Pomalé PC - stahovaní z internetu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38448
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod jaro3 » 14 led 2018 10:05

Ještě Combofix.


Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
japlod
nováček
Příspěvky: 16
Registrován: listopad 07
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod japlod » 14 led 2018 10:10

a tady je nakonec combofix
ComboFix 18-01-10.01 - palackeho515 14.01.2018 9:42.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6142.4439 [GMT 1:00]
Spuštěný z: c:\users\palackeho515\Desktop\ComboFix.exe
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-12-14 do 2018-01-14 )))))))))))))))))))))))))))))))
.
.
2018-01-14 08:50 . 2018-01-14 08:50 -------- d-----w- c:\users\palackeho515\AppData\Local\CrashDumps
2018-01-14 08:50 . 2018-01-14 08:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-01-14 08:28 . 2018-01-14 08:28 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2018-01-14 08:28 . 2018-01-14 08:28 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2018-01-14 08:28 . 2018-01-14 08:28 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2018-01-14 08:27 . 2018-01-14 08:27 -------- d-----w- c:\users\palackeho515\AppData\Local\Zemana
2018-01-14 08:21 . 2018-01-14 08:21 -------- d-----w- c:\programdata\SWCUTemp
2018-01-14 08:20 . 2018-01-14 08:50 -------- d-----w- c:\users\palackeho515\AppData\Local\Temp
2018-01-14 08:20 . 2018-01-14 08:19 24064 ----a-w- c:\windows\zoek-delete.exe
2018-01-13 21:59 . 2018-01-13 21:59 -------- d-----w- C:\zoek_backup
2018-01-13 16:12 . 2018-01-13 16:12 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-01-13 16:12 . 2018-01-13 19:31 -------- d-----w- c:\programdata\RogueKiller
2018-01-13 09:48 . 2018-01-13 09:48 -------- d-----w- c:\users\palackeho515\AppData\Local\CEF
2018-01-13 09:46 . 2017-11-29 08:11 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2018-01-13 09:46 . 2018-01-13 09:46 -------- d-----w- c:\programdata\Malwarebytes
2018-01-13 09:46 . 2018-01-13 09:46 -------- d-----w- c:\program files\Malwarebytes
2018-01-13 09:38 . 2018-01-13 15:46 -------- d-----w- C:\AdwCleaner
2018-01-13 09:34 . 2018-01-13 09:34 -------- d-----w- c:\users\palackeho515\AppData\Roaming\addpcs
2018-01-13 09:34 . 2018-01-13 09:34 -------- d-----w- c:\program files\Temp File Cleaner
2018-01-12 08:29 . 2018-01-12 08:29 27552 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2018-01-12 08:29 . 2018-01-13 07:58 -------- d-----w- c:\program files\HWiNFO64
2018-01-09 09:11 . 2018-01-09 10:11 -------- d-----w- c:\users\palackeho515\AppData\Local\FastReport
2018-01-09 09:09 . 2018-01-09 09:09 -------- d-----w- c:\program files (x86)\SimpleUcto
2018-01-04 13:59 . 2018-01-04 13:59 -------- d-----w- c:\programdata\Clarus
2018-01-04 13:52 . 2018-01-04 13:52 -------- d-----w- c:\program files (x86)\Clarus
2017-12-25 14:38 . 2017-12-25 14:38 460464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-12-25 14:37 . 2017-12-25 14:37 29872 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-12-25 14:33 . 2017-12-25 14:33 208048 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2017-12-21 21:31 . 2017-12-21 21:31 149344 ----a-w- c:\windows\system32\drivers\aswHdsKe.sys
2017-12-21 21:31 . 2017-12-21 21:31 365680 ----a-w- c:\windows\system32\aswBoot.exe
2017-12-19 13:18 . 2017-12-19 13:18 -------- d-----w- c:\program files (x86)\MozBackup
2017-12-19 13:17 . 2017-12-19 13:52 -------- d-----w- c:\users\palackeho515\AppData\Local\Thunderbird
2017-12-19 13:17 . 2017-12-19 13:17 -------- d-----w- c:\users\palackeho515\AppData\Roaming\Thunderbird
2017-12-19 13:17 . 2018-01-05 07:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2017-12-19 08:53 . 2017-12-25 15:09 21160 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\C2RINTL.cs-cz.dll
2017-12-17 19:38 . 2017-12-17 19:38 -------- d-----w- c:\program files (x86)\7-Zip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-11 07:56 . 2017-12-06 12:07 457896 ----a-w- c:\windows\system32\drivers\aswSP.sys
2018-01-11 07:56 . 2017-12-06 12:07 146648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2018-01-10 10:35 . 2017-12-06 17:55 129365736 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-01-10 10:35 . 2017-12-06 17:55 129365736 -c--a-w- c:\windows\system32\MRT.exe
2018-01-06 08:49 . 2017-12-07 11:18 3396264 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2017-12-21 21:31 . 2017-12-06 12:07 204456 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-12-21 21:31 . 2017-12-06 12:07 84384 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-12-21 21:31 . 2017-12-06 12:07 46976 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-12-21 21:31 . 2017-12-06 12:07 358672 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-12-21 21:31 . 2017-12-06 12:07 185096 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2017-12-21 21:31 . 2017-12-06 12:07 110336 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-12-21 21:31 . 2017-12-06 12:07 1025176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-12-21 21:31 . 2017-12-06 12:07 57696 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-12-21 21:31 . 2017-12-06 12:07 343768 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-12-21 21:31 . 2017-12-06 12:07 321512 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-12-21 21:31 . 2017-12-06 12:07 199448 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-12-11 13:10 . 2017-12-11 13:10 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-12-11 13:10 . 2017-12-11 13:10 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-12-03 22:44 . 2017-12-03 22:44 87728 ----a-w- c:\windows\system32\vcruntime140.dll
2017-12-03 22:44 . 2017-12-03 22:44 641696 ----a-w- c:\windows\system32\msvcp140.dll
2017-12-03 22:44 . 2017-12-03 22:44 389296 ----a-w- c:\windows\system32\vccorlib140.dll
2017-12-03 22:44 . 2017-12-03 22:44 331432 ----a-w- c:\windows\system32\concrt140.dll
2017-12-03 22:38 . 2017-12-03 22:38 263856 ----a-w- c:\windows\SysWow64\vccorlib140.dll
2017-12-03 22:38 . 2017-12-03 22:38 83792 ----a-w- c:\windows\SysWow64\vcruntime140.dll
2017-12-03 22:38 . 2017-12-03 22:38 440128 ----a-w- c:\windows\SysWow64\msvcp140.dll
