Prosím o kontrolu logu

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Reklama]

[Msic]

HJT Fixnuto. Zemana AntiMalware našlo jednu věc, viz obrázek, dal jsem next a program sám opravil.

Zemana AntiMalware 2.70.2.591 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2017.1.30
Operating System : Windows 7 64-bit
Processor : 4X AMD Phenom(tm) II X4 965 Processor
BIOS Mode : Legacy
CUID : 125B9357BEF3950969081B
Scan Type : System Scan
Duration : 7m 38s
Scanned Objects : 98447
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Trojan:Win32/Poweliks
Status : Scanned
Object : %systemroot%\system32\tasks\{8336d7ae-0af8-4c41-b484-5cb0c2e96219}|c:\program files (x86)\internet explorer\iexplore.exe
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Fileless Malware
Cleaning Action : Delete
Related Objects :
Scheduled Task - C:\Windows\System32\Tasks\{8336D7AE-0AF8-4C41-B484-5CB0C2E96219}


Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0

[Msic]

ComboFix 17-01-29.01 - Michal 30.01.2017 10:21:07.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8189.6285 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: ESET Smart Security 9.0.407.0 *Disabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Personální firewall *Disabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
SP: ESET Smart Security 9.0.407.0 *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-12-28 do 2017-01-30 )))))))))))))))))))))))))))))))
.
.
2017-01-30 09:26 . 2017-01-30 09:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-01-30 09:05 . 2017-01-30 09:05 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2017-01-30 09:05 . 2017-01-30 09:05 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2017-01-30 09:05 . 2017-01-30 09:05 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-01-30 09:05 . 2017-01-30 09:05 -------- d-----w- c:\users\Michal\AppData\Local\Zemana
2017-01-29 22:39 . 2017-01-29 22:39 -------- d-----w- c:\users\Michal\AppData\Local\VirtualStore
2017-01-29 22:27 . 2017-01-30 09:26 -------- d-----w- c:\users\Michal\AppData\Local\Temp
2017-01-29 22:27 . 2017-01-29 22:14 24064 ----a-w- c:\windows\zoek-delete.exe
2017-01-29 22:14 . 2017-01-29 22:25 -------- d-----w- C:\zoek_backup
2017-01-29 11:14 . 2017-01-29 21:51 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-01-29 11:13 . 2017-01-29 21:48 -------- d-----w- c:\programdata\RogueKiller
2017-01-29 10:06 . 2017-01-29 10:06 -------- d-----w- c:\programdata\Sophos
2017-01-29 10:06 . 2017-01-29 10:06 -------- d-----w- c:\program files (x86)\Sophos
2017-01-28 23:10 . 2017-01-29 09:56 -------- d-----w- C:\AdwCleaner
2017-01-27 13:16 . 2017-01-27 13:16 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35B64DC3-A3EC-478A-A1FF-A79A5BC5910C}\offreg.4008.dll
2017-01-27 12:52 . 2016-12-30 22:43 12229912 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35B64DC3-A3EC-478A-A1FF-A79A5BC5910C}\mpengine.dll
2017-01-22 17:35 . 2017-01-22 17:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2017-01-20 14:05 . 2017-01-20 14:05 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2017-01-20 13:55 . 2017-01-20 13:55 -------- d-----w- c:\users\Michal\AppData\Local\PunkBuster
2017-01-19 22:42 . 2017-01-19 22:42 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2017-01-19 22:39 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2017-01-19 22:38 . 2008-05-30 13:11 540688 ----a-w- c:\windows\system32\d3dx10_38.dll
2017-01-11 11:27 . 2017-01-05 18:55 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-04 23:46 . 2017-01-04 23:51 -------- d-----w- c:\users\Michal\AppData\Roaming\Apple Computer
2017-01-04 23:46 . 2017-01-04 23:46 -------- d-----w- c:\users\Michal\AppData\Local\Apple Computer
2017-01-04 23:45 . 2017-01-04 23:45 -------- d-----w- c:\program files\iPod
2017-01-04 23:45 . 2017-01-04 23:46 -------- d-----w- c:\program files\iTunes
2017-01-04 23:45 . 2017-01-04 23:45 -------- d-----w- c:\programdata\Apple Computer
2017-01-04 23:45 . 2017-01-04 23:45 -------- d-----w- c:\users\Michal\AppData\Local\Apple
2017-01-04 23:44 . 2017-01-04 23:44 -------- d-----w- c:\program files (x86)\Apple Software Update
