vyskokovací okno famousaactors

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni
Zoek.exe
a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.

Vlož nový log z HJT + informuj o problémech.

[Reklama]

[jarek865]

RogueKiller V12.8.5.0 [Dec 12 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : u?ivatel [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mód : Prohledat -- Datum : 01/03/2017 20:32:19 (Duration : 00:30:11)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 7 ¤¤¤
[PUP] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} (C:\PROGRA~1\COMMON~1\WONDER~1\WONDER~1\WSHelper.exe) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0C960F73-74A7-4D47-85DC-78AE28ED7E44} | DhcpNameServer : 10.116.100.1 ([X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8F89DE2F-DEDA-480C-B624-713D2C5F3098} | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0C960F73-74A7-4D47-85DC-78AE28ED7E44} | DhcpNameServer : 10.116.100.1 ([X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{8F89DE2F-DEDA-480C-B624-713D2C5F3098} | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 1 (Driver: Nahrán) ¤¤¤
[SSDT:Inl(Hook.SSDT)] ZwDeleteAtom[99] : C:\Windows\System32\win32k.sys @ 0xffffffff932c8261 (call dword [0x81f45d14])

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD20EFRX-68EUZN0 ATA Device +++++
--- User ---
[MBR] 1362e4656f724d4dd7d84b2ba026acac
[BSP] 22d9600c74b1a66e9a916f109782e896 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST3500418AS ATA Device +++++
--- User ---
[MBR] f43f655f53d81373d54c1a84ead2863d
[BSP] 1ccab1cf5af065cbc6d8b48fe7bc7c2a : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

[jarek865]

Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by u§ivatel on Łt 03.01.2017 at 21:10:02,91.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\UIVATE~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3.1.2017 21:13:04 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\AGEIA Technologies deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Redsystem deleted successfully
C:\Program Files\Wondershare deleted successfully
C:\Users\UIVATE~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Blitzkrieg deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\PROGRA~2\Shared Space deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\\LocalLow deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\\LocalLow deleted successfully
C:\Users\UIVATE~1\AppData\Local\GHISLER deleted successfully
C:\Users\UIVATE~1\AppData\Local\Skype deleted successfully
C:\Users\UIVATE~1\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2419785327-1075799353-3858860436-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8E8F97CD-60B5-456F-A201-73065652D099} deleted successfully
HKEY_USERS\S-1-5-21-2419785327-1075799353-3858860436-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{82A76710-4F98-4957-92BE-99648A4E2475} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\AGEIA Technologies not found
C:\Program Files\Redsystem not found
C:\Program Files\Wondershare not found
C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) not found
C:\Users\UIVATE~1\AppData\Local\Wondershare deleted
C:\Program Files\Common Files\Wondershare deleted
C:\Users\UIVATE~1\AppData\LocalLow\Unity deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Users\Public\Desktop\YouTube PlayList Downloader.lnk deleted
C:\Users\UIVATE~1\cbsetup.exe deleted
C:\Users\UIVATE~1\ConBuilder.exe deleted
"C:\Users\UIVATE~1\AppData\Local\{8C61F546-90EE-4CBB-A60D-DBF9553D5A98}" deleted

==== Orphaned Tasks deleted from Registry ======================

Hewlett-Packard\HP Active Health deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08.12.2016 09:35]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [08.12.2016 09:35]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


Chrome Media Router - UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{A600EB27-B382-4905-B3D2-32DA7E19ECB9} - https://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

==== Reset Google Chrome ======================

C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Seznam.cz\User Data\Default\Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Seznam.cz\User Data\Default\Secure Preferences was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\UIVATE~1\AppData\Local\Seznam.cz\User Data\Default\Web Data was reset successfully
C:\Users\UIVATE~1\AppData\Local\Seznam.cz\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88DA244E-4CEA-49E4-AD6A-301B65131E25} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\E442AD88AEC44E94DAA603B15631E152 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UIVATE~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\UIVATE~1\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\UIVATE~1\AppData\Local\Seznam.cz\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=49 folders=24 16460385 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UIVATE~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\UIVATE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 03.01.2017 at 21:46:09,77 ======================

[jarek865]