2017-12-03 22:38 . 2017-12-03 22:38 242496 ----a-w- c:\windows\SysWow64\concrt140.dll
2017-11-17 04:23 . 2017-12-07 18:22 3222528 ----a-w- c:\windows\system32\win32k.sys
2017-11-15 01:27 . 2017-12-15 06:39 395968 ----a-w- c:\windows\system32\iedkcs32.dll
2017-11-14 03:57 . 2017-12-15 06:39 25731072 ----a-w- c:\windows\system32\mshtml.dll
2017-11-14 03:43 . 2017-12-15 06:39 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2017-11-14 03:43 . 2017-12-15 06:39 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2017-11-14 03:32 . 2017-12-15 06:39 2903552 ----a-w- c:\windows\system32\iertutil.dll
2017-11-14 03:31 . 2017-12-15 06:39 66560 ----a-w- c:\windows\system32\iesetup.dll
2017-11-14 03:31 . 2017-12-15 06:39 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2017-11-14 03:30 . 2017-12-15 06:39 417792 ----a-w- c:\windows\system32\html.iec
2017-11-14 03:30 . 2017-12-15 06:39 577024 ----a-w- c:\windows\system32\vbscript.dll
2017-11-14 03:30 . 2017-12-15 06:39 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2017-11-14 03:25 . 2017-12-15 06:39 5925888 ----a-w- c:\windows\system32\jscript9.dll
2017-11-14 03:24 . 2017-12-15 06:39 54784 ----a-w- c:\windows\system32\jsproxy.dll
2017-11-14 03:24 . 2017-12-15 06:39 34304 ----a-w- c:\windows\system32\iernonce.dll
2017-11-14 03:21 . 2017-12-15 06:39 615936 ----a-w- c:\windows\system32\ieui.dll
2017-11-14 03:20 . 2017-12-15 06:39 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2017-11-14 03:20 . 2017-12-15 06:39 116224 ----a-w- c:\windows\system32\ieetwcollector.exe
2017-11-14 03:20 . 2017-12-15 06:39 817152 ----a-w- c:\windows\system32\jscript.dll
2017-11-14 03:20 . 2017-12-15 06:39 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2017-11-14 03:15 . 2017-12-15 06:39 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2017-11-14 03:12 . 2017-12-15 06:39 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2017-11-14 03:06 . 2017-12-15 06:39 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2017-11-14 03:06 . 2017-12-15 06:39 87552 ----a-w- c:\windows\system32\tdc.ocx
2017-11-14 03:05 . 2017-12-15 06:39 107520 ----a-w- c:\windows\system32\inseng.dll
2017-11-14 03:03 . 2017-12-15 06:39 199680 ----a-w- c:\windows\system32\msrating.dll
2017-11-14 03:02 . 2017-12-15 06:39 92160 ----a-w- c:\windows\system32\mshtmled.dll
2017-11-14 03:00 . 2017-12-15 06:39 315392 ----a-w- c:\windows\system32\dxtrans.dll
2017-11-14 02:59 . 2017-12-15 06:39 152064 ----a-w- c:\windows\system32\occache.dll
2017-11-14 02:51 . 2017-12-15 06:39 262144 ----a-w- c:\windows\system32\webcheck.dll
2017-11-14 02:48 . 2017-12-15 06:39 726528 ----a-w- c:\windows\system32\ie4uinit.exe
2017-11-14 02:48 . 2017-12-15 06:39 807936 ----a-w- c:\windows\system32\msfeeds.dll
2017-11-14 02:48 . 2017-12-15 06:39 15267328 ----a-w- c:\windows\system32\ieframe.dll
2017-11-14 02:47 . 2017-12-15 06:39 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2017-11-14 02:46 . 2017-12-15 06:39 2134528 ----a-w- c:\windows\system32\inetcpl.cpl
2017-11-14 02:39 . 2017-12-15 06:39 3241472 ----a-w- c:\windows\system32\wininet.dll
2017-11-14 02:27 . 2017-12-15 06:39 1544192 ----a-w- c:\windows\system32\urlmon.dll
2017-11-14 02:16 . 2017-12-15 06:39 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2017-11-14 00:32 . 2017-12-15 06:39 499200 ----a-w- c:\windows\SysWow64\vbscript.dll
2017-11-14 00:31 . 2017-12-15 06:39 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2017-11-09 04:03 . 2017-11-09 04:03 36203120 ----a-w- c:\windows\system32\nvoglv64.dll
2017-11-09 04:03 . 2017-11-09 04:03 29245040 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-11-09 04:02 . 2017-11-09 04:02 16771696 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-11-09 04:02 . 2017-11-09 04:02 624056 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 514672 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 989808 ----a-w- c:\windows\system32\NvIFR64.dll
2017-11-09 04:02 . 2017-11-09 04:02 941168 ----a-w- c:\windows\SysWow64\NvIFR.dll
2017-11-09 04:01 . 2017-11-09 04:01 54192 ----a-w- c:\windows\system32\nvhdap64.dll
2017-11-09 04:01 . 2017-11-09 04:01 1624168 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-11-09 04:01 . 2017-11-09 04:01 233904 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-11-09 04:01 . 2017-11-09 04:01 1107896 ----a-w- c:\windows\system32\NvFBC64.dll
2017-11-09 04:00 . 2017-11-09 04:00 1039288 ----a-w- c:\windows\SysWow64\NvFBC.dll
2017-11-09 03:56 . 2017-11-09 03:56 1682536 ----a-w- c:\windows\system32\nvdispgenco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 1997752 ----a-w- c:\windows\system32\nvdispco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 3816376 ----a-w- c:\windows\system32\nvcuvid.dll
2017-11-09 03:56 . 2017-11-09 03:56 3355248 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2017-11-09 03:55 . 2017-11-09 03:55 40246384 ----a-w- c:\windows\system32\nvcompiler.dll
2017-11-09 03:55 . 2017-11-09 03:55 35165624 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 21943656 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-11-09 03:33 . 2017-11-09 03:33 19187392 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-11-09 03:33 . 2017-11-09 03:33 505256 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-11-09 03:33 . 2017-11-09 03:33 419520 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-11-09 03:33 . 2017-11-09 03:33 13379352 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 10986768 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 23474664 ----a-w- c:\windows\system32\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 19212720 ----a-w- c:\windows\SysWow64\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 164648 ----a-w- c:\windows\system32\nvoglshim64.dll
2017-11-09 03:33 . 2017-11-09 03:33 142336 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2017-11-09 03:32 . 2017-11-09 03:32 182296 ----a-w- c:\windows\system32\nvinitx.dll