2017-01-04 23:44 . 2017-01-04 23:44 -------- d-----w- c:\program files\Bonjour
2017-01-04 23:44 . 2017-01-04 23:44 -------- d-----w- c:\program files (x86)\Bonjour
2017-01-04 23:44 . 2017-01-04 23:45 -------- d-----w- c:\program files\Common Files\Apple
2017-01-04 23:43 . 2017-01-04 23:44 -------- d-----w- c:\programdata\Apple
2017-01-04 23:43 . 2017-01-04 23:44 -------- d-----w- c:\program files (x86)\Common Files\Apple
2017-01-01 16:05 . 2017-01-01 16:05 -------- d-----w- c:\users\Michal\AppData\Roaming\AMD
2017-01-01 16:05 . 2017-01-01 16:05 -------- d-----w- c:\users\Michal\AppData\Roaming\java
2017-01-01 15:16 . 2017-01-24 17:23 -------- d-----w- c:\users\Michal\AppData\Roaming\.minecraft
2017-01-01 15:15 . 2017-01-22 17:35 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2017-01-01 15:15 . 2017-01-22 17:36 -------- d-----w- c:\programdata\Oracle
2017-01-01 15:15 . 2017-01-22 17:36 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-28 23:17 . 2016-09-01 14:07 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-01-11 22:58 . 2016-11-29 17:10 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-01-11 22:58 . 2016-11-29 17:10 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-01-11 13:50 . 2016-09-06 20:00 135657872 -c--a-w- c:\windows\system32\MRT.exe
2017-01-05 18:52 . 2017-01-11 11:27 345600 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 18:52 . 2017-01-11 11:27 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 11:27 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-01-05 17:43 . 2017-01-11 11:27 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-11-21 18:12 . 2016-12-14 13:31 109568 ----a-w- c:\windows\system32\hlink.dll
2016-11-20 16:19 . 2016-12-14 13:31 84992 ----a-w- c:\windows\SysWow64\hlink.dll
2016-11-20 14:07 . 2016-12-14 13:31 467392 ----a-w- c:\windows\system32\drivers\cng.sys
2016-11-17 16:41 . 2016-12-14 13:31 370920 ----a-w- c:\windows\system32\clfs.sys
2016-11-16 18:40 . 2016-11-16 18:40 61568 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-11-16 18:40 . 2016-11-16 18:40 153216 ----a-w- c:\windows\system32\drivers\ekbdflt.sys
2016-11-16 18:40 . 2015-11-20 11:21 84616 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2016-11-16 18:40 . 2015-11-20 11:21 262792 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-11-16 18:40 . 2015-11-20 11:21 208520 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-11-16 18:40 . 2015-11-20 11:21 197248 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2016-11-14 23:27 . 2016-12-14 13:31 394448 ----a-w- c:\windows\system32\iedkcs32.dll
2016-11-13 21:24 . 2016-11-13 21:24 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2016-11-13 21:24 . 2016-11-13 21:24 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2016-11-13 21:24 . 2016-11-13 21:24 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2016-11-13 21:24 . 2016-11-13 21:24 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2016-11-12 19:48 . 2016-12-14 13:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-11-12 19:48 . 2016-12-14 13:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-11-12 19:28 . 2016-12-14 13:31 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-11-12 19:26 . 2016-12-14 13:31 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-11-12 19:26 . 2016-12-14 13:31 417792 ----a-w- c:\windows\system32\html.iec
2016-11-12 19:25 . 2016-12-14 13:31 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-11-12 19:25 . 2016-12-14 13:31 576000 ----a-w- c:\windows\system32\vbscript.dll
2016-11-12 19:21 . 2016-12-14 13:31 2896384 ----a-w- c:\windows\system32\iertutil.dll
2016-11-12 19:15 . 2016-12-14 13:31 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-11-12 19:14 . 2016-12-14 13:31 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-11-12 19:09 . 2016-12-14 13:31 615936 ----a-w- c:\windows\system32\ieui.dll
2016-11-12 19:08 . 2016-12-14 13:31 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-11-12 19:08 . 2016-12-14 13:31 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-11-12 19:08 . 2016-12-14 13:31 25759744 ----a-w- c:\windows\system32\mshtml.dll