Zemana AntiMalware 2.70.2.262 (nainstalovaný)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.1.3
Operating System : Windows 7 32-bit
Processor : 2X Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
BIOS Mode : Legacy
CUID : 12D435D3E050D20CEFE065
Scan Type : Skenování systému
Duration : 8m 47s
Scanned Objects : 64804
Detected Objects : 7
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Seznam.cz.exe
Status : Skenováno
Object : %appdata%\seznam browser\seznam.cz.exe
MD5 : 80CFF64FE21C676EA46CD0C62925B318
Publisher : Seznam.cz, a.s.
Size : 1054904
Version : 0.0.0.0
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %appdata%\seznam browser\seznam.cz.exe
Odkaz - C:\Users\uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Seznam.cz.lnk

FormatFactory.exe
Status : Skenováno
Object : %programfiles%\freetime\formatfactory\formatfactory.exe
MD5 : 62DEA15C2D8F014CD4C3238B0EE34AC4
Publisher : chen jun hao
Size : 3974496
Version : 3.3.4.0
Detection : PUA:Win32/FormatFactory!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %programfiles%\freetime\formatfactory\formatfactory.exe
Odkaz - C:\Users\uživatel\Desktop\Format Factory.lnk

WebcamMax-7.1.7.8.MultiLanguage.Setup.exe
Status : Skenováno
Object : %userprofile%\downloads\webcammax-7.1.7.8.multilanguage.setup.exe
MD5 : FE75C43C83264F684758E4E34011CAC0
Publisher : -
Size : 50688
Version : -
Detection : Malware:Win32/Blackoat.A!Imil
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\webcammax-7.1.7.8.multilanguage.setup.exe

slimdrivers-setup.exe
Status : Skenováno
Object : %userprofile%\downloads\slimdrivers-setup.exe
MD5 : 13D6E0AEF0F093F30BAB17380C92177D
Publisher : Slimware Utilities, Inc.
Size : 858432
Version : 1.3.0.0
Detection : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\slimdrivers-setup.exe

Seznam.cz.exe
Status : Skenováno
Object : %userprofile%\downloads\seznam.cz.exe
MD5 : B6EBD0F062068DFCDE36BD80449CFFB6
Publisher : Seznam.cz, a.s.
Size : 51200
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\seznam.cz.exe

Seznam.cz (1).exe
Status : Skenováno
Object : %userprofile%\downloads\seznam.cz (1).exe
MD5 : 8D65923F6CF8F4961A49C74609F9B6E3
Publisher : Seznam.cz, a.s.
Size : 51200
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\seznam.cz (1).exe

listicka-chrome.exe
Status : Skenováno
Object : %userprofile%\downloads\listicka-chrome.exe
MD5 : 06E7A68C1E9F448EFF24DAF48C20B0EA
Publisher : Seznam.cz, a.s.
Size : 1155592
Version : -
Detection : Adware:Win32/Seznam-DJ!Ep
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\listicka-chrome.exe


Cleaning Result
-------------------------------------------------------
Cleaned : 7
Reported as safe : 0
Failed : 0

[jarek865]

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:23:11, on 3.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!


Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Users\uživatel\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\wuauclt.exe
C:\Users\uživatel\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4 - HKLM\..\Run: [ZAM] "C:\Users\uživatel\Desktop\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [f.lux] "C:\Users\uživatel\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Users\uživatel\Desktop\Zemana AntiMalware\ZAM.exe

--
End of file - 7338 bytes

[jarek865]

nevyžadované okno neustále každých 20 minut vyskakuje..

[jaro3]

Stáhni si Emsisoft Emergency Kit
http://dl.emsisoft.com/EmsisoftEmergencyKit.exe
na svojí plochu. Poklepej na soubor EmsisoftEmergencyKit.exe . Ponech všechna nastavení tak, jak jsou a klikni na tlačítko „Extract“ v dolní části. Složka s názvem EEK bude vytvořena v kořenovém adresáři jednotky (obvykle c: \).