2017-11-09 03:32 . 2017-11-09 03:32 159736 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-11-09 03:32 . 2017-11-09 03:32 1154296 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 902312 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 540856 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2017-11-09 03:32 . 2017-11-09 03:32 459032 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2017-11-09 03:32 . 2017-11-09 03:32 18375312 ----a-w- c:\windows\system32\nvd3dumx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 5640 series (NET)"="c:\program files\HP\HP DeskJet 5640 series\Bin\ScanToPCActivationApp.exe" [2017-05-02 3770504]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-12-13 10249048]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE" [2017-01-09 680520]
.
c:\users\palackeho515\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Auto Backup Guage.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe [2018-1-4 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2018-1-4 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe [2018-1-4 102400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
R2 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdhub31;AMD USB3.1 Hub Service;c:\windows\system32\drivers\amdhub31.sys;c:\windows\SYSNATIVE\drivers\amdhub31.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 amdxhc31;AMD XHCI Service;c:\windows\system32\drivers\amdxhc31.sys;c:\windows\SYSNATIVE\drivers\amdxhc31.sys [x]
R3 asmthub3;ASMedia USB3.1 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 IaNVMe;IaNVMe;c:\windows\system32\drivers\IaNVMe.sys;c:\windows\SYSNATIVE\drivers\IaNVMe.sys [x]
R3 IaRNVMe;IaRNVMe;c:\windows\system32\drivers\IaRNVMe.sys;c:\windows\SYSNATIVE\drivers\IaRNVMe.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ocznvme;ocznvme;c:\windows\system32\drivers\ocznvme.sys;c:\windows\SYSNATIVE\drivers\ocznvme.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 stornvme;stornvme;c:\windows\system32\drivers\stornvme.sys;c:\windows\SYSNATIVE\drivers\stornvme.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tilfilter;TI xHCI Lower Filter Driver Service;c:\windows\system32\drivers\TIxHCIlfilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIlfilter.sys [x]
R3 tiufilter;TI xHCI Upper Filter Driver Service;c:\windows\system32\drivers\TIxHCIufilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIufilter.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Události načítání snímků;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x]
S0 IaNVMeF;IaNVMeF;c:\windows\system32\drivers\IaNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaNVMeF.sys [x]
S0 IaRNVMeF;IaRNVMeF;c:\windows\system32\drivers\IaRNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaRNVMeF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 ocztrimfilter;SSD Device Filter;c:\windows\system32\drivers\ocztrimfilter.sys;c:\windows\SYSNATIVE\drivers\ocztrimfilter.sys [x]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\drivers\aswHdsKe.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BtSwitcherService;Služba Poepnutí Bluetooth;c:\program files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 CSRBtAudioService;Služba CSR Bluetooth Audio;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [x]
S2 CsrBtOBEXService;Služba CSR OBEX;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [x]
S2 CsrBtService;CSR služba Bluetooth;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 RealtekWlanU;RealtekWlanU;c:\program files (x86)\netis\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [x]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 csr_bthav;Profil AV Bluetooth;c:\windows\system32\drivers\csrbthav.sys;c:\windows\SYSNATIVE\drivers\csrbthav.sys [x]
S3 csravrcp;Profil AVRCP Bluetooth;c:\windows\system32\DRIVERS\csravrcp.sys;c:\windows\SYSNATIVE\DRIVERS\csravrcp.sys [x]
S3 CsrBtPort;Ovladač zařízení Bluetooth CSR;c:\windows\system32\DRIVERS\CsrBtPort.sys;c:\windows\SYSNATIVE\DRIVERS\CsrBtPort.sys [x]
S3 csrpan;Bluetooth Personal Area Network Device Driver;c:\windows\system32\DRIVERS\csrpan.sys;c:\windows\SYSNATIVE\DRIVERS\csrpan.sys [x]
S3 csrserial;Ovladač zařízení SPP;c:\windows\system32\DRIVERS\csrserial.sys;c:\windows\SYSNATIVE\DRIVERS\csrserial.sys [x]
S3 csrusb;CSR ovladač rozhraní USB pro hardwarový klíč Bluetooth;c:\windows\system32\Drivers\csrusb.sys;c:\windows\SYSNATIVE\Drivers\csrusb.sys [x]
S3 csrusbfilter;CSR USB filter driver;c:\windows\system32\Drivers\csrusbfilter.sys;c:\windows\SYSNATIVE\Drivers\csrusbfilter.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMWEBPROTECTION
*NewlyCreated* - ZAM
*NewlyCreated* - ZAM_GUARD
*Deregistered* - ESProtectionDriver
*Deregistered* - MBAMFarflt
*Deregistered* - MBAMProtection
*Deregistered* - MBAMSwissArmy
*Deregistered* - MBAMWebProtection
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-11-27 21:03 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-12-21 21:31 1757400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\program files\VIA XHCI UASP Utility\usb3Monitor" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-10-26 13213840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2017-06-27 1903040]
"CsrHCRPServer"="c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe" [2012-03-22 1134288]
"CsrAudioguiCtrl"="c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe" [2012-03-22 511696]
"CsrSyncMLServer"="c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe" [2012-03-22 244944]
"vksts"="c:\program files\CSR\CSR Harmony Wireless Software Stack\vksts.exe" [2012-03-22 25792]
"HarmonyUserStartup"="c:\program files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe" [2012-03-22 39128]
"CSRHarmonySkypePlugin"="c:\program files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe" [2012-03-22 146656]
"TrayApplication"="c:\program files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe" [2012-03-22 529616]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-12-21 246120]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
Trusted Zone: localhost
TCP: DhcpNameServer = 89.190.65.200 89.190.64.20
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\palackeho515\AppData\Roaming\Mozilla\Firefox\Profiles\8f2v1qsr.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2018-01-14 09:53:05
ComboFix-quarantined-files.txt 2018-01-14 08:53
.
Před spuštěním: Volných bajtů: 210 904 932 352
Po spuštění: Volných bajtů: 210 374 090 752
.
- - End Of File - - E16FF45D4EC8B12BF02E41B535C23D96
A36C5E4F47E84449FF07ED3517B43A31