2016-11-12 19:07 . 2016-12-14 13:31 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-11-12 19:07 . 2016-12-14 13:31 817664 ----a-w- c:\windows\system32\jscript.dll
2016-11-12 18:56 . 2016-12-14 13:31 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-11-12 18:53 . 2016-12-14 13:31 6049280 ----a-w- c:\windows\system32\jscript9.dll
2016-11-12 18:52 . 2016-12-14 13:31 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-11-12 18:47 . 2016-12-14 13:31 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-11-12 18:41 . 2016-12-14 13:31 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-11-12 18:40 . 2016-12-14 13:31 107520 ----a-w- c:\windows\system32\inseng.dll
2016-11-12 18:35 . 2016-12-14 13:31 199680 ----a-w- c:\windows\system32\msrating.dll
2016-11-12 18:34 . 2016-12-14 13:31 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-11-12 18:31 . 2016-12-14 13:31 315392 ----a-w- c:\windows\system32\dxtrans.dll
2016-11-12 18:30 . 2016-12-14 13:31 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-11-12 18:29 . 2016-12-14 13:31 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-11-12 18:29 . 2016-12-14 13:31 498688 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-11-12 18:29 . 2016-12-14 13:31 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-11-12 18:28 . 2016-12-14 13:31 152064 ----a-w- c:\windows\system32\occache.dll
2016-11-12 18:27 . 2016-12-14 13:31 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-11-12 18:14 . 2016-12-14 13:31 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-11-12 18:14 . 2016-12-14 13:31 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-11-12 18:14 . 2016-12-14 13:31 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-11-12 18:11 . 2016-12-14 13:31 725504 ----a-w- c:\windows\system32\ie4uinit.exe
2016-11-12 18:10 . 2016-12-14 13:31 806912 ----a-w- c:\windows\system32\msfeeds.dll
2016-11-12 18:08 . 2016-12-14 13:31 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-11-12 18:08 . 2016-12-14 13:31 2131456 ----a-w- c:\windows\system32\inetcpl.cpl
2016-11-12 17:57 . 2016-12-14 13:31 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-11-12 17:41 . 2016-12-14 13:31 15257088 ----a-w- c:\windows\system32\ieframe.dll
2016-11-12 17:37 . 2016-12-14 13:31 4608000 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-11-12 17:36 . 2016-12-14 13:31 2055680 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-11-12 17:36 . 2016-12-14 13:31 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-11-12 17:35 . 2016-12-14 13:31 2920960 ----a-w- c:\windows\system32\wininet.dll
2016-11-12 17:20 . 2016-12-14 13:31 1543680 ----a-w- c:\windows\system32\urlmon.dll
2016-11-12 17:11 . 2016-12-14 13:31 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-11-12 17:05 . 2016-12-14 13:31 2444800 ----a-w- c:\windows\SysWow64\wininet.dll
2016-11-10 16:32 . 2016-12-14 13:31 1009152 ----a-w- c:\windows\system32\user32.dll
2016-11-10 16:19 . 2016-12-14 13:31 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-11-09 16:41 . 2016-12-14 13:31 114408 ----a-w- c:\windows\system32\consent.exe
2016-11-09 16:33 . 2016-12-14 13:31 2048 ----a-w- c:\windows\system32\tzres.dll
2016-11-09 16:33 . 2016-12-14 13:31 3244032 ----a-w- c:\windows\system32\msi.dll
2016-11-09 16:33 . 2016-12-14 13:31 504320 ----a-w- c:\windows\system32\msihnd.dll
2016-11-09 16:33 . 2016-12-14 13:31 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-11-09 16:33 . 2016-12-14 13:31 1941504 ----a-w- c:\windows\system32\authui.dll
2016-11-09 16:33 . 2016-12-14 13:31 70144 ----a-w- c:\windows\system32\appinfo.dll
2016-11-09 16:17 . 2016-12-14 13:31 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-11-09 16:17 . 2016-12-14 13:31 2365440 ----a-w- c:\windows\SysWow64\msi.dll
2016-11-09 16:17 . 2016-12-14 13:31 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2016-11-09 16:17 . 2016-12-14 13:31 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2016-11-09 16:17 . 2016-12-14 13:31 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-11-09 16:02 . 2016-12-14 13:31 128512 ----a-w- c:\windows\system32\msiexec.exe
2016-11-09 15:55 . 2016-12-14 13:31 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2016-11-06 16:33 . 2016-12-14 13:31 404992 ----a-w- c:\windows\system32\gdi32.dll
