09:06 3263744 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\1029\MSOINTL.DLL
2017-05-16 10:40 . 2017-05-16 10:40 26941184 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2017-05-16 10:36 . 2017-05-16 10:36 8494784 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msolap110_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 74758336 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmdlocal_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 278208 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrw_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 21070528 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmsrv_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 196800 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\xmlrwbin_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 11484864 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\msmgdsrv_xl.dll
2017-05-16 10:36 . 2017-05-16 10:36 37551360 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2017-05-16 01:06 . 2017-05-16 01:06 650944 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.AdomdClient.dll
2017-05-16 01:06 . 2017-05-16 01:06 1482432 ----a-w- c:\program files\Common Files\Microsoft Shared\OFFICE15\DataModel\Microsoft.Excel.Amo.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-06-14 04:25 . 2017-03-17 07:58 34128 ----a-w- c:\windows\system32\drivers\avusbflt.sys
2017-06-14 04:25 . 2017-03-17 07:58 185032 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2017-06-14 04:25 . 2017-03-17 07:58 149976 ----a-w- c:\windows\system32\drivers\avipbb.sys
2017-06-14 03:31 . 2016-05-12 20:23 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-06-14 03:31 . 2016-05-12 20:23 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-06-14 01:10 . 2016-05-12 09:13 133627792 -c--a-w- c:\windows\system32\MRT.exe
2017-05-21 04:24 . 2017-06-14 00:27 345600 ----a-w- c:\windows\system32\schannel.dll
2017-05-21 04:24 . 2017-06-14 00:27 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-05-21 04:06 . 2017-06-14 00:27 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-05-21 04:06 . 2017-06-14 00:27 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-05-18 07:33 . 2017-01-26 01:53 1951 ----a-w- c:\windows\NvTelemetryContainerRecovery.bat
2017-05-18 07:33 . 2016-10-28 23:44 406736 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-05-18 07:33 . 2016-10-21 15:24 491208 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-05-18 07:33 . 2016-10-21 15:24 4090016 ----a-w- c:\windows\system32\nvapi64.dll
2017-05-18 07:33 . 2016-09-04 17:14 3603672 ----a-w- c:\windows\SysWow64\nvapi.dll
2017-05-18 07:33 . 2016-05-11 20:17 170360 ----a-w- c:\windows\system32\nvinitx.dll
2017-05-18 07:33 . 2016-05-11 20:17 148200 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-05-18 05:55 . 2016-10-12 23:58 1951 ----a-w- c:\windows\NvContainerRecovery.bat
2017-05-18 05:48 . 2016-05-11 20:25 6437824 ----a-w- c:\windows\system32\nvcpl.dll
2017-05-18 05:48 . 2016-05-11 20:25 2479736 ----a-w- c:\windows\system32\nvsvc64.dll
2017-05-18 05:48 . 2016-05-11 20:25 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2017-05-18 05:48 . 2016-05-11 20:25 69752 ----a-w- c:\windows\system32\nvshext.dll
2017-05-18 05:48 . 2016-05-11 20:25 548984 ----a-w- c:\windows\system32\nv3dappshext.dll
2017-05-18 05:48 . 2016-05-11 20:25 392312 ----a-w- c:\windows\system32\nvmctray.dll
2017-05-18 05:48 . 2016-05-11 20:25 1762936 ----a-w- c:\windows\system32\nvsvcr.dll
2017-05-18 05:48 . 2016-05-11 20:25 146880 ----a-w- c:\windows\SysWow64\oemdspif.dll
2017-05-16 18:09 . 2016-05-11 20:25 7993157 ----a-w- c:\windows\system32\nvcoproc.bin
2017-05-12 18:03 . 2017-06-14 00:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1893496 ----a-w- c:\windows\system32\nvspcap64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1477240 ----a-w- c:\windows\SysWow64\nvspcap.dll
2017-05-03 20:21 . 2016-10-13 00:00 121464 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1755256 ----a-w- c:\windows\system32\nvspbridge64.dll
2017-05-03 20:21 . 2016-10-13 00:00 1317496 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2017-05-01 22:32 . 2017-05-08 21:53 1988032 ----a-w- c:\windows\system32\nvdispco6438205.dll
2017-05-01 22:32 . 2017-05-08 21:53 1589696 ----a-w- c:\windows\system32\nvdispgenco6438205.dll
2017-04-21 15:34 . 2017-05-10 17:41 1133568 ----a-w- c:\windows\system32\cdosys.dll
2017-04-21 15:15 . 2017-05-10 17:41 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2017-04-20 01:57 . 2017-04-26 10:16 1988216 ----a-w- c:\windows\system32\nvdispco6438189.dll
2017-04-20 01:57 . 2017-04-26 10:16 1589880 ----a-w- c:\windows\system32\nvdispgenco6438189.dll
2017-04-17 15:37 . 2017-05-10 17:41 512000 ----a-w- c:\windows\system32\rpcss.dll
2017-04-17 15:37 . 2017-05-10 17:41 2065408 ----a-w- c:\windows\system32\ole32.dll
2017-04-17 15:37 . 2017-05-10 17:41 876544 ----a-w- c:\windows\system32\oleaut32.dll
2017-04-17 15:37 . 2017-05-10 17:41 26112 ----a-w- c:\windows\system32\oleres.dll
2017-04-17 15:37 . 2017-05-10 17:41 8704 ----a-w- c:\windows\system32\comcat.dll
2017-04-17 15:12 . 2017-05-10 17:41 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2017-04-17 15:12 . 2017-05-10 17:41 1417728 ----a-w- c:\windows\SysWow64\ole32.dll
2017-04-17 15:12 . 2017-05-10 17:41 26112 ----a-w- c:\windows\SysWow64\oleres.dll
2017-04-17 14:54 . 2017-05-10 17:41 7168 ----a-w- c:\windows\SysWow64\comcat.dll
2017-04-12 15:32 . 2017-05-10 17:41 229376 ----a-w- c:\windows\system32\wintrust.dll