1) Po extrakci poklikej na novou ikonu Emsisoft Emergency Kit na Tvé ploše.
2) Při prvním spuštění Emsisoft Emergency Kit doporučujeme povolit stahování aktualizací. Prosím, klepni na tlačítko „Yes“ (Ano), potom se stáhne nejnovější aktualizace databáze.
3) Po dokončení procesu aktualizace se zobrazí nové tlačítko v levém dolním rohu, s názvem „ Back“. Klikni na toto tlačítko pro návrat na předešlou obrazovku .
4) Klikni na „Scan“ , ukáží se volby skenování. Pokud budeš dotázán, zda chceš, aby se vyhledávaly potenciálně nežádoucí programy, klepni na tlačítko „Yes“(Ano).
5) Klikni na tlačítko „Full Scan“ pro zahájení skenování.
6) Když je skenování dokončeno klikni na tlačítko „Quarantine“ (karanténa vybraných objektů). Poznámka: Tato možnost je k dispozici pouze v případě, že během kontroly byly zjištěny škodlivé objekty.
7) Když budou v karanténě hrozby, klepni na tlačítko „View report“ (Zobrazit zprávy) v pravém dolním rohu, a protokol skenu se otevře v poznámkovém bloku.
Prosím ulož si protokol v poznámkovém bloku na plochu, a vlož sem celý jeho obsah.
9) Když zavřeš Emsisoft Emergency Kit, bude Ti nabídnuta možnost přihlásit se k odběru novinek. Toto je volitelné a není to nezbytné odstraňování malware.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[jarek865]

Emsisoft Emergency Kit - Version 12.0
Last update: 4.1.2017 20:09:11
User account: uživatel-PC\uživatel
Computer name: UŽIVATEL-PC
OS version: Windows 7x86 Service Pack 1

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Direct disk access: Off

Scan start: 4.1.2017 20:10:39
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} detected: Application.AdReg (A) []

Scanned 72416
Found 1

Scan end: 4.1.2017 20:15:38
Scan time: 0:04:59

Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Application.AdReg (A)

Quarantined 1

[jarek865]