2016-11-06 16:16 . 2016-12-14 13:31 312832 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-11-06 16:01 . 2016-12-14 13:31 3219456 ----a-w- c:\windows\system32\win32k.sys
2016-11-02 15:36 . 2016-11-09 14:52 382696 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 15:32 . 2016-11-09 14:51 41472 ----a-w- c:\windows\system32\lpk.dll
2016-11-02 15:32 . 2016-11-09 14:51 100864 ----a-w- c:\windows\system32\fontsub.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-12-06 9288408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2016-11-04 596640]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 PlaysService;Plays.tv Update Service;c:\program files (x86)\Raptr Inc\PlaysTV\plays_service.exe;c:\program files (x86)\Raptr Inc\PlaysTV\plays_service.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ZAM
*NewlyCreated* - ZAM_GUARD
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2017-01-29 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11 22:58]
.
2017-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-29 22:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-06-18 14021336]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-01-23 14188272]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = *.local
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 83.240.0.215 83.240.0.136
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{23658c02-145e-483d-ba6b-1eb82c580529} - c:\programdata\Package Cache\{23658c02-145e-483d-ba6b-1eb82c580529}\VC_redist.x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f} - c:\programdata\Package Cache\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}\VC_redist.x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG19.00.00.01PROFESSIONAL"="E2FD3BB263684C553F490ACEB723C7D6E72AB832167E3DACD5BC560EC8EBDEAD54BC6056AAFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB34529DB7CE019D40AA5C5D575E7D6A3B9808A6A0AC4980AC79339F473E38F88145F7654C8B276CA71284CDA8615CB36EFC45C00FEEFCD9458847CF01848FD3A79CB74D12525302AAEA3A30366C26F69619D9C5AA27F797104909BBE2BCD88351E62F6F0E4607D67A42C59527861BB3E68B882B1DFCBC9F1788353FFBD5E7AC302F5504B91D45FC81FB21B2FD47110821AAECC1110D0FBC97B1A6694212146897976575F1DB18F8CB8C08EF211CE1862DE1628E964A3CAEEF45FBF90C093844825561E4F8DF8AC60CFEFDEADA476A3794AF8D4C21F911ABA6561BE918A3B5BF0B310D2473D82D5419F1C5F2D85A0D9487A952E60635DF59600F276485A36F52F40A6F3B6B4A17826B17E90E2EC1300D59F45D01046A01546BAA0FC4D8194CE2A34FD565CE8C5FA7A1B438F1D0383B057ECD1B6F385BCE2EB5797F2079EBB94F20874F936DC9A18DFDA4BF8D1CCD1DD29483BD3D271E27E8D4DEEB3CB5D525E7964B31E7FC03007266D6D7814DE8C7C059F83D27371BECFC80558C943DE704F259C892B9988C1E09E2CB18A008C1B00FAF26D01DB49286D713675C55A382CCA9DCBFD0163B0DA577241C5E74D065D06F9E1578C64E935FD78E3699E363DDFB373A078ABBC881C356FAEECABA9433270AD0E5767C18066551957547545605913EAE07A69D85B727B45C0544612062347A95CCD04C88A28B8C706EAEF23ED510D2193D49E31AD4069463AE738EA479FDCEE08E50F7FC7649468A7BD7BDBE8300FD00B9616A1451186C4D54C49ABBD68E89C6880574B26597ADF40F15E56214EBBD0CA41F3FE5779A257C6EE992DD2AF222042A406B4DA3F667E12C775492E2E4820B34F4276468CE1DF50C573669783C84F7F498BA563BE70BAA6BD52222207D31EBB81D1A4996F72664CFC679219B028E2481E673360AF224CA794D9D434BCDA3C5119242B14B5E8795EF35852BBE5C13B07A4B5BBEC2A13362153CCA11BE72A54FB295809EA0D1F97C356438126369DA6720A56CA2E883ACB494C45E052309F86728A9E6F6879EABAC805820455E4B9F38441E53F7592A78A9DE4FC3027736D20D8E983F02C29DBF6242DA0315592710B54F9DF1BB3F2E714EF0851A4B8EA2DB6795EC02ED6BA34B7901F9D7B8CEA6D0953DD25E4D1D2769D05BD8B2898FF7B0BD04F7614C6C90587556854D4C127676B41BB0616FC936A30741F914C87568637DB24CBF14864365FA729343CB46C98E910D6B78C9ECFD57E75BE179790E2478378FC4349B4C20E35516FB4C1B645616CDCBFD556707A3320EF64BD1707C6668201A7B0B2325"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2017-01-30 10:28:17
ComboFix-quarantined-files.txt 2017-01-30 09:28
.
Před spuštěním: Volných bajtů: 174 380 732 416
Po spuštění: Volných bajtů: 173 964 316 672
.
- - End Of File - - 60CD1E84D0304B5D3155D159F6598E9C
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
c:\windows\Tasks\Adobe Flash Player Updater.job