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38448
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod jaro3 » 14 led 2018 15:34

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
RegLock::
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

japlod
nováček
Příspěvky: 16
Registrován: listopad 07
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod japlod » 14 led 2018 19:06

tady je nový log od combofix
ComboFix 18-01-10.01 - palackeho515 14.01.2018 18:54:16.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.6142.4705 [GMT 1:00]
Spuštěný z: c:\users\palackeho515\Desktop\ComboFix.exe
Použité ovládací přepínače :: d:\users\Downloads\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-12-14 do 2018-01-14 )))))))))))))))))))))))))))))))
.
.
2018-01-14 18:01 . 2018-01-14 18:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2018-01-14 09:12 . 2018-01-14 09:12 -------- d-----w- c:\programdata\SWCUTemp
2018-01-14 08:50 . 2018-01-14 08:50 -------- d-----w- c:\users\palackeho515\AppData\Local\CrashDumps
2018-01-14 08:28 . 2018-01-14 08:28 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2018-01-14 08:28 . 2018-01-14 08:28 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2018-01-14 08:28 . 2018-01-14 08:28 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2018-01-14 08:27 . 2018-01-14 08:27 -------- d-----w- c:\users\palackeho515\AppData\Local\Zemana
2018-01-14 08:20 . 2018-01-14 18:01 -------- d-----w- c:\users\palackeho515\AppData\Local\Temp
2018-01-14 08:20 . 2018-01-14 08:19 24064 ----a-w- c:\windows\zoek-delete.exe
2018-01-13 21:59 . 2018-01-13 21:59 -------- d-----w- C:\zoek_backup
2018-01-13 16:12 . 2018-01-13 16:12 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2018-01-13 16:12 . 2018-01-13 19:31 -------- d-----w- c:\programdata\RogueKiller
2018-01-13 09:48 . 2018-01-13 09:48 -------- d-----w- c:\users\palackeho515\AppData\Local\CEF
2018-01-13 09:46 . 2017-11-29 08:11 77432 ----a-w- c:\windows\system32\drivers\mbae64.sys
2018-01-13 09:46 . 2018-01-13 09:46 -------- d-----w- c:\programdata\Malwarebytes
2018-01-13 09:46 . 2018-01-13 09:46 -------- d-----w- c:\program files\Malwarebytes
2018-01-13 09:38 . 2018-01-13 15:46 -------- d-----w- C:\AdwCleaner
2018-01-13 09:34 . 2018-01-13 09:34 -------- d-----w- c:\users\palackeho515\AppData\Roaming\addpcs
2018-01-13 09:34 . 2018-01-13 09:34 -------- d-----w- c:\program files\Temp File Cleaner
2018-01-12 08:29 . 2018-01-12 08:29 27552 ----a-w- c:\windows\system32\drivers\HWiNFO64A.SYS
2018-01-12 08:29 . 2018-01-13 07:58 -------- d-----w- c:\program files\HWiNFO64
2018-01-09 09:11 . 2018-01-09 10:11 -------- d-----w- c:\users\palackeho515\AppData\Local\FastReport
2018-01-09 09:09 . 2018-01-09 09:09 -------- d-----w- c:\program files (x86)\SimpleUcto
2018-01-04 13:59 . 2018-01-04 13:59 -------- d-----w- c:\programdata\Clarus
2018-01-04 13:52 . 2018-01-04 13:52 -------- d-----w- c:\program files (x86)\Clarus
2017-12-25 14:38 . 2017-12-25 14:38 460464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-12-25 14:37 . 2017-12-25 14:37 29872 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-12-25 14:33 . 2017-12-25 14:33 208048 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2017-12-21 21:31 . 2017-12-21 21:31 149344 ----a-w- c:\windows\system32\drivers\aswHdsKe.sys
2017-12-21 21:31 . 2017-12-21 21:31 365680 ----a-w- c:\windows\system32\aswBoot.exe
2017-12-19 13:18 . 2017-12-19 13:18 -------- d-----w- c:\program files (x86)\MozBackup
2017-12-19 13:17 . 2017-12-19 13:52 -------- d-----w- c:\users\palackeho515\AppData\Local\Thunderbird
2017-12-19 13:17 . 2017-12-19 13:17 -------- d-----w- c:\users\palackeho515\AppData\Roaming\Thunderbird
2017-12-19 13:17 . 2018-01-05 07:46 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2017-12-19 08:53 . 2017-12-25 15:09 21160 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\C2RINTL.cs-cz.dll
2017-12-17 19:38 . 2017-12-17 19:38 -------- d-----w- c:\program files (x86)\7-Zip
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2018-01-11 07:56 . 2017-12-06 12:07 457896 ----a-w- c:\windows\system32\drivers\aswSP.sys
2018-01-11 07:56 . 2017-12-06 12:07 146648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2018-01-10 10:35 . 2017-12-06 17:55 129365736 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-01-10 10:35 . 2017-12-06 17:55 129365736 -c--a-w- c:\windows\system32\MRT.exe
2018-01-06 08:49 . 2017-12-07 11:18 3396264 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2017-12-21 21:31 . 2017-12-06 12:07 204456 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-12-21 21:31 . 2017-12-06 12:07 84384 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-12-21 21:31 . 2017-12-06 12:07 46976 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-12-21 21:31 . 2017-12-06 12:07 358672 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2017-12-21 21:31 . 2017-12-06 12:07 185096 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2017-12-21 21:31 . 2017-12-06 12:07 110336 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-12-21 21:31 . 2017-12-06 12:07 1025176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-12-21 21:31 . 2017-12-06 12:07 57696 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-12-21 21:31 . 2017-12-06 12:07 343768 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-12-21 21:31 . 2017-12-06 12:07 321512 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-12-21 21:31 . 2017-12-06 12:07 199448 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-12-11 13:10 . 2017-12-11 13:10 803328 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-12-11 13:10 . 2017-12-11 13:10 144896 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-12-03 22:44 . 2017-12-03 22:44 87728 ----a-w- c:\windows\system32\vcruntime140.dll