ComboFix 17-01-04.01 - uživatel 04.01.2017 20:36:13.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1146 [GMT 1:00]
Running from: c:\users\u×ivatel\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 9.0.407.0 *Disabled/Outdated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: ESET NOD32 Antivirus 9.0.407.0 *Disabled/Outdated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-12-04 do 2017-01-04 )))))))))))))))))))))))))))))))
.
.
2017-01-04 19:44 . 2017-01-04 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-01-04 19:05 . 2017-01-04 19:27 -------- d-----w- C:\EEK
2017-01-03 21:05 . 2017-01-03 21:05 181496 ----a-w- c:\windows\system32\drivers\zam32.sys
2017-01-03 20:58 . 2017-01-04 10:09 -------- d-----w- c:\program files\Zemana AntiMalware
2017-01-03 20:57 . 2017-01-03 20:57 -------- d-----w- c:\users\uživatel\AppData\Local\Zemana
2017-01-03 20:43 . 2017-01-03 20:09 24064 ----a-w- c:\windows\zoek-delete.exe
2017-01-03 20:43 . 2017-01-04 19:44 -------- d-----w- c:\users\uživatel\AppData\Local\Temp
2017-01-03 20:09 . 2017-01-03 20:37 -------- d-----w- C:\zoek_backup
2017-01-03 10:55 . 2017-01-03 10:55 -------- d-----w- c:\programdata\Sophos
2017-01-03 10:53 . 2017-01-03 10:53 -------- d-----w- c:\program files\Sophos
2017-01-02 10:43 . 2017-01-03 20:53 87496 ----a-w- c:\windows\system32\drivers\farflt.sys
2017-01-02 10:43 . 2017-01-03 11:52 63264 ----a-w- c:\windows\system32\drivers\mwac.sys
2017-01-02 10:43 . 2017-01-04 10:11 39360 ----a-w- c:\windows\system32\drivers\mbam.sys
2017-01-02 10:43 . 2017-01-02 10:43 59968 ----a-w- c:\windows\system32\drivers\mbae.sys
2017-01-02 10:42 . 2017-01-02 10:42 -------- d-----w- c:\program files\Malwarebytes
2017-01-02 09:05 . 2017-01-03 19:32 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-01-02 09:05 . 2017-01-02 09:05 -------- d-----w- c:\users\uživatel\AppData\Local\CrashDumps
2017-01-02 09:00 . 2017-01-02 09:00 -------- d-----w- c:\program files\RogueKiller
2017-01-02 09:00 . 2017-01-02 09:10 -------- d-----w- c:\programdata\RogueKiller
2017-01-02 04:59 . 2017-01-02 05:00 -------- d-----w- C:\KVRT_Data
2017-01-01 19:48 . 2017-01-04 10:11 219072 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2017-01-01 19:47 . 2017-01-02 10:43 153024 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2017-01-01 18:55 . 2017-01-04 13:38 -------- d-----w- C:\AdwCleaner
2017-01-01 17:26 . 2017-01-01 19:14 -------- d-----w- c:\program files\Spyware Terminator
2017-01-01 14:42 . 2017-01-02 10:42 -------- d-----w- c:\programdata\Malwarebytes
2017-01-01 14:42 . 2017-01-01 19:14 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2017-01-01 14:01 . 2017-01-01 14:01 -------- d-----w- c:\users\uživatel\AppData\Local\Crashpad
2017-01-01 14:00 . 2017-01-03 21:20 -------- d-----w- c:\users\uživatel\AppData\Roaming\Seznam Browser
2017-01-01 10:43 . 2017-01-01 10:43 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2016-12-26 11:06 . 2016-12-26 11:06 -------- d-----w- C:\Graphics
2016-12-26 11:05 . 2016-12-26 11:05 -------- d-----w- c:\program files\Shape Viewer
2016-12-26 08:05 . 2016-12-26 08:05 2977792 ----a-w- c:\users\uživatel\SView15.msi
2016-12-26 08:04 . 2016-12-26 08:04 -------- d-----w- c:\users\uživatel\Reports
2016-12-26 08:04 . 2016-12-26 08:04 1664 ----a-w- c:\users\uživatel\settings.bin
2016-12-24 10:20 . 2016-12-24 10:20 -------- d-----w- c:\users\uživatel\AppData\Roaming\Nero
2016-12-24 09:55 . 2016-12-24 09:55 -------- d-----w- c:\program files\Nero
2016-12-24 09:54 . 2016-12-24 09:56 -------- d-----w- c:\program files\Common Files\Nero
2016-12-24 09:54 . 2016-12-24 09:55 -------- d-----w- c:\programdata\Nero
2016-12-22 18:23 . 2016-12-22 18:34 -------- d-----w- c:\windows\$regcmp$
2016-12-20 15:21 . 2016-12-20 15:23 -------- d-----w- c:\users\uživatel\AppData\Local\YoutubeSoft
2016-12-20 15:21 . 2016-12-20 15:21 -------- d-----w- c:\users\uživatel\AppData\Roaming\YoutubeSoft
2016-12-20 15:21 . 2016-12-20 15:21 -------- d-----w- c:\programdata\YoutubeSoft
2016-12-20 15:20 . 2016-12-20 15:20 -------- d-----w- c:\program files\YouTubeSoft
2016-12-20 14:42 . 2016-12-20 14:43 -------- d-----w- c:\users\uživatel\AppData\Roaming\YouTubeByClick
2016-12-20 14:40 . 2016-12-20 15:19 -------- d-----w- c:\users\uživatel\AppData\Local\Downloaded Installations
2016-12-20 14:29 . 2016-12-20 14:29 -------- d-----w- C:\Download
2016-12-08 08:50 . 2016-12-08 08:50 -------- d-----w- c:\users\uživatel\AppData\Roaming\Hewlett-Packard
2016-12-08 08:44 . 2016-12-08 08:44 -------- d-----w- C:\System.sav
2016-12-08 08:43 . 2016-12-08 08:43 -------- d-----w- c:\users\uživatel\AppData\Roaming\hpqLog
2016-12-08 08:40 . 2017-01-01 14:46 -------- d-----w- c:\programdata\Hewlett-Packard