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

DDS::
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = *.local

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.


Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Msic]

ComboFix 17-01-29.01 - Michal 30.01.2017 18:47:38.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8189.6580 [GMT 1:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michal\Desktop\CFScript.txt
AV: ESET Smart Security 9.0.407.0 *Disabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Personální firewall *Disabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
SP: ESET Smart Security 9.0.407.0 *Disabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-12-28 do 2017-01-30 )))))))))))))))))))))))))))))))
.
.
2017-01-30 09:05 . 2017-01-30 09:05 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2017-01-30 09:05 . 2017-01-30 09:05 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2017-01-30 09:05 . 2017-01-30 09:05 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-01-30 09:05 . 2017-01-30 09:05 -------- d-----w- c:\users\Michal\AppData\Local\Zemana
2017-01-29 22:39 . 2017-01-29 22:39 -------- d-----w- c:\users\Michal\AppData\Local\VirtualStore
2017-01-29 22:27 . 2017-01-30 17:55 -------- d-----w- c:\users\Michal\AppData\Local\Temp
2017-01-29 22:27 . 2017-01-29 22:14 24064 ----a-w- c:\windows\zoek-delete.exe
2017-01-29 22:14 . 2017-01-29 22:25 -------- d-----w- C:\zoek_backup
2017-01-29 11:14 . 2017-01-29 21:51 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-01-29 11:13 . 2017-01-29 21:48 -------- d-----w- c:\programdata\RogueKiller
2017-01-29 10:06 . 2017-01-29 10:06 -------- d-----w- c:\programdata\Sophos
2017-01-29 10:06 . 2017-01-29 10:06 -------- d-----w- c:\program files (x86)\Sophos
2017-01-28 23:10 . 2017-01-29 09:56 -------- d-----w- C:\AdwCleaner
2017-01-27 13:16 . 2017-01-27 13:16 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35B64DC3-A3EC-478A-A1FF-A79A5BC5910C}\offreg.4008.dll
2017-01-27 12:52 . 2016-12-30 22:43 12229912 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35B64DC3-A3EC-478A-A1FF-A79A5BC5910C}\mpengine.dll
2017-01-22 17:35 . 2017-01-22 17:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2017-01-20 14:05 . 2017-01-20 14:05 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2017-01-20 13:55 . 2017-01-20 13:55 -------- d-----w- c:\users\Michal\AppData\Local\PunkBuster
2017-01-19 22:42 . 2017-01-19 22:42 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2017-01-19 22:39 . 2009-09-04 16:44 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2017-01-19 22:38 . 2008-05-30 13:11 540688 ----a-w- c:\windows\system32\d3dx10_38.dll
2017-01-11 11:27 . 2017-01-05 18:55 95464 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2017-01-04 23:46 . 2017-01-04 23:51 -------- d-----w- c:\users\Michal\AppData\Roaming\Apple Computer
2017-01-04 23:46 . 2017-01-04 23:46 -------- d-----w- c:\users\Michal\AppData\Local\Apple Computer
2017-01-04 23:45 . 2017-01-04 23:45 -------- d-----w- c:\program files\iPod
2017-01-04 23:45 . 2017-01-04 23:46 -------- d-----w- c:\program files\iTunes
2017-01-04 23:45 . 2017-01-04 23:45 -------- d-----w- c:\programdata\Apple Computer
2017-01-04 23:45 . 2017-01-04 23:45 -------- d-----w- c:\users\Michal\AppData\Local\Apple
2017-01-04 23:44 . 2017-01-04 23:44 -------- d-----w- c:\program files (x86)\Apple Software Update
2017-01-04 23:44 . 2017-01-04 23:44 -------- d-----w- c:\program files\Bonjour
2017-01-04 23:44 . 2017-01-04 23:44 -------- d-----w- c:\program files (x86)\Bonjour
2017-01-04 23:44 . 2017-01-04 23:45 -------- d-----w- c:\program files\Common Files\Apple
2017-01-04 23:43 . 2017-01-04 23:44 -------- d-----w- c:\programdata\Apple
2017-01-04 23:43 . 2017-01-04 23:44 -------- d-----w- c:\program files (x86)\Common Files\Apple
2017-01-01 16:05 . 2017-01-01 16:05 -------- d-----w- c:\users\Michal\AppData\Roaming\AMD
2017-01-01 16:05 . 2017-01-01 16:05 -------- d-----w- c:\users\Michal\AppData\Roaming\java
2017-01-01 15:16 . 2017-01-24 17:23 -------- d-----w- c:\users\Michal\AppData\Roaming\.minecraft
2017-01-01 15:15 . 2017-01-22 17:35 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2017-01-01 15:15 . 2017-01-22 17:36 -------- d-----w- c:\programdata\Oracle
2017-01-01 15:15 . 2017-01-22 17:36 -------- d-----w- c:\program files\Java
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-01-28 23:17 . 2016-09-01 14:07 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-01-11 22:58 . 2016-11-29 17:10 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-01-11 22:58 . 2016-11-29 17:10 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-01-11 13:50 . 2016-09-06 20:00 135657872 -c--a-w- c:\windows\system32\MRT.exe
2017-01-05 18:52 . 2017-01-11 11:27 345600 ----a-w- c:\windows\system32\schannel.dll
2017-01-05 18:52 . 2017-01-11 11:27 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-01-05 17:43 . 2017-01-11 11:27 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-01-05 17:43 . 2017-01-11 11:27 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:27 . 2016-11-29 21:27 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-11-21 18:12 . 2016-12-14 13:31 109568 ----a-w- c:\windows\system32\hlink.dll
2016-11-20 16:19 . 2016-12-14 13:31 84992 ----a-w- c:\windows\SysWow64\hlink.dll
2016-11-20 14:07 . 2016-12-14 13:31 467392 ----a-w- c:\windows\system32\drivers\cng.sys