2017-12-03 22:44 . 2017-12-03 22:44 641696 ----a-w- c:\windows\system32\msvcp140.dll
2017-12-03 22:44 . 2017-12-03 22:44 389296 ----a-w- c:\windows\system32\vccorlib140.dll
2017-12-03 22:44 . 2017-12-03 22:44 331432 ----a-w- c:\windows\system32\concrt140.dll
2017-12-03 22:38 . 2017-12-03 22:38 263856 ----a-w- c:\windows\SysWow64\vccorlib140.dll
2017-12-03 22:38 . 2017-12-03 22:38 83792 ----a-w- c:\windows\SysWow64\vcruntime140.dll
2017-12-03 22:38 . 2017-12-03 22:38 440128 ----a-w- c:\windows\SysWow64\msvcp140.dll
2017-12-03 22:38 . 2017-12-03 22:38 242496 ----a-w- c:\windows\SysWow64\concrt140.dll
2017-11-17 04:23 . 2017-12-07 18:22 3222528 ----a-w- c:\windows\system32\win32k.sys
2017-11-15 01:27 . 2017-12-15 06:39 395968 ----a-w- c:\windows\system32\iedkcs32.dll
2017-11-14 03:57 . 2017-12-15 06:39 25731072 ----a-w- c:\windows\system32\mshtml.dll
2017-11-14 03:43 . 2017-12-15 06:39 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2017-11-14 03:43 . 2017-12-15 06:39 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2017-11-14 03:32 . 2017-12-15 06:39 2903552 ----a-w- c:\windows\system32\iertutil.dll
2017-11-14 03:31 . 2017-12-15 06:39 66560 ----a-w- c:\windows\system32\iesetup.dll
2017-11-14 03:31 . 2017-12-15 06:39 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2017-11-14 03:30 . 2017-12-15 06:39 417792 ----a-w- c:\windows\system32\html.iec
2017-11-14 03:30 . 2017-12-15 06:39 577024 ----a-w- c:\windows\system32\vbscript.dll
2017-11-14 03:30 . 2017-12-15 06:39 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2017-11-14 03:25 . 2017-12-15 06:39 5925888 ----a-w- c:\windows\system32\jscript9.dll
2017-11-14 03:24 . 2017-12-15 06:39 54784 ----a-w- c:\windows\system32\jsproxy.dll
2017-11-14 03:24 . 2017-12-15 06:39 34304 ----a-w- c:\windows\system32\iernonce.dll
2017-11-14 03:21 . 2017-12-15 06:39 615936 ----a-w- c:\windows\system32\ieui.dll
2017-11-14 03:20 . 2017-12-15 06:39 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2017-11-14 03:20 . 2017-12-15 06:39 116224 ----a-w- c:\windows\system32\ieetwcollector.exe
2017-11-14 03:20 . 2017-12-15 06:39 817152 ----a-w- c:\windows\system32\jscript.dll
2017-11-14 03:20 . 2017-12-15 06:39 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2017-11-14 03:15 . 2017-12-15 06:39 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2017-11-14 03:12 . 2017-12-15 06:39 489984 ----a-w- c:\windows\system32\dxtmsft.dll
2017-11-14 03:06 . 2017-12-15 06:39 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2017-11-14 03:06 . 2017-12-15 06:39 87552 ----a-w- c:\windows\system32\tdc.ocx
2017-11-14 03:05 . 2017-12-15 06:39 107520 ----a-w- c:\windows\system32\inseng.dll
2017-11-14 03:03 . 2017-12-15 06:39 199680 ----a-w- c:\windows\system32\msrating.dll
2017-11-14 03:02 . 2017-12-15 06:39 92160 ----a-w- c:\windows\system32\mshtmled.dll
2017-11-14 03:00 . 2017-12-15 06:39 315392 ----a-w- c:\windows\system32\dxtrans.dll
2017-11-14 02:59 . 2017-12-15 06:39 152064 ----a-w- c:\windows\system32\occache.dll
2017-11-14 02:51 . 2017-12-15 06:39 262144 ----a-w- c:\windows\system32\webcheck.dll
2017-11-14 02:48 . 2017-12-15 06:39 726528 ----a-w- c:\windows\system32\ie4uinit.exe
2017-11-14 02:48 . 2017-12-15 06:39 807936 ----a-w- c:\windows\system32\msfeeds.dll
2017-11-14 02:48 . 2017-12-15 06:39 15267328 ----a-w- c:\windows\system32\ieframe.dll
2017-11-14 02:47 . 2017-12-15 06:39 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2017-11-14 02:46 . 2017-12-15 06:39 2134528 ----a-w- c:\windows\system32\inetcpl.cpl
2017-11-14 02:39 . 2017-12-15 06:39 3241472 ----a-w- c:\windows\system32\wininet.dll
2017-11-14 02:27 . 2017-12-15 06:39 1544192 ----a-w- c:\windows\system32\urlmon.dll
2017-11-14 02:16 . 2017-12-15 06:39 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2017-11-14 00:32 . 2017-12-15 06:39 499200 ----a-w- c:\windows\SysWow64\vbscript.dll
2017-11-14 00:31 . 2017-12-15 06:39 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2017-11-09 04:03 . 2017-11-09 04:03 36203120 ----a-w- c:\windows\system32\nvoglv64.dll
2017-11-09 04:03 . 2017-11-09 04:03 29245040 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2017-11-09 04:02 . 2017-11-09 04:02 16771696 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2017-11-09 04:02 . 2017-11-09 04:02 624056 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 514672 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2017-11-09 04:02 . 2017-11-09 04:02 989808 ----a-w- c:\windows\system32\NvIFR64.dll
2017-11-09 04:02 . 2017-11-09 04:02 941168 ----a-w- c:\windows\SysWow64\NvIFR.dll
2017-11-09 04:01 . 2017-11-09 04:01 54192 ----a-w- c:\windows\system32\nvhdap64.dll
2017-11-09 04:01 . 2017-11-09 04:01 1624168 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2017-11-09 04:01 . 2017-11-09 04:01 233904 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2017-11-09 04:01 . 2017-11-09 04:01 1107896 ----a-w- c:\windows\system32\NvFBC64.dll
