Extrémně zpomalený PC- Prosím o kontrolu Vyřešeno

[Exuctioner]

Zdravím, jsem tu opět. Asi jsem si do PC natáhl nějaký bordel, jelikož PC je strašně zpomalen, internetový prohlížeč často zamrzá už při zapnutí, hry (mapy) se načítají asi 3x pomaleji než předtím a podobně. Příkládám LOG

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:45:58, on 30.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\PC\Downloads\hijackthis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-21-3788455234-4125237215-3820227731-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-3788455234-4125237215-3820227731-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-3788455234-4125237215-3820227731-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window (User '?')
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://D:\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - D:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10823 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

[Exuctioner]

AdwCleaner

# AdwCleaner v4.106 - Report created 30/12/2014 at 16:54:55
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_4.106.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [3089 octets] - [22/11/2014 12:57:10]
AdwCleaner[R1].txt - [3149 octets] - [22/11/2014 17:37:23]
AdwCleaner[R2].txt - [940 octets] - [30/12/2014 16:54:55]
AdwCleaner[S0].txt - [3148 octets] - [22/11/2014 17:40:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1059 octets] ##########


MBAM

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 30.12.2014
Čas skenování: 16:58:03
Protokol:
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2014.12.30.06
Databáze rootkitů: v2014.12.29.02
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: PC

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 357163
Uplynulý čas: 12 min, 58 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 0
(Žádné zákerné zjištěny položek)

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Exuctioner]

AdwCleaner

# AdwCleaner v4.106 - Report created 31/12/2014 at 13:52:57
# Updated 21/12/2014 by Xplode
# Database : 2014-12-30.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : PC - PC-PC
# Running from : C:\Users\PC\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [3089 octets] - [22/11/2014 12:57:10]
AdwCleaner[R1].txt - [3149 octets] - [22/11/2014 17:37:23]
AdwCleaner[R2].txt - [1139 octets] - [30/12/2014 16:54:55]
AdwCleaner[R3].txt - [1200 octets] - [31/12/2014 13:51:03]
AdwCleaner[S0].txt - [3148 octets] - [22/11/2014 17:40:42]
AdwCleaner[S1].txt - [1125 octets] - [31/12/2014 13:52:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1185 octets] ##########


JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x64
Ran by PC on čt 01.01.2015 at 13:26:44,06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on čt 01.01.2015 at 13:33:54,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


RougeKiller

RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : PC [Práva správce]
Mód : Prohledat -- Datum : 01/01/2015 14:12:16

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Path][Soubor] SteelSeries Engine 3.lnk -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [LNK@] C:\PROGRA~1\STEELS~1\STEELS~1\STEELS~2.EXE -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true -> Nalezeno

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD6400AARS-00Y5B1 ATA Device +++++
--- User ---
[MBR] 2c7f14b6a52ead8a77b749346cda5984
[BSP] 17dae6331fd12b4eb5bcc4b26560f861 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 124929 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 256061440 | Size: 485448 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_11232014_124404.log - RKreport_SCN_11222014_192053.log - RKreport_SCN_11232014_124252.log

[Orcus]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
rogram nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

[Exuctioner]

RougeKiller --- ZOEK za moment

RogueKiller V10.1.1.0 (x64) [Dec 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : PC [Práva správce]
Mód : Smazat -- Datum : 01/02/2015 17:39:08

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3788455234-4125237215-3820227731-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[Suspicious.Path][Soubor] SteelSeries Engine 3.lnk -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [LNK@] C:\PROGRA~1\STEELS~1\STEELS~1\STEELS~2.EXE -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true -> Smazáno