2016-11-17 16:41 . 2016-12-14 13:31 370920 ----a-w- c:\windows\system32\clfs.sys
2016-11-16 18:40 . 2016-11-16 18:40 61568 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2016-11-16 18:40 . 2016-11-16 18:40 153216 ----a-w- c:\windows\system32\drivers\ekbdflt.sys
2016-11-16 18:40 . 2015-11-20 11:21 84616 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2016-11-16 18:40 . 2015-11-20 11:21 262792 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-11-16 18:40 . 2015-11-20 11:21 208520 ----a-w- c:\windows\system32\drivers\epfw.sys
2016-11-16 18:40 . 2015-11-20 11:21 197248 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2016-11-14 23:27 . 2016-12-14 13:31 394448 ----a-w- c:\windows\system32\iedkcs32.dll
2016-11-13 21:24 . 2016-11-13 21:24 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2016-11-13 21:24 . 2016-11-13 21:24 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2016-11-13 21:24 . 2016-11-13 21:24 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2016-11-13 21:24 . 2016-11-13 21:24 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2016-11-12 19:48 . 2016-12-14 13:31 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-11-12 19:48 . 2016-12-14 13:31 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-11-12 19:28 . 2016-12-14 13:31 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-11-12 19:26 . 2016-12-14 13:31 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-11-12 19:26 . 2016-12-14 13:31 417792 ----a-w- c:\windows\system32\html.iec
2016-11-12 19:25 . 2016-12-14 13:31 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-11-12 19:25 . 2016-12-14 13:31 576000 ----a-w- c:\windows\system32\vbscript.dll
2016-11-12 19:21 . 2016-12-14 13:31 2896384 ----a-w- c:\windows\system32\iertutil.dll
2016-11-12 19:15 . 2016-12-14 13:31 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-11-12 19:14 . 2016-12-14 13:31 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-11-12 19:09 . 2016-12-14 13:31 615936 ----a-w- c:\windows\system32\ieui.dll
2016-11-12 19:08 . 2016-12-14 13:31 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2016-11-12 19:08 . 2016-12-14 13:31 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2016-11-12 19:08 . 2016-12-14 13:31 25759744 ----a-w- c:\windows\system32\mshtml.dll
2016-11-12 19:07 . 2016-12-14 13:31 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-11-12 19:07 . 2016-12-14 13:31 817664 ----a-w- c:\windows\system32\jscript.dll
2016-11-12 18:56 . 2016-12-14 13:31 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-11-12 18:53 . 2016-12-14 13:31 6049280 ----a-w- c:\windows\system32\jscript9.dll
2016-11-12 18:52 . 2016-12-14 13:31 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2016-11-12 18:47 . 2016-12-14 13:31 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-11-12 18:41 . 2016-12-14 13:31 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-11-12 18:40 . 2016-12-14 13:31 107520 ----a-w- c:\windows\system32\inseng.dll
2016-11-12 18:35 . 2016-12-14 13:31 199680 ----a-w- c:\windows\system32\msrating.dll
2016-11-12 18:34 . 2016-12-14 13:31 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-11-12 18:31 . 2016-12-14 13:31 315392 ----a-w- c:\windows\system32\dxtrans.dll
2016-11-12 18:30 . 2016-12-14 13:31 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-11-12 18:29 . 2016-12-14 13:31 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-11-12 18:29 . 2016-12-14 13:31 498688 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-11-12 18:29 . 2016-12-14 13:31 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-11-12 18:28 . 2016-12-14 13:31 152064 ----a-w- c:\windows\system32\occache.dll
2016-11-12 18:27 . 2016-12-14 13:31 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-11-12 18:14 . 2016-12-14 13:31 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-11-12 18:14 . 2016-12-14 13:31 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-11-12 18:14 . 2016-12-14 13:31 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-11-12 18:11 . 2016-12-14 13:31 725504 ----a-w- c:\windows\system32\ie4uinit.exe
2016-11-12 18:10 . 2016-12-14 13:31 806912 ----a-w- c:\windows\system32\msfeeds.dll
2016-11-12 18:08 . 2016-12-14 13:31 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2016-11-12 18:08 . 2016-12-14 13:31 2131456 ----a-w- c:\windows\system32\inetcpl.cpl
2016-11-12 17:57 . 2016-12-14 13:31 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-11-12 17:41 . 2016-12-14 13:31 15257088 ----a-w- c:\windows\system32\ieframe.dll
2016-11-12 17:37 . 2016-12-14 13:31 4608000 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-11-12 17:36 . 2016-12-14 13:31 2055680 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-11-12 17:36 . 2016-12-14 13:31 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-11-12 17:35 . 2016-12-14 13:31 2920960 ----a-w- c:\windows\system32\wininet.dll
2016-11-12 17:20 . 2016-12-14 13:31 1543680 ----a-w- c:\windows\system32\urlmon.dll
2016-11-12 17:11 . 2016-12-14 13:31 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-11-12 17:05 . 2016-12-14 13:31 2444800 ----a-w- c:\windows\SysWow64\wininet.dll
2016-11-10 16:32 . 2016-12-14 13:31 1009152 ----a-w- c:\windows\system32\user32.dll
2016-11-10 16:19 . 2016-12-14 13:31 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-11-09 16:41 . 2016-12-14 13:31 114408 ----a-w- c:\windows\system32\consent.exe