2017-11-09 04:00 . 2017-11-09 04:00 1039288 ----a-w- c:\windows\SysWow64\NvFBC.dll
2017-11-09 03:56 . 2017-11-09 03:56 1682536 ----a-w- c:\windows\system32\nvdispgenco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 1997752 ----a-w- c:\windows\system32\nvdispco6438813.dll
2017-11-09 03:56 . 2017-11-09 03:56 3816376 ----a-w- c:\windows\system32\nvcuvid.dll
2017-11-09 03:56 . 2017-11-09 03:56 3355248 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2017-11-09 03:55 . 2017-11-09 03:55 40246384 ----a-w- c:\windows\system32\nvcompiler.dll
2017-11-09 03:55 . 2017-11-09 03:55 35165624 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 21943656 ----a-w- c:\windows\system32\nvwgf2umx.dll
2017-11-09 03:33 . 2017-11-09 03:33 19187392 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2017-11-09 03:33 . 2017-11-09 03:33 505256 ----a-w- c:\windows\system32\nvumdshimx.dll
2017-11-09 03:33 . 2017-11-09 03:33 419520 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2017-11-09 03:33 . 2017-11-09 03:33 13379352 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 10986768 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2017-11-09 03:33 . 2017-11-09 03:33 23474664 ----a-w- c:\windows\system32\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 19212720 ----a-w- c:\windows\SysWow64\nvopencl.dll
2017-11-09 03:33 . 2017-11-09 03:33 164648 ----a-w- c:\windows\system32\nvoglshim64.dll
2017-11-09 03:33 . 2017-11-09 03:33 142336 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2017-11-09 03:32 . 2017-11-09 03:32 182296 ----a-w- c:\windows\system32\nvinitx.dll
2017-11-09 03:32 . 2017-11-09 03:32 159736 ----a-w- c:\windows\SysWow64\nvinit.dll
2017-11-09 03:32 . 2017-11-09 03:32 1154296 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 902312 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2017-11-09 03:32 . 2017-11-09 03:32 540856 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2017-11-09 03:32 . 2017-11-09 03:32 459032 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2017-11-09 03:32 . 2017-11-09 03:32 18375312 ----a-w- c:\windows\system32\nvd3dumx.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-12-08 11:25 2664136 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\FileSyncShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP DeskJet 5640 series (NET)"="c:\program files\HP\HP DeskJet 5640 series\Bin\ScanToPCActivationApp.exe" [2017-05-02 3770504]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2017-12-13 10249048]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE" [2017-01-09 680520]
.
c:\users\palackeho515\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Auto Backup Guage.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe [2018-1-4 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2018-1-4 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe [2018-1-4 102400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
R2 RTLDHCPService;Realtek DHCP Service;c:\program files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe;c:\program files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [x]
R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys;c:\windows\SYSNATIVE\drivers\amdhub30.sys [x]
R3 amdhub31;AMD USB3.1 Hub Service;c:\windows\system32\drivers\amdhub31.sys;c:\windows\SYSNATIVE\drivers\amdhub31.sys [x]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys;c:\windows\SYSNATIVE\drivers\amdxhc.sys [x]
R3 amdxhc31;AMD XHCI Service;c:\windows\system32\drivers\amdxhc31.sys;c:\windows\SYSNATIVE\drivers\amdxhc31.sys [x]
R3 asmthub3;ASMedia USB3.1 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMedia XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\drivers\FLxHCIc.sys;c:\windows\SYSNATIVE\drivers\FLxHCIc.sys [x]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\drivers\FLxHCIh.sys;c:\windows\SYSNATIVE\drivers\FLxHCIh.sys [x]
R3 IaNVMe;IaNVMe;c:\windows\system32\drivers\IaNVMe.sys;c:\windows\SYSNATIVE\drivers\IaNVMe.sys [x]
R3 IaRNVMe;IaRNVMe;c:\windows\system32\drivers\IaRNVMe.sys;c:\windows\SYSNATIVE\drivers\IaRNVMe.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]
R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 ocznvme;ocznvme;c:\windows\system32\drivers\ocznvme.sys;c:\windows\SYSNATIVE\drivers\ocznvme.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys;c:\windows\SYSNATIVE\drivers\rusb3hub.sys [x]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys;c:\windows\SYSNATIVE\drivers\rusb3xhc.sys [x]
R3 stornvme;stornvme;c:\windows\system32\drivers\stornvme.sys;c:\windows\SYSNATIVE\drivers\stornvme.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\drivers\tihub3.sys;c:\windows\SYSNATIVE\drivers\tihub3.sys [x]
R3 tilfilter;TI xHCI Lower Filter Driver Service;c:\windows\system32\drivers\TIxHCIlfilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIlfilter.sys [x]
R3 tiufilter;TI xHCI Upper Filter Driver Service;c:\windows\system32\drivers\TIxHCIufilter.sys;c:\windows\SYSNATIVE\drivers\TIxHCIufilter.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys;c:\windows\SYSNATIVE\drivers\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WiaRpc;Události načítání snímků;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsha.sys;c:\windows\SYSNATIVE\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\system32\drivers\aswbloga.sys;c:\windows\SYSNATIVE\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniva.sys;c:\windows\SYSNATIVE\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys;c:\windows\SYSNATIVE\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys;c:\windows\SYSNATIVE\drivers\aswVmm.sys [x]