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 294 (Driver: Nahrán) ¤¤¤
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x77aa010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x77aa010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x77aa010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x77aa010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77aa010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x77aa010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x77aa010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x77aa010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x77aa010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateSection : Unknown @ 0x77aa010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x77aa010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x77aa010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtQueryObject : Unknown @ 0x77aa010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77aa010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenSection : Unknown @ 0x77aa010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x77aa010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x77aa010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x77aa010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x77aa010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x77aa010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x77aa010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x77aa010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x77aa010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenThread : Unknown @ 0x77aa010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x77aa010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77aa010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77aa010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtVdmControl : Unknown @ 0x77aa010a (jmp 0x15d700|jmp 0xfffffffffffffd79|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x77aa010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (explorer.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x77aa010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x9010a (jmp 0xffffffff8874ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x9010a (jmp 0xffffffff8874ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x9010a (jmp 0xffffffff8874f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x9010a (jmp 0xffffffff8874ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x9010a (jmp 0xffffffff8874e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x9010a (jmp 0xffffffff8874ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x9010a (jmp 0xffffffff8874ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x9010a (jmp 0xffffffff8874e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x9010a (jmp 0xffffffff8874ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x9010a (jmp 0xffffffff8874d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x9010a (jmp 0xffffffff8874dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x9010a (jmp 0xffffffff8874daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x9010a (jmp 0xffffffff8874e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x9010a (jmp 0xffffffff8874e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x9010a (jmp 0xffffffff8874d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x9010a (jmp 0xffffffff8874e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x9010a (jmp 0xffffffff8874d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff8874e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x9010a (jmp 0xffffffff8874e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x9010a (jmp 0xffffffff8874e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x9010a (jmp 0xffffffff8874d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x9010a (jmp 0xffffffff8874ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x9010a (jmp 0xffffffff8874d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x9010a (jmp 0xffffffff8874e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x9010a (jmp 0xffffffff8874e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff8874f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x9010a (jmp 0xffffffff8874e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x9010a (jmp 0xffffffff8874daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x9010a (jmp 0xffffffff8874ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x9010a (jmp 0xffffffff8874e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x9010a (jmp 0xffffffff8874e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x9010a (jmp 0xffffffff8874ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x9010a (jmp 0xffffffff8874e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x9010a (jmp 0xffffffff8874e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x9010a (jmp 0xffffffff8874e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x9010a (jmp 0xffffffff8874eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x9010a (jmp 0xffffffff8874e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x9010a (jmp 0xffffffff8874d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x9010a (jmp 0xffffffff8874e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x9010a (jmp 0xffffffff8874e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x9010a (jmp 0xffffffff8874e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x9010a (jmp 0xffffffff8874de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x9010a (jmp 0xffffffff8874ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x9010a (jmp 0xffffffff8874e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x77aa010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x77aa010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x77aa010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x77aa010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x77aa010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x77aa010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x77aa010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x77aa010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x77aa010a (jmp 0x15ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x77aa010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x77aa010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x77aa010a (jmp 0x15daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x77aa010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x77aa010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x77aa010a (jmp 0x15d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x77aa010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x77aa010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77aa010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x77aa010a (jmp 0x15e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x77aa010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x77aa010a (jmp 0x15d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x77aa010a (jmp 0x15ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x77aa010a (jmp 0x15d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x77aa010a (jmp 0x15e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x77aa010a (jmp 0x15e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x77aa010a (jmp 0x15f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x77aa010a (jmp 0x15e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x77aa010a (jmp 0x15daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x77aa010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x77aa010a (jmp 0x15e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x77aa010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x77aa010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77aa010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77aa010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x77aa010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x77aa010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x77aa010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x77aa010a (jmp 0x15d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x77aa010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x77aa010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x77aa010a (jmp 