2016-12-08 08:38 . 2016-12-08 08:38 -------- d-----w- c:\users\uživatel\AppData\Local\HP
2016-12-08 08:37 . 2016-12-08 08:37 -------- d-----w- c:\programdata\WEBREG
2016-12-08 08:37 . 2016-12-08 08:38 -------- d-----w- c:\users\uživatel\AppData\Roaming\HP
2016-12-08 08:37 . 2016-12-08 08:32 315904 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp70w.dll
2016-12-08 08:35 . 2016-12-15 10:01 -------- d-----w- c:\users\uživatel\AppData\Roaming\HpUpdate
2016-12-08 08:34 . 2016-12-08 08:34 -------- d-----w- c:\programdata\HP Product Assistant
2016-12-08 08:33 . 2016-12-08 08:33 -------- d-----w- c:\program files\Common Files\HP
2016-12-08 08:33 . 2016-12-08 08:33 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2016-12-08 08:32 . 2016-12-08 08:32 123904 ----a-w- c:\windows\system32\hpf3l70w.dll
2016-12-08 08:30 . 2016-12-08 08:35 -------- d-----w- c:\program files\HP
2016-12-08 08:30 . 2016-12-08 08:37 -------- d-----w- c:\programdata\HP
2016-12-08 08:30 . 2016-12-08 08:32 452408 ----a-w- c:\windows\system32\hpzids01.dll
2016-12-08 08:29 . 2016-12-08 08:32 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2016-12-08 08:29 . 2016-12-08 08:32 713728 ----a-w- c:\windows\system32\hposwia_d02d.dll
2016-12-08 08:29 . 2016-12-08 08:32 589824 ----a-w- c:\windows\system32\hpost_d02d.dll
2016-12-08 08:29 . 2016-12-08 08:32 315392 ----a-w- c:\windows\system32\hposc_d02a.dll
2016-12-08 08:25 . 2016-12-08 09:19 -------- d-----w- c:\users\uživatel\AppData\Local\Hewlett-Packard
2016-12-08 08:24 . 2017-01-01 13:56 -------- d-----w- c:\program files\Hewlett-Packard
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-12-26 08:05 . 2016-12-26 08:05 2977792 ----a-w- c:\users\uživatel\SView15.msi
2016-12-26 08:05 . 2016-12-26 08:05 2977792 ----a-w- c:\users\uživatel\SView15.msi
2016-12-26 08:04 . 2016-12-26 08:04 1664 ----a-w- c:\users\uživatel\settings.bin
2016-12-26 08:04 . 2016-12-26 08:04 1664 ----a-w- c:\users\uživatel\settings.bin
2016-12-14 06:06 . 2015-10-07 15:42 802904 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-12-14 06:06 . 2015-10-07 15:42 144472 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-12-14 05:42 . 2016-12-14 05:42 254464 ----a-w- c:\windows\system32\schannel.dll
2016-12-14 05:42 . 2016-12-14 05:42 141312 ----a-w- c:\windows\system32\rpchttp.dll
2016-12-08 08:36 . 2015-10-06 21:22 16384 ----a-w- c:\windows\system32\drivers\Dot4Prt.sys
2016-12-08 08:36 . 2015-10-07 12:47 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2016-12-08 08:36 . 2009-07-13 23:45 131072 ----a-w- c:\windows\system32\drivers\Dot4.sys
2016-12-08 08:36 . 2009-07-13 23:45 36864 ----a-w- c:\windows\system32\drivers\Dot4usb.sys
2016-12-04 12:02 . 2011-08-17 08:57 123904 ----a-w- c:\windows\system32\ccdcmbwu.dll
2016-12-04 12:02 . 2011-08-17 08:57 605696 ----a-w- c:\windows\system32\nmwcdcocls.dll
2016-12-04 12:02 . 2011-08-17 08:57 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2016-12-04 12:02 . 2011-08-17 08:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2016-12-04 12:02 . 2011-05-18 06:09 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2016-12-03 16:44 . 2015-09-23 07:30 206472 ----a-w- c:\windows\system32\drivers\eamonm.sys
2016-12-03 16:44 . 2015-09-23 07:30 156288 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2016-12-03 16:44 . 2015-09-23 07:30 141448 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2016-11-29 21:34 . 2016-11-29 21:34 28352 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-11-29 21:34 . 2016-11-29 21:34 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-11-09 19:23 . 2016-11-09 19:23 202240 ----a-w- c:\windows\system32\input.dll
2016-11-09 19:23 . 2016-11-09 19:23 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2016-11-09 19:23 . 2016-11-09 19:23 126976 ----a-w- c:\windows\system32\tintlgnt.ime
2016-11-09 19:23 . 2016-11-09 19:23 125952 ----a-w- c:\windows\system32\quick.ime
2016-11-09 19:23 . 2016-11-09 19:23 125952 ----a-w- c:\windows\system32\qintlgnt.ime
2016-11-09 19:23 . 2016-11-09 19:23 125952 ----a-w- c:\windows\system32\phon.ime
2016-11-09 19:23 . 2016-11-09 19:23 125952 ----a-w- c:\windows\system32\chajei.ime
2016-11-09 19:23 . 2016-11-09 19:23 125952 ----a-w- c:\windows\system32\cintlgnt.ime
2016-11-09 19:23 . 2016-11-09 19:23 2291712 ----a-w- c:\windows\system32\MSVidCtl.dll
2016-11-09 19:23 . 2016-11-09 19:23 90112 ----a-w- c:\windows\system32\pintlgnt.ime
2016-11-09 19:23 . 2016-11-09 19:23 497152 ----a-w- c:\windows\system32\win32spl.dll
2016-11-09 19:23 . 2016-11-09 19:23 308456 ----a-w- c:\windows\system32\atmfd.dll
2016-11-09 19:23 . 2016-11-09 19:23 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-11-09 19:23 . 2016-11-09 19:23 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-11-09 19:23 . 2016-11-09 19:23 90624 ----a-w- c:\windows\system32\olepro32.dll