S0 IaNVMeF;IaNVMeF;c:\windows\system32\drivers\IaNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaNVMeF.sys [x]
S0 IaRNVMeF;IaRNVMeF;c:\windows\system32\drivers\IaRNVMeF.sys;c:\windows\SYSNATIVE\drivers\IaRNVMeF.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 ocztrimfilter;SSD Device Filter;c:\windows\system32\drivers\ocztrimfilter.sys;c:\windows\SYSNATIVE\drivers\ocztrimfilter.sys [x]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys;c:\windows\SYSNATIVE\drivers\aswArPot.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys;c:\windows\SYSNATIVE\drivers\aswHdsKe.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 BtSwitcherService;Služba Poepnutí Bluetooth;c:\program files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 CSRBtAudioService;Služba CSR Bluetooth Audio;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [x]
S2 CsrBtOBEXService;Služba CSR OBEX;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [x]
S2 CsrBtService;CSR služba Bluetooth;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe;c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]
S2 NvTelemetryContainer;NVIDIA Telemetry Container;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe;c:\program files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [x]
S2 RealtekWlanU;RealtekWlanU;c:\program files (x86)\netis\USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\netis\USB Wireless LAN Utility\RtlService.exe [x]
S2 RunSwUSB;RunSwUSB;c:\windows\runSW.exe;c:\windows\runSW.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 csr_bthav;Profil AV Bluetooth;c:\windows\system32\drivers\csrbthav.sys;c:\windows\SYSNATIVE\drivers\csrbthav.sys [x]
S3 csravrcp;Profil AVRCP Bluetooth;c:\windows\system32\DRIVERS\csravrcp.sys;c:\windows\SYSNATIVE\DRIVERS\csravrcp.sys [x]
S3 CsrBtPort;Ovladač zařízení Bluetooth CSR;c:\windows\system32\DRIVERS\CsrBtPort.sys;c:\windows\SYSNATIVE\DRIVERS\CsrBtPort.sys [x]
S3 csrpan;Bluetooth Personal Area Network Device Driver;c:\windows\system32\DRIVERS\csrpan.sys;c:\windows\SYSNATIVE\DRIVERS\csrpan.sys [x]
S3 csrserial;Ovladač zařízení SPP;c:\windows\system32\DRIVERS\csrserial.sys;c:\windows\SYSNATIVE\DRIVERS\csrserial.sys [x]
S3 csrusb;CSR ovladač rozhraní USB pro hardwarový klíč Bluetooth;c:\windows\system32\Drivers\csrusb.sys;c:\windows\SYSNATIVE\Drivers\csrusb.sys [x]
S3 csrusbfilter;CSR USB filter driver;c:\windows\system32\Drivers\csrusbfilter.sys;c:\windows\SYSNATIVE\Drivers\csrusbfilter.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 nvvhci;NVVHCI Enumerator Service;c:\windows\system32\DRIVERS\nvvhci.sys;c:\windows\SYSNATIVE\DRIVERS\nvvhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - ESProtectionDriver
*Deregistered* - MBAMFarflt
*Deregistered* - MBAMProtection
*Deregistered* - MBAMSwissArmy
*Deregistered* - MBAMWebProtection
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2017-11-27 21:03 324080 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive6]
@="{9AA2F32D-362A-42D9-9328-24A483E2CCC3}"
[HKEY_CLASSES_ROOT\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}]
2017-12-08 11:26 2935496 ----a-w- c:\users\palackeho515\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-12-21 21:31 1757400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\program files\VIA XHCI UASP Utility\usb3Monitor" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-10-26 13213840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2017-06-27 1903040]
"CsrHCRPServer"="c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe" [2012-03-22 1134288]
"CsrAudioguiCtrl"="c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe" [2012-03-22 511696]
"CsrSyncMLServer"="c:\program files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe" [2012-03-22 244944]
"vksts"="c:\program files\CSR\CSR Harmony Wireless Software Stack\vksts.exe" [2012-03-22 25792]
"HarmonyUserStartup"="c:\program files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe" [2012-03-22 39128]
"CSRHarmonySkypePlugin"="c:\program files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe" [2012-03-22 146656]
"TrayApplication"="c:\program files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe" [2012-03-22 529616]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-12-21 246120]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-08-09 15775888]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalSystemNetworkRestricted
WiaRpc
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
Trusted Zone: localhost
TCP: DhcpNameServer = 89.190.65.200 89.190.64.20
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\palackeho515\AppData\Roaming\Mozilla\Firefox\Profiles\8f2v1qsr.default\
FF - prefs.js: browser.startup.homepage - about:home
.
.
Celkový čas: 2018-01-14 19:03:59
ComboFix-quarantined-files.txt 2018-01-14 18:03
ComboFix2.txt 2018-01-14 08:53
.
Před spuštěním: Volných bajtů: 210 162 024 448
Po spuštění: Volných bajtů: 209 874 870 272
.
- - End Of File - - 1EF9FF9727BF1AB84CD97458D8A4E3B4
A36C5E4F47E84449FF07ED3517B43A31