0x15e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77aa010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x77aa010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x77aa010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0xca010a (jmp 0xffffffff8935ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0xca010a (jmp 0xffffffff8935ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0xca010a (jmp 0xffffffff8935f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0xca010a (jmp 0xffffffff8935ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0xca010a (jmp 0xffffffff8935e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0xca010a (jmp 0xffffffff8935ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0xca010a (jmp 0xffffffff8935ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0xca010a (jmp 0xffffffff8935e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0xca010a (jmp 0xffffffff8935ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0xca010a (jmp 0xffffffff8935d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0xca010a (jmp 0xffffffff8935dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0xca010a (jmp 0xffffffff8935daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0xca010a (jmp 0xffffffff8935e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0xca010a (jmp 0xffffffff8935e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0xca010a (jmp 0xffffffff8935d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0xca010a (jmp 0xffffffff8935e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0xca010a (jmp 0xffffffff8935d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0xca010a (jmp 0xffffffff8935e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0xca010a (jmp 0xffffffff8935e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0xca010a (jmp 0xffffffff8935e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0xca010a (jmp 0xffffffff8935d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0xca010a (jmp 0xffffffff8935ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0xca010a (jmp 0xffffffff8935d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0xca010a (jmp 0xffffffff8935e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0xca010a (jmp 0xffffffff8935e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0xca010a (jmp 0xffffffff8935f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0xca010a (jmp 0xffffffff8935e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0xca010a (jmp 0xffffffff8935daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0xca010a (jmp 0xffffffff8935ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0xca010a (jmp 0xffffffff8935e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0xca010a (jmp 0xffffffff8935e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0xca010a (jmp 0xffffffff8935ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0xca010a (jmp 0xffffffff8935e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0xca010a (jmp 0xffffffff8935e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0xca010a (jmp 0xffffffff8935e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0xca010a (jmp 0xffffffff8935eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0xca010a (jmp 0xffffffff8935e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0xca010a (jmp 0xffffffff8935d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0xca010a (jmp 0xffffffff8935e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0xca010a (jmp 0xffffffff8935e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0xca010a (jmp 0xffffffff8935e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0xca010a (jmp 0xffffffff8935de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0xca010a (jmp 0xffffffff8935ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0xca010a (jmp 0xffffffff8935e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x77aa010a (jmp 0x15ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x77aa010a (jmp 0x15ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x77aa010a (jmp 0x15f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x77aa010a (jmp 0x15ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x77aa010a (jmp 0x15e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x77aa010a (jmp 0x15ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x77aa010a (jmp 0x15ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x77aa010a (jmp 0x15e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x77aa010a (jmp 0x15ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x77aa010a (jmp 0x15d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x77aa010a (jmp 0x15dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x77aa010a (jmp 0x15daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x77aa010a (jmp 0x15e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x77aa010a (jmp 0x15e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x77aa010a (jmp 0x15d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x77aa010a (jmp 0x15e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x77aa010a (jmp 0x15d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x77aa010a (jmp 0x15e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x77aa010a (jmp 0x15e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x77aa010a (jmp 0x15e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x77aa010a (jmp 0x15d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x77aa010a (jmp 0x15ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x77aa010a (jmp 0x15d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x77aa010a (jmp 0x15e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x77aa010a (jmp 0x15e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x77aa010a (jmp 0x15f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x77aa010a (jmp 0x15e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x77aa010a (jmp 0x15daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x77aa010a (jmp 0x15ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x77aa010a (jmp 0x15e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x77aa010a (jmp 0x15e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x77aa010a (jmp 0x15ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x77aa010a (jmp 0x15e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x77aa010a (jmp 0x15e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x77aa010a (jmp 0x15e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x77aa010a (jmp 0x15eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x77aa010a (jmp 0x15e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x77aa010a (jmp 0x15d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x77aa010a (jmp 0x15e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x77aa010a (jmp 0x15e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x77aa010a (jmp 0x15e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x77aa010a (jmp 0x15de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x77aa010a (jmp 0x15ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x77aa010a (jmp 0x15e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0x98010a (jmp 0xffffffff8903ebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0x98010a (jmp 0xffffffff8903ec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0x98010a (jmp 0xffffffff8903f0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0x98010a (jmp 0xffffffff8903ee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0x98010a (jmp 0xffffffff8903e0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0x98010a (jmp 0xffffffff8903ed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0x98010a (jmp 0xffffffff8903ee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0x98010a (jmp 0xffffffff8903e6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0x98010a (jmp 0xffffffff8903ec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0x98010a (jmp 0xffffffff8903d9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0x98010a (jmp 0xffffffff8903dc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0x98010a (jmp 0xffffffff8903daa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0x98010a (jmp 0xffffffff8903e070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0x98010a (jmp 0xffffffff8903e300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0x98010a (jmp 0xffffffff8903d9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0x98010a (jmp 