2016-11-09 19:23 . 2016-11-09 19:23 68608 ----a-w- c:\windows\system32\drivers\bowser.sys
2016-11-09 19:23 . 2016-11-09 19:23 701440 ----a-w- c:\windows\system32\IMJP10K.DLL
2016-11-09 19:23 . 2016-11-09 19:23 1027584 ----a-w- c:\windows\system32\IMJP10.IME
2016-11-09 19:23 . 2016-11-09 19:23 67584 ----a-w- c:\windows\system32\asycfilt.dll
2016-11-09 19:23 . 2016-11-09 19:23 829952 ----a-w- c:\windows\system32\msctf.dll
2016-11-09 19:23 . 2016-11-09 19:23 430080 ----a-w- c:\windows\system32\imkr80.ime
2016-11-09 19:23 . 2016-11-09 19:23 581632 ----a-w- c:\windows\system32\oleaut32.dll
2016-11-09 19:23 . 2016-11-09 19:23 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-11-09 19:23 . 2016-11-09 19:23 70656 ----a-w- c:\windows\system32\fontsub.dll
2016-11-09 19:23 . 2016-11-09 19:23 26112 ----a-w- c:\windows\system32\lpk.dll
2016-11-09 19:23 . 2016-11-09 19:23 10240 ----a-w- c:\windows\system32\dciman32.dll
2016-11-09 19:23 . 2016-11-09 19:23 34304 ----a-w- c:\windows\system32\atmlib.dll
2016-11-09 19:21 . 2016-11-09 19:22 935424 ----a-w- c:\windows\system32\diagtrack.dll
2016-10-30 11:05 . 2016-10-30 11:05 123904 ----a-w- c:\windows\system32\poqexec.exe
2016-10-11 23:24 . 2016-10-11 23:24 67816 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-10-11 23:24 . 2016-10-11 23:24 488448 ----a-w- c:\windows\system32\devinv.dll
2016-10-11 23:24 . 2016-10-11 23:24 478208 ----a-w- c:\windows\system32\generaltel.dll
2016-10-11 23:24 . 2016-10-11 23:24 184320 ----a-w- c:\windows\system32\aepic.dll
2016-10-11 23:24 . 2016-10-11 23:24 1406976 ----a-w- c:\windows\system32\appraiser.dll
2016-10-11 23:24 . 2016-10-11 23:24 107008 ----a-w- c:\windows\system32\acmigration.dll
2016-10-11 23:24 . 2016-10-11 23:24 1017856 ----a-w- c:\windows\system32\aeinv.dll
2016-10-11 23:24 . 2016-10-11 23:24 268800 ----a-w- c:\windows\system32\invagent.dll
2016-10-11 23:24 . 2016-10-11 23:24 213504 ----a-w- c:\windows\system32\centel.dll
2016-10-11 23:24 . 2016-10-11 23:24 3209216 ----a-w- c:\windows\system32\mf.dll
2016-10-11 23:24 . 2016-10-11 23:24 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2016-10-11 23:24 . 2016-10-11 23:24 744960 ----a-w- c:\windows\system32\blackbox.dll
2016-10-11 23:23 . 2016-10-11 23:23 437248 ----a-w- c:\windows\system32\scavengeui.dll
2016-10-11 23:23 . 2016-10-11 23:23 1178112 ----a-w- c:\windows\system32\WsmSvc.dll
2016-10-11 23:23 . 2016-10-11 23:23 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2016-10-11 23:23 . 2016-10-11 23:23 1329664 ----a-w- c:\windows\system32\quartz.dll
2016-10-11 23:23 . 2016-10-11 23:23 489984 ----a-w- c:\windows\system32\evr.dll
2016-10-11 23:23 . 2016-10-11 23:23 519680 ----a-w- c:\windows\system32\qdvd.dll
2016-10-11 23:23 . 2016-10-11 23:23 474624 ----a-w- c:\windows\system32\audiosrv.dll
2016-10-11 23:23 . 2016-10-11 23:23 442368 ----a-w- c:\windows\system32\AUDIOKSE.dll
2016-10-11 23:23 . 2016-10-11 23:23 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2016-10-11 23:23 . 2016-10-11 23:23 249344 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll
2016-10-11 23:23 . 2016-10-11 23:23 374784 ----a-w- c:\windows\system32\AudioEng.dll
2016-10-11 23:23 . 2016-10-11 23:23 214016 ----a-w- c:\windows\system32\WsmWmiPl.dll
2016-10-11 23:23 . 2016-10-11 23:23 199168 ----a-w- c:\windows\system32\WSManHTTPConfig.exe
2016-10-11 23:23 . 2016-10-11 23:23 1005056 ----a-w- c:\windows\system32\cryptui.dll
2016-10-11 23:23 . 2016-10-11 23:23 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2016-10-11 23:23 . 2016-10-11 23:23 354816 ----a-w- c:\windows\system32\mfplat.dll
2016-10-11 23:23 . 2016-10-11 23:23 78568 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-10-11 23:23 . 2016-10-11 23:23 275968 ----a-w- c:\windows\system32\EncDump.dll
2016-10-11 23:23 . 2016-10-11 23:23 195072 ----a-w- c:\windows\system32\AudioSes.dll
2016-10-11 23:23 . 2016-10-11 23:23 157184 ----a-w- c:\windows\system32\pcasvc.dll
2016-10-11 23:23 . 2016-10-11 23:23 146944 ----a-w- c:\windows\system32\WsmAuto.dll
2016-10-11 23:23 . 2016-10-11 23:23 1251328 ----a-w- c:\windows\system32\DWrite.dll
2016-10-11 23:23 . 2016-10-11 23:23 12574208 ----a-w- c:\windows\system32\wmploc.DLL
2016-10-11 23:23 . 2016-10-11 23:23 909824 ----a-w- c:\windows\system32\FntCache.dll
2016-10-11 23:23 . 2016-10-11 23:23 81408 ----a-w- c:\windows\system32\drivers\dfsc.sys
2016-10-11 23:23 . 2016-10-11 23:23 80896 ----a-w- c:\windows\system32\cryptsp.dll
2016-10-11 23:23 . 2016-10-11 23:23 103424 ----a-w- c:\windows\system32\mfps.dll
2016-10-11 23:23 . 2016-10-11 23:23 76800 ----a-w- c:\windows\system32\adsmsext.dll