2016-11-09 16:33 . 2016-12-14 13:31 2048 ----a-w- c:\windows\system32\tzres.dll
2016-11-09 16:33 . 2016-12-14 13:31 3244032 ----a-w- c:\windows\system32\msi.dll
2016-11-09 16:33 . 2016-12-14 13:31 504320 ----a-w- c:\windows\system32\msihnd.dll
2016-11-09 16:33 . 2016-12-14 13:31 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-11-09 16:33 . 2016-12-14 13:31 1941504 ----a-w- c:\windows\system32\authui.dll
2016-11-09 16:33 . 2016-12-14 13:31 70144 ----a-w- c:\windows\system32\appinfo.dll
2016-11-09 16:17 . 2016-12-14 13:31 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-11-09 16:17 . 2016-12-14 13:31 2365440 ----a-w- c:\windows\SysWow64\msi.dll
2016-11-09 16:17 . 2016-12-14 13:31 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2016-11-09 16:17 . 2016-12-14 13:31 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2016-11-09 16:17 . 2016-12-14 13:31 1806848 ----a-w- c:\windows\SysWow64\authui.dll
2016-11-09 16:02 . 2016-12-14 13:31 128512 ----a-w- c:\windows\system32\msiexec.exe
2016-11-09 15:55 . 2016-12-14 13:31 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2016-11-06 16:33 . 2016-12-14 13:31 404992 ----a-w- c:\windows\system32\gdi32.dll
2016-11-06 16:16 . 2016-12-14 13:31 312832 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-11-06 16:01 . 2016-12-14 13:31 3219456 ----a-w- c:\windows\system32\win32k.sys
2016-11-02 15:36 . 2016-11-09 14:52 382696 ----a-w- c:\windows\system32\atmfd.dll
2016-11-02 15:32 . 2016-11-09 14:51 41472 ----a-w- c:\windows\system32\lpk.dll
2016-11-02 15:32 . 2016-11-09 14:51 100864 ----a-w- c:\windows\system32\fontsub.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-12-06 9288408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2016-11-04 596640]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2015-08-04 767176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 PlaysService;Plays.tv Update Service;c:\program files (x86)\Raptr Inc\PlaysTV\plays_service.exe;c:\program files (x86)\Raptr Inc\PlaysTV\plays_service.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.3;AODDriver4.3;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2017-01-29 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-11 22:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-06-18 14021336]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-01-23 14188272]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 83.240.0.215 83.240.0.136
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{050d4fc8-5d48-4b8f-8972-47c82c46020f} - c:\programdata\Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
AddRemove-{23658c02-145e-483d-ba6b-1eb82c580529} - c:\programdata\Package Cache\{23658c02-145e-483d-ba6b-1eb82c580529}\VC_redist.x86.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f} - c:\programdata\Package Cache\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}\VC_redist.x64.exe
AddRemove-{f65db027-aff3-4070-886a-0d87064aabb1} - c:\programdata\Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG19.00.00.01PROFESSIONAL"="E2FD3BB263684C553F490ACEB723C7D6E72AB832167E3DACD5BC560EC8EBDEAD54BC6056AAFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CC038D530D6EB34529DB7CE019D40AA5C5D575E7D6A3B9808A6A0AC4980AC79339F473E38F88145F7654C8B276CA71284CDA8615CB36EFC45C00FEEFCD9458847CF01848FD3A79CB74D12525302AAEA3A30366C26F69619D9C5AA27F797104909BBE2BCD88351E62F6F0E4607D67A42C59527861BB3E68B882B1DFCBC9F1788353FFBD5E7AC302F5504B91D45FC81FB21B2FD47110821AAECC1110D0FBC97B1A6694212146897976575F1DB18F8CB8C08EF211CE1862DE1628E964A3CAEEF45FBF90C093844825561E4F8DF8AC60CFEFDEADA476A3794AF8D4C21F911ABA6561BE918A3B5BF0B310D2473D82D5419F1C5F2D85A0D9487A952E60635DF59600F276485A36F52F40A6F3B6B4A17826B17E90E2EC1300D59F45D01046A01546BAA0FC4D8194CE2A34FD565CE8C5FA7A1B438F1D0383B057ECD1B6F385BCE2EB5797F2079EBB94F20874F936DC9A18DFDA4BF8D1CCD1DD29483BD3D271E27E8D4DEEB3CB5D525E7964B31E7FC03007266D6D7814DE8C7C059F83D27371BECFC80558C943DE704F259C892B9988C1E09E2CB18A008C1B00FAF26D01DB49286D713675C55A382CCA9DCBFD0163B0DA577241C5E74D065D06F9E1578C64E935FD78E3699E363DDFB373A078ABBC881C356FAEECABA9433270AD0E5767C18066551957547545605913EAE07A69D85B727B45C0544612062347A95CCD04C88A28B8C706EAEF23ED510D2193D49E31AD4069463AE738EA479FDCEE08E50F7FC7649468A7BD7BDBE8300FD00B9616A1451186C4D54C49ABBD68E89C6880574B26597ADF40F15E56214EBBD0CA41F3FE5779A257C6EE992DD2AF222042A406B4DA3F667E12C775492E2E4820B34F4276468CE1DF50C573669783C84F7F498BA563BE70BAA6BD52222207D31EBB81D1A4996F72664CFC679219B028E2481E673360AF224CA794D9D434BCDA3C5119242B14B5E8795EF35852BBE5C13B07A4B5BBEC2A13362153CCA11BE72A54FB295809EA0D1F97C356438126369DA6720A56CA2E883ACB494C45E052309F86728A9E6F6879EABAC805820455E4B9F38441E53F7592A78A9DE4FC3027736D20D8E983F02C29DBF6242DA0315592710B54F9DF1BB3F2E714EF0851A4B8EA2DB6795EC02ED6BA34B7901F9D7B8CEA6D0953DD25E4D1D2769D05BD8B2898FF7B0BD04F7614C6C90587556854D4C127676B41BB0616FC936A30741F914C87568637DB24CBF14864365FA729343CB46C98E910D6B78C9ECFD57E75BE179790E2478378FC4349B4C20E35516FB4C1B645616CDCBFD556707A3320EF64BD1707C6668201A7B0B2325"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2017-01-30 18:58:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2017-01-30 17:58
ComboFix2.txt 2017-01-30 09:28
.
Před spuštěním: Volných bajtů: 173 481 844 736
Po spuštění: Volných bajtů: 172 980 760 576
.
- - End Of File - - FB30B9631AAE6009568834294662AFBB
A36C5E4F47E84449FF07ED3517B43A31