0xffffffff8903e5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0x98010a (jmp 0xffffffff8903d850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0x98010a (jmp 0xffffffff8903e730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0x98010a (jmp 0xffffffff8903e0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0x98010a (jmp 0xffffffff8903e060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0x98010a (jmp 0xffffffff8903d860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0x98010a (jmp 0xffffffff8903ef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0x98010a (jmp 0xffffffff8903d7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0x98010a (jmp 0xffffffff8903e180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0x98010a (jmp 0xffffffff8903e8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0x98010a (jmp 0xffffffff8903f100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0x98010a (jmp 0xffffffff8903e460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0x98010a (jmp 0xffffffff8903daa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0x98010a (jmp 0xffffffff8903ed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0x98010a (jmp 0xffffffff8903e660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0x98010a (jmp 0xffffffff8903e870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0x98010a (jmp 0xffffffff8903ec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0x98010a (jmp 0xffffffff8903e980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0x98010a (jmp 0xffffffff8903e300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0x98010a (jmp 0xffffffff8903e130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0x98010a (jmp 0xffffffff8903eba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0x98010a (jmp 0xffffffff8903e5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0x98010a (jmp 0xffffffff8903d780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0x98010a (jmp 0xffffffff8903e610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0x98010a (jmp 0xffffffff8903e140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0x98010a (jmp 0xffffffff8903e6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0x98010a (jmp 0xffffffff8903de80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0x98010a (jmp 0xffffffff8903ed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0x98010a (jmp 0xffffffff8903e030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSection : Unknown @ 0xdf010a (jmp 0xffffffff894aebc0|jmp 0xfffffffffffffce9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateThread : Unknown @ 0xdf010a (jmp 0xffffffff894aec10|jmp 0xfffffffffffffc09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueryObject : Unknown @ 0xdf010a (jmp 0xffffffff894af0a0|jmp 0xfffffffffffffba9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenProcess : Unknown @ 0xdf010a (jmp 0xffffffff894aee60|jmp 0xfffffffffffffc89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenThread : Unknown @ 0xdf010a (jmp 0xffffffff894ae0c0|jmp 0xfffffffffffffc79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtWriteVirtualMemory : Unknown @ 0xdf010a (jmp 0xffffffff894aed60|jmp 0xfffffffffffffc49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtTerminateProcess : Unknown @ 0xdf010a (jmp 0xffffffff894aee70|jmp 0xfffffffffffffc19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThreadEx : Unknown @ 0xdf010a (jmp 0xffffffff894ae6a0|jmp 0xfffffffffffffc29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateThread : Unknown @ 0xdf010a (jmp 0xffffffff894aec30|jmp 0xfffffffffffffc39|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendThread : Unknown @ 0xdf010a (jmp 0xffffffff894ad9a0|jmp 0xfffffffffffffbc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetContextThread : Unknown @ 0xdf010a (jmp 0xffffffff894adc20|jmp 0xfffffffffffffbf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootOptions : Unknown @ 0xdf010a (jmp 0xffffffff894adaa0|jmp 0xfffffffffffffd89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenTimer : Unknown @ 0xdf010a (jmp 0xffffffff894ae070|jmp 0xfffffffffffffcb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeMultipleKeys : Unknown @ 0xdf010a (jmp 0xffffffff894ae300|jmp 0xfffffffffffffb59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSuspendProcess : Unknown @ 0xdf010a (jmp 0xffffffff894ad9a0|jmp 0xfffffffffffffbd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateTimer : Unknown @ 0xdf010a (jmp 0xffffffff894ae5f0|jmp 0xfffffffffffffcc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemInformation : Unknown @ 0xdf010a (jmp 0xffffffff894ad850|jmp 0xfffffffffffffe09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateIoCompletion : Unknown @ 0xdf010a (jmp 0xffffffff894ae730|jmp 0xfffffffffffffca9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtModifyBootEntry : Unknown @ 0xdf010a (jmp 0xffffffff894ae0f0|jmp 0xfffffffffffffda9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenMutant : Unknown @ 0xdf010a (jmp 0xffffffff894ae060|jmp 0xfffffffffffffd59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetSystemPowerState : Unknown @ 0xdf010a (jmp 0xffffffff894ad860|jmp 0xfffffffffffffde9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePortEx : Unknown @ 0xdf010a (jmp 0xffffffff894aef10|jmp 0xfffffffffffffb89|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtShutdownSystem : Unknown @ 0xdf010a (jmp 0xffffffff894ad7e0|jmp 0xfffffffffffffdf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenIoCompletion : Unknown @ 0xdf010a (jmp 0xffffffff894ae180|jmp 0xfffffffffffffc99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAddBootEntry : Unknown @ 0xdf010a (jmp 0xffffffff894ae8f0|jmp 0xfffffffffffffdc9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtReplyWaitReceivePort : Unknown @ 0xdf010a (jmp 0xffffffff894af100|jmp 0xfffffffffffffb99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDeleteBootEntry : Unknown @ 0xdf010a (jmp 0xffffffff894ae460|jmp 0xfffffffffffffdb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSetBootEntryOrder : Unknown @ 0xdf010a (jmp 0xffffffff894adaa0|jmp 0xfffffffffffffd99|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSection : Unknown @ 0xdf010a (jmp 0xffffffff894aed00|jmp 0xfffffffffffffcd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDebugActiveProcess : Unknown @ 0xdf010a (jmp 0xffffffff894ae660|jmp 0xfffffffffffffbe9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAssignProcessToJobObject : Unknown @ 0xdf010a (jmp 0xffffffff894ae870|jmp 0xfffffffffffffc59|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEvent : Unknown @ 0xdf010a (jmp 0xffffffff894aec30|jmp 0xfffffffffffffd19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtAlpcSendWaitReceivePort : Unknown @ 0xdf010a (jmp 0xffffffff894ae980|jmp 0xfffffffffffffb79|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtNotifyChangeKey : Unknown @ 0xdf010a (jmp 0xffffffff894ae300|jmp 0xfffffffffffffb69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenEventPair : Unknown @ 0xdf010a (jmp 0xffffffff894ae130|jmp 0xfffffffffffffcf9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEvent : Unknown @ 0xdf010a (jmp 0xffffffff894aeba0|jmp 0xfffffffffffffd29|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateSemaphore : Unknown @ 0xdf010a (jmp 0xffffffff894ae5a0|jmp 0xfffffffffffffd49|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtSystemDebugControl : Unknown @ 0xdf010a (jmp 0xffffffff894ad780|jmp 0xfffffffffffffdd9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateMutant : Unknown @ 0xdf010a (jmp 0xffffffff894ae610|jmp 0xfffffffffffffd69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtLoadDriver : Unknown @ 0xdf010a (jmp 0xffffffff894ae140|jmp 0xfffffffffffffe19|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtCreateEventPair : Unknown @ 0xdf010a (jmp 0xffffffff894ae6e0|jmp 0xfffffffffffffd09|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtQueueApcThreadEx : Unknown @ 0xdf010a (jmp 0xffffffff894ade80|jmp 0xfffffffffffffbb9|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtDuplicateObject : Unknown @ 0xdf010a (jmp 0xffffffff894aed20|jmp 0xfffffffffffffc69|jmp 0xfffffffffffffff0)
[IAT:Inl] (chrome.exe) ntdll.dll - NtOpenSemaphore : Unknown @ 0xdf010a (jmp 0xffffffff894ae030|jmp 0xfffffffffffffd39|jmp 0xfffffffffffffff0)