2017-04-12 15:32 . 2017-05-10 17:41 1483776 ----a-w- c:\windows\system32\crypt32.dll
2017-04-12 15:32 . 2017-05-10 17:41 190976 ----a-w- c:\windows\system32\cryptsvc.dll
2017-04-12 15:32 . 2017-05-10 17:41 141824 ----a-w- c:\windows\system32\cryptnet.dll
2017-04-12 15:26 . 2017-05-10 17:41 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2017-04-12 15:25 . 2017-05-10 17:41 1176064 ----a-w- c:\windows\SysWow64\crypt32.dll
2017-04-12 15:25 . 2017-05-10 17:41 145920 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2017-04-12 15:25 . 2017-05-10 17:41 106496 ----a-w- c:\windows\SysWow64\cryptnet.dll
2017-04-07 15:34 . 2017-05-10 17:41 986856 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2017-04-07 15:34 . 2017-05-10 17:41 265448 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2017-04-07 15:30 . 2017-05-10 17:41 144384 ----a-w- c:\windows\system32\cdd.dll
2017-04-05 14:55 . 2017-05-10 17:41 460800 ----a-w- c:\windows\system32\drivers\srv.sys
2017-04-05 14:55 . 2017-05-10 17:41 405504 ----a-w- c:\windows\system32\drivers\srv2.sys
2017-04-05 14:55 . 2017-05-10 17:41 168960 ----a-w- c:\windows\system32\drivers\srvnet.sys
2017-04-04 15:34 . 2017-05-10 17:41 1895656 ----a-w- c:\windows\system32\drivers\tcpip.sys
2017-04-04 15:34 . 2017-05-10 17:41 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2017-04-04 15:34 . 2017-05-10 17:41 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2017-04-04 14:53 . 2017-05-10 17:41 496128 ----a-w- c:\windows\system32\drivers\afd.sys
2017-04-01 03:20 . 2017-04-07 10:06 1988032 ----a-w- c:\windows\system32\nvdispco6438165.dll
2017-04-01 03:20 . 2017-04-07 10:06 1591352 ----a-w- c:\windows\system32\nvdispgenco6438165.dll
2017-04-01 00:41 . 2017-04-07 10:06 76840 ----a-w- c:\windows\system32\drivers\nvvhci.sys
2017-03-26 18:33 . 2017-03-26 18:33 28344 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2017-03-26 18:33 . 2017-03-26 18:33 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2017-03-26 18:29 . 2017-03-26 18:29 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2017-03-17 00:59 . 2017-04-02 10:00 1983424 ----a-w- c:\windows\system32\nvdispco6437892.dll
2017-03-17 00:59 . 2017-04-02 10:00 1589696 ----a-w- c:\windows\system32\nvdispgenco6437892.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2017-02-23 07:34 1743664 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2017-02-23 07:34 1743664 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2017-02-23 07:34 1743664 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2017-06-08 3042592]
"DAEMON Tools Lite Automount"="c:\program files\DAEMON Tools Lite\DTAgent.exe" [2016-06-22 4299968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2017-05-22 97512]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2017-06-14 918008]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-20 507744]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2012-7-2 1391480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
R2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wdm_usb;wdm_usb;c:\windows\system32\DRIVERS\usb2ser.sys;c:\windows\SYSNATIVE\DRIVERS\usb2ser.sys [x]
R4 Mobizen plugin;Mobizen plugin;c:\program files (x86)\RSUPPORT\MobizenService\MobizenService.exe;c:\program files (x86)\RSUPPORT\MobizenService\MobizenService.exe [x]
S0 avdevprot;avdevprot;c:\windows\system32\DRIVERS\avdevprot.sys;c:\windows\SYSNATIVE\DRIVERS\avdevprot.sys [x]
S0 avusbflt;avusbflt;c:\windows\System32\Drivers\avusbflt.sys;c:\windows\SYSNATIVE\Drivers\avusbflt.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe;c:\program files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-06-10 00:41 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-06-10 00:41 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-06-10 00:41 491184 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-12-15 564352]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2016-05-11 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2016-05-11 6202416]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2015-06-01 183216]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2017-05-03 1893496]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2011-12-06 1654400]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-06-12 15510672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-MBAMService
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{38602f72-a7f8-456b-84e5-6e200dc99917} - c:\programdata\Package Cache\{38602f72-a7f8-456b-84e5-6e200dc99917}\VC_redist.x86.exe
AddRemove-{b9b31169-be62-4b82-9e65-d47c99299ba1} - c:\programdata\Package Cache\{b9b31169-be62-4b82-9e65-d47c99299ba1}\Avira.OE.Setup.Bundle.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
AddRemove-{dab68466-3a7d-41a8-a5cf-415e3ff8ef71} - c:\programdata\Package Cache\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}\VC_redist.x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_26_0_0_126_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_26_0_0_126_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
c:\program files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
.
**************************************************************************
.
Celkový čas: 2017-06-15 00:56:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-06-14 22:56
ComboFix2.txt 2017-06-14 08:06
.
Před spuštěním: Volných bajtů: 72 236 609 536
Po spuštění: Volných bajtů: 64 591 831 040
.
- - End Of File - - 7D059BDABA104091D08650CE5BC90423
A36C5E4F47E84449FF07ED3517B43A31