japlod
nováček
Příspěvky: 16
Registrován: listopad 07
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod japlod » 14 led 2018 19:08

No a tydy je log od HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:08, on 14.1.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
D:\Users\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O4 - HKCU\..\Run: [HP DeskJet 5640 series (NET)] "C:\Program Files\HP\HP DeskJet 5640 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH69Q1V0JP06D3:NW" -scfn "HP DeskJet 5640 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"
O4 - Startup: Samsung Auto Backup Guage.lnk = ?
O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?
O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Poepnutí Bluetooth (BtSwitcherService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
O23 - Service: Služba CSR Bluetooth Audio (CSRBtAudioService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
O23 - Service: Služba CSR OBEX (CsrBtOBEXService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
O23 - Service: CSR služba Bluetooth (CsrBtService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealtekWlanU - Realtek - C:\Program Files (x86)\netis\USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek DHCP Service (RTLDHCPService) - Realtek - C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe
O23 - Service: RunSwUSB - Unknown owner - C:\Windows\runSW.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 9288 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38448
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod jaro3 » 14 led 2018 19:38

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost


Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

japlod
nováček
Příspěvky: 16
Registrován: listopad 07
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod japlod » 14 led 2018 23:57

Tak provedeno vše jak bylo napsáno. Už po předešlém kroku jsem pozoroval zrychlení, teď se to jeví jako bezproblémový chod. Klobouk dolů před zkušeností :-) Mám si dát na něco pozor? Něčemu se vyhnout, nebo co bylo příčinou zpomalení? Ještě jednou děkuji za pomoc.
Ty programy asi mohu odinstalovat, je tak?

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10631
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod Orcus » 15 led 2018 07:44

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno , zelenou fajfku.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a jerabina

Pokud budete spokojeni , můžete podpořit naše fórum.

japlod
nováček
Příspěvky: 16
Registrován: listopad 07
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu  Vyřešeno

Příspěvekod japlod » 15 led 2018 09:41

tady je poslední log
# DelFix v1.013 - Logfile created 15/01/2018 at 09:39:17
# Updated 17/04/2016 by Xplode
# Username : palackeho515 - PALACKEHO515-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2018-01-13-220202.log
Deleted : C:\zoek-results2018-01-14-080322.log
Deleted : C:\Users\palackeho515\Desktop\adwcleaner_7.0.6.0.exe
Deleted : C:\Users\palackeho515\Desktop\ComboFix.exe
Deleted : C:\Users\palackeho515\Desktop\JRT.exe
Deleted : C:\Users\palackeho515\Desktop\JRT.txt
Deleted : C:\Users\palackeho515\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\palackeho515\Desktop\zoek.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Cleaning system restore ...

Deleted : RP #26 [Naplánovaný kontrolní bod | 12/23/2017 13:00:10]
Deleted : RP #27 [Naplánovaný kontrolní bod | 01/03/2018 14:19:45]
Deleted : RP #28 [Installed Samsung Auto Backup | 01/04/2018 13:52:06]
Deleted : RP #29 [Windows Update | 01/10/2018 10:35:11]
Deleted : RP #30 [Windows Update | 01/13/2018 09:55:21]
Deleted : RP #31 [JRT Pre-Junkware Removal | 01/13/2018 15:58:10]
Deleted : RP #32 [zoek.exe restore point | 01/13/2018 22:00:46]
Deleted : RP #33 [Windows Update | 01/14/2018 02:00:10]
Deleted : RP #34 [Zemana AntiMalware 14.1.2018 9:33:36 | 01/14/2018 08:33:38]

New restore point created !

########## - EOF - ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38448
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Pomalé PC - stahovaní z internetu

Příspěvekod jaro3 » 15 led 2018 09:58

Malwarebytes si ponechej.
Odinstaluj Sophos a Zemana.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 8 hostů