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD6400AARS-00Y5B1 ATA Device +++++
--- User ---
[MBR] 2c7f14b6a52ead8a77b749346cda5984
[BSP] 17dae6331fd12b4eb5bcc4b26560f861 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 124929 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 256061440 | Size: 485448 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_11232014_124404.log - RKreport_SCN_01012015_141216.log - RKreport_SCN_11222014_192053.log - RKreport_SCN_11232014_124252.log
RKreport_SCN_01022015_170000.log - RKreport_SCN_01022015_170342.log

[jaro3]

A zoek?

[Exuctioner]

ZOEK


Zoek.exe v5.0.0.0 Updated 31-12-2014
Tool run by PC on pá 02.01.2015 at 17:41:57,90.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

2.1.2015 17:42:54 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\PC\AppData\Local\CrashDumps deleted successfully
C:\Users\PC\AppData\Local\EmieSiteList deleted successfully
C:\Users\PC\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="D:\Program Files\AVAST Software\Avast\WebRep\FF" [13.12.2014 18:26]

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13.12.2014 18:25]

WOT - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
SIH - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
Far Cry 3 - Death Island - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\effhkpalnjmiinnbchpoencpnnodbhbd
Twitch Now - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk

==== Chromium Fix ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz="

==== Reset Google Chrome ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\9b0add8b-c1de-4a41-b842-ef9497ec5ff2 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Y38Z74P will be deleted at reboot
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BC3581TE will be deleted at reboot
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNGZX8J0 will be deleted at reboot
C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4CE3E3Q will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4 folders=11 30828 bytes)

==== Empty Temp Folders ======================

C:\Users\admin\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\PC\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Y38Z74P" not found
"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BC3581TE" not found
"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QNGZX8J0" not found
"C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S4CE3E3Q" not found

==== EOF on pá 02.01.2015 at 18:39:46,62 ======================

[jaro3]

Vlož nový log z HJT + info o problémech.

[Exuctioner]

HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:59:28, on 3.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\PC\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AvastUI.exe] "D:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://D:\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - D:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\40.0.2214.44\remoting_host.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10007 bytes


Problémy...

Problémy se zdají být menší, ovšem občas z ničeho nic se opět zpomalí a chvíli "zamrzá", ale hned se to zase zmírní a počítač funguje bez problému.

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.