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-06-15 00:59:50
-----------------------------
00:59:50.356 OS Version: Windows x64 6.1.7601 Service Pack 1
00:59:50.357 Number of processors: 4 586 0x2A07
00:59:50.363 ComputerName: MILACEK UserName: Jarda
00:59:59.454 Initialize success
00:59:59.921 VM: initialized successfully
00:59:59.922 VM: Intel CPU BiosDisabled
01:00:24.282 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
01:00:24.285 Disk 0 Vendor: ST500LT012-1DG142 0001SDM1 Size: 476940MB BusType: 11
01:00:24.754 Disk 0 MBR read successfully
01:00:24.763 Disk 0 MBR scan
01:00:24.770 Disk 0 Windows 7 default MBR code
01:00:24.807 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
01:00:24.814 Disk 0 Boot: NTFS code=2
01:00:24.871 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
01:00:25.381 Disk 0 scanning C:\Windows\system32\drivers
01:02:02.493 Service scanning
01:02:58.321 Modules scanning
01:02:58.339 Disk 0 trace - called modules:
01:02:58.699 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
01:02:58.710 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e82060]
01:02:58.721 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80077e3060]
01:02:58.733 Disk 0 statistics 98442/0/0 @ 0,58 MB/s
01:02:58.739 Scan finished successfully
01:03:51.273 Disk 0 MBR has been saved successfully to "C:\Users\Jarda\Desktop\MBR.dat"
01:03:51.287 The log file has been saved successfully to "C:\Users\Jarda\Desktop\aswMBR.txt"

https://www.virustotal.com/cs/file/e521 ... 497482269/

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

# DelFix v1.013 - Logfile created 15/06/2017 at 13:42:19
# Updated 17/04/2016 by Xplode
# Username : Jarda - MILACEK
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Jarda\Desktop\AdwCleaner.exe
Deleted : C:\Users\Jarda\Desktop\JRT.exe
Deleted : C:\Users\Jarda\Desktop\JRT.txt
Deleted : C:\Users\Jarda\Desktop\MBR.dat
Deleted : C:\Users\Jarda\Desktop\RogueKiller_portable64.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #199 [ComboFix created restore point | 06/15/2017 11:28:29]

New restore point created !

########## - EOF - ##########

Problémy se zatím žádné neprojevili.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Děkuju :)

PC-HELP.CZ

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu Vyřešeno