2016-10-11 23:23 . 2016-10-11 23:23 117248 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-10-11 23:23 . 2016-10-11 23:23 100352 ----a-w- c:\windows\system32\audiodg.exe
2016-10-11 23:23 . 2016-10-11 23:23 504320 ----a-w- c:\windows\system32\msscp.dll
2016-10-11 23:23 . 2016-10-11 23:23 265216 ----a-w- c:\windows\system32\msnetobj.dll
2016-10-11 23:23 . 2016-10-11 23:23 23040 ----a-w- c:\windows\system32\mfpmp.exe
2016-10-11 23:23 . 2016-10-11 23:23 208896 ----a-w- c:\windows\system32\WebClnt.dll
2016-10-11 23:23 . 2016-10-11 23:23 28160 ----a-w- c:\windows\system32\pcadm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="c:\users\uživatel\AppData\Local\FluxSoftware\Flux\flux.exe" [2016-09-06 1017224]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2016-05-13 6690008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2015-08-18 1278920]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 4045432]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2016-09-26 1491128]
"Malwarebytes TrayApp"="c:\program files\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe" [2017-01-02 2776528]
"ZAM"="c:\users\uživatel\Desktop\Zemana AntiMalware\ZAM.exe" [2017-01-03 14073072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2015-10-06 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2016-05-13 17:43 6690008 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2014-03-04 09:19 3696912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2016-12-08 08:35 96056 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2016-07-15 15:46 164152 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
2015-08-18 08:47 2585744 ----a-w- c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
2010-08-03 08:00 6043888 ----a-w- c:\program files\WebcamMax\WebcamMax.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [x]
R1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard32.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2016-01-29 327296]
R2 ZAMSvc;ZAM Controller Service;c:\users\uživatel\Desktop\Zemana AntiMalware\ZAM.exe [2017-01-03 14073072]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-29 1670840]
R3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1.sys [2015-08-31 24424]
R3 DFX12;DFX Audio Enhancer;c:\windows\system32\drivers\dfx12.sys [2015-11-12 26104]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-12-14 102912]
R3 MBAMProtection;MBAMProtection;c:\windows\system32\drivers\mbam.sys [2017-01-04 39360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2017-01-04 219072]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2016-08-31 27488]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2016-08-31 648728]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2016-08-31 52824]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2015-10-08 243128]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2016-12-03 206472]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2016-12-03 156288]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-10-06 23840]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam32.sys [2017-01-03 181496]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-12-03 2167696]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2016-12-03 141448]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 915600]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-02 3381200]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1706128]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-08-18 19775632]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2000-01-01 27768]
S3 JMCF;JMCF;c:\windows\system32\DRIVERS\jmcf.sys [2000-01-01 68720]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-18 18576]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2015-08-18 32912]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2000-01-01 716504]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2012-10-22 1841272]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-12-15 03:25 1384792 ----a-w- c:\program files\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55 322232 ----a-w- c:\program files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2017-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-07 06:06]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: eset.com\help
TCP: DhcpNameServer = 10.116.100.65 10.116.100.1
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-OpenTTD - d:\game\OTTD 1
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2017-01-04 20:46:17
ComboFix-quarantined-files.txt 2017-01-04 19:46
.
Pre-Run: Volných bajtů: 303 852 941 312
Po spuštění: Volných bajtů: 303 735 128 064
.
- - End Of File - - 8A4E80E295443721949F883DB2892730
A36C5E4F47E84449FF07ED3517B43A31