[Msic]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:01:11, on 30.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Users\Michal\Downloads\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 6391 bytes

[Msic]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-01-30 18:59:24
-----------------------------
18:59:24.699 OS Version: Windows x64 6.1.7601 Service Pack 1
18:59:24.699 Number of processors: 4 586 0x403
18:59:24.699 ComputerName: MICHAL-PC UserName: Michal
18:59:26.164 Initialize success
18:59:26.281 VM: initialized successfully
18:59:26.282 VM: Amd CPU BiosDisabled
18:59:43.425 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
18:59:43.433 Disk 0 Vendor: ST350041 CC38 Size: 476940MB BusType: 11
18:59:43.494 Disk 0 MBR read successfully
18:59:43.499 Disk 0 MBR scan
18:59:43.505 Disk 0 Windows 7 default MBR code
18:59:43.540 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476487 MB offset 2048
18:59:43.549 Disk 0 default boot code
18:59:43.580 Disk 0 Partition 2 00 27 Hidden NTFS WinRE NTFS 450 MB offset 975847424
18:59:43.688 Disk 0 scanning C:\Windows\system32\drivers
18:59:49.390 Service scanning
18:59:53.476 Service ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys **LOCKED** 5
18:59:53.593 Service ekbdflt C:\Windows\system32\DRIVERS\ekbdflt.sys **LOCKED** 5
18:59:53.766 Service epfw C:\Windows\system32\DRIVERS\epfw.sys **LOCKED** 5
18:59:53.821 Service EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys **LOCKED** 5
18:59:53.863 Service epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys **LOCKED** 5
19:00:00.096 Modules scanning
19:00:00.110 Disk 0 trace - called modules:
19:00:00.125 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
19:00:00.136 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007c0c060]
19:00:00.146 3 CLASSPNP.SYS[fffff8800194443f] -> nt!IofCallDriver -> [0xfffffa8006b0dac0]
19:00:00.156 5 amd_xata.sys[fffff88001082d00] -> nt!IofCallDriver -> \Device\00000064[0xfffffa8007914060]
19:00:00.160 Disk 0 statistics 91762/0/0 @ 9,36 MB/s
19:00:00.164 Scan finished successfully
19:00:14.526 Disk 0 MBR has been saved successfully to "C:\Users\Michal\Desktop\MBR.dat"
19:00:14.530 The log file has been saved successfully to "C:\Users\Michal\Desktop\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

[Msic]

Odinstalováno a vyčištěno, odezva v chromu a celkově chrome se mě zdá ted rychlejší. Ale streamy na twitchi ve vysoké kvalitě se pořád sekají, možná to je mým PC či grafikou

[jerabina]

CCleaner jsi použil?

Zkusil bych přeinstalovat Adobe Flash Playera následně odinstalovat a znovu nainstalovat Google Chrome.

[Msic]

zkoušel jsem ale ani tohle bohužel nepomohlo

[jaro3]

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.