[jarek865]

okno neustale naskakuje..

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


AV: ESET NOD32 Antivirus 9.0.407.0 *Disabled/Outdated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: ESET NOD32 Antivirus 9.0.407.0 *Disabled/Outdated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
2 antiviry a 4 antispywary..Deaktivovaná máš trvale vše kromě Nod32?

[jarek865]

RogueKiller V12.8.5.0 [Dec 12 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : u?ivatel [Práva správce]
Started from : C:\Program Files\RogueKiller\RogueKiller.exe
Mód : Prohledat -- Datum : 01/05/2017 11:42:08 (Duration : 00:25:55)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0C960F73-74A7-4D47-85DC-78AE28ED7E44} | DhcpNameServer : 10.116.100.1 ([X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{8F89DE2F-DEDA-480C-B624-713D2C5F3098} | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0C960F73-74A7-4D47-85DC-78AE28ED7E44} | DhcpNameServer : 10.116.100.1 ([X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{8F89DE2F-DEDA-480C-B624-713D2C5F3098} | DhcpNameServer : 10.116.100.65 10.116.100.1 ([X][X]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 1 (Driver: Nahrán) ¤¤¤
[SSDT:Inl(Hook.SSDT)] ZwDeleteAtom[99] : C:\Windows\System32\win32k.sys @ 0xffffffff93f78261 (call dword [0x81f44d14])

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD20EFRX-68EUZN0 ATA Device +++++
--- User ---
[MBR] 1362e4656f724d4dd7d84b2ba026acac
[BSP] 22d9600c74b1a66e9a916f109782e896 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 1907726 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST3500418AS ATA Device +++++
--- User ---
[MBR] f43f655f53d81373d54c1a84ead2863d
[BSP] 1ccab1cf5af065cbc6d8b48fe7bc7c2a : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK