KOntrola logu

Nighters · Příspěvekod **Nighters** » 03 kvě 2015 23:26

Dobrý den,
na druhém HDD (nesystémovém) mi zmizeli soubory ze složky a do složky se nejde dostat - složka není přípstupná. Složku jsem tedy smazal, ale ob´jevila se znovu a stále je prázdná a není přístupná. Nevím zda mi tady pomůžeze a zda to jsem poznat z logu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:22:06, on 3.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)

FIREFOX: 37.0.2 (x86 cs)
Boot mode: Normal

Running processes:
C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
F:\Download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Andy] C:\Program Files\Andy\HandyAndy.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: Killer Network Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8280 bytes

Reklama

mople71 · Příspěvekod **mople71** » 04 kvě 2015 00:09

Ahoj!

Rád Ti pomohu s tvým problémem. Čti prosím mé instrukce pozorně a pokud si něčím nebudeš jist, vždy se raději zeptej.

Po dobu čištění si prosím vypni antivirus a nedělej zásadní změny v OS bez mého vědomí!
V rámci čištění Ti budou vyprázdněny dočasné adresáře včetně Koše.

Stáhni si AdwCleaner: http://www.bleepingcomputer.com/download/adwcleaner/

Ulož na Plochu, spusť jako správce, klikni na Scan a poté Logfile, vyjede na tebe log, ten sem prosím přilož. AdwCleaner na chvíli zavři.

Po vložení logu sem si znovu otevři AdwCleaner, kde klikni na Scan a poté tentokrát na Clean. Po restartu PC na tebe vyjede další log, ten sem prosím vlož.

---------------------------------------------------------------------------

Stáhni si Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe

Ulož na Plochu, otevři jako správce, do otevřeného okna vlož tento kód:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

A klikni na Run script, chvíli to potrvá. Po restartu PC prosím přilož jeho log.

---------------------------------------------------------------------------

Stáhni si MBAM (verzi zadarmo, trial nechceme): http://www.malwarebytes.org/mwb-download/

Nainstaluj, na poslední stránce instalátoru nezapomeň odškrtnout možnost: Povolit bezplatnou zkušební verzi...

Po spuštění se aplikace aktualizuje, poté zvol v horní liště Sken -> vyber Vlastní sken a klikni na Skenovat nyní

Objeví se okno Konfigurace vlastního skenu - vyber všechny disky/diskové oddíly (kromě mechaniky, čtečky,...), v levé liště zatrhni Hledat rootkity a klikni na Spustit sken

Po dokončení skenu klikni na tlačítko Exportovat záznam, log ulož a jeho obsah vlož sem.

Všechny nálezy dej mezitím do karantény.

Nighters · Příspěvekod **Nighters** » 04 kvě 2015 00:17

# AdwCleaner v4.203 - Log vytvořen 04/05/2015 v 00:16:14
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-02.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : Petr - PETR-PC
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_4.203.exe
# Nastavení : Sken

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Mozilla Firefox v37.0.2 (x86 cs)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [648 bytů] - [04/05/2015 00:16:14]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [705 bytů] ##########

___________________________________________________________________________________________________________________________________

# AdwCleaner v4.203 - Log vytvořen 04/05/2015 v 00:18:00
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-02.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : Petr - PETR-PC
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Mozilla Firefox v37.0.2 (x86 cs)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [782 bytů] - [04/05/2015 00:16:14]
AdwCleaner[R1].txt - [839 bytů] - [04/05/2015 00:17:40]
AdwCleaner[S0].txt - [765 bytů] - [04/05/2015 00:18:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [822 bytů] ##########

____________________________________________________________________________________________________________________________________

Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by Petr on po 04.05.2015 at 0:19:46,69.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petr\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.5.2015 0:20:18 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default\prefs.js:

Added to C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\Petr\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Petr\AppData\Local\cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default\extensions\firefox@mega.co.nz.xpi deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default
- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash

==== Chromium Startpages ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"homepage":"http://www.google.com","homepage_is_newtabpage":false,"distribution":{"skip_first_run_ui":false,"show_welcome_page":true,"import_search_engine":false,"import_history":false,"create_all_shortcuts":true,"make_chrome_default":true,"require_eula":false,"system_level":true,"verbose_logging":false},"first_run_tabs":["http://www.google.com/","http://welcome_page","https://register.msi.com/ap_register/mb"]}

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bloody2 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Petr\AppData\Local\Mozilla\Firefox\Profiles\1ic7aekv.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=98 folders=38 21786651 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Petr\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Petr\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 04.05.2015 at 0:29:13,42 ======================

___________________________________________________________________________________________________________________________________
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 4.5.2015
Čas skenování: 0:39:36
Protokol:
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.03.06
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 560372
Uplynulý čas: 40 min, 36 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 5
RiskWare.Tool.HCK, F:\Programy\Autocad14\Autocad2014\Crack\xf-adsk32.7z, , [0f338f007317e35367879dae7d857789],
RiskWare.Tool.HCK, F:\Programy\Autocad14\Autocad2014\Crack\xf-adsk64.7z, , [97abb9d6ee9c3afcac4286c5956d7789],
RiskWare.Tool.HCK, F:\Programy\Autocad14\Autocad2014\Crack\xf-adsk64.exe, , [a0a2b6d96822979f7d718fbc946e6f91],
Trojan.Agent, F:\Programy\MS Office 2007\KlÃÄ + LegalizÃ¡tor + Menu\Classic.Menu.for.Office.2007.v4.00.ECLiPSE.rar, , [ec56bbd47e0ca591d0ecf9b6ce346c94],
RiskWare.Tool.CK, F:\Programy\MS Office 2007\KlÃÄ + LegalizÃ¡tor + Menu\msoe2007kg.exe, , [57eb2e61b6d491a53085e0c70cf6d729],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jaro3** » 05 kvě 2015 10:10

Nemáš ten druhý HDD přeplněný?

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Nighters · Příspěvekod **Nighters** » 05 kvě 2015 15:08

Systémový mám zaplněný cca 50% (60GB) a druhý HDD mám z 15% (138GB). Proč?

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 5.5.2015
Čas skenování: 15:20:44
Protokol: 222.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.05.03
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 569958
Uplynulý čas: 42 min, 39 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 5
RiskWare.Tool.HCK, F:\Programy\Autocad14\Autocad2014\Crack\xf-adsk32.7z, , [54b3c7c92763f1452ff92d1f56ac6997],
RiskWare.Tool.HCK, F:\Programy\Autocad14\Autocad2014\Crack\xf-adsk64.7z, , [43c4e2aea6e47db9dd4b64e851b1da26],
RiskWare.Tool.HCK, F:\Programy\Autocad14\Autocad2014\Crack\xf-adsk64.exe, , [0ff80d835f2bc27444e44b01709255ab],
Trojan.Agent, F:\Programy\MS Office 2007\KlAÄ? + LegalizA!tor + Menu\Classic.Menu.for.Office.2007.v4.00.ECLiPSE.rar, , [da2d513f3d4d8fa7952e0da34bb7b947],
RiskWare.Tool.CK, F:\Programy\MS Office 2007\KlAÄ? + LegalizA!tor + Menu\msoe2007kg.exe, , [27e059374d3de0566755f3b5e51d0df3],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Ultimate x64
Ran by Petr on Łt 05.05.2015 at 15:09:26,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Petr\AppData\Roaming\mozilla\firefox\profiles\1ic7aekv.default\minidumps [3 files]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 05.05.2015 at 15:10:48,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V10.6.2.0 (x64) [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\Petr\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 05/05/2015 15:16:55

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 EVO 120GB ATA Device +++++
--- User ---
[MBR] 00c07cb66eddb5634cd0cbc61001f6cd
[BSP] 44d38d39355fa7ecebee5b95d4790c5d : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 468992 | Size: 114244 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM003-1ER162 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Basic data partition | Offset (sectors): 264192 | Size: 953740 MB
User = LL1 ... OK
User = LL2 ... OK

Příspěvekod **Orcus** » 05 kvě 2015 15:26

Log z MBAM je kde? :-)

====================================================

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Nighters · Příspěvekod **Nighters** » 05 kvě 2015 16:21

Chybějící report v předešlém příspěvku jsem doplnil, trval déle. Postupně to tady vkládám.

RogueKiller V10.6.2.0 (x64) [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\Petr\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 05/05/2015 16:20:07

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 EVO 120GB ATA Device +++++
--- User ---
[MBR] 00c07cb66eddb5634cd0cbc61001f6cd
[BSP] 44d38d39355fa7ecebee5b95d4790c5d : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 468992 | Size: 114244 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM003-1ER162 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Basic data partition | Offset (sectors): 264192 | Size: 953740 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_05052015_151655.log - RKreport_SCN_05052015_161816.log

----------------------------------------------------------------------------
CrystalDiskInfo 6.3.1 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
Date : 2015/05/05 16:23:18

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- Samsung SSD 840 EVO 120GB ATA Device
+ ATA Channel 1 (1) [ATA]
- ST1000DM003-1ER162 ATA Device
+ ATA Channel 2 (2) [ATA]
- TSSTcorp CDDVDW SH-224DB ATA Device
+ Intel(R) 9 Series Chipset Family SATA AHCI Controller - 8C82 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 2 (2)

-- Disk List ---------------------------------------------------------------
(1) Samsung SSD 840 EVO 120GB : 120,0 GB [0/0/0, pd1] - sg
(2) ST1000DM003-1ER162 : 1000,2 GB [1/1/0, pd1] - st

----------------------------------------------------------------------------
(1) Samsung SSD 840 EVO 120GB
----------------------------------------------------------------------------
Model : Samsung SSD 840 EVO 120GB
Firmware : EXT0CB6Q
Serial Number : S1D5NSBF534708X
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 4c
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 2647 hod.
Power On Count : 374 krát
Host Writes : 2601 GB
Wear Level Count : 12
Temperature : 29 C (84 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 _10 000000000000 Reallocated Sector Count
09 _99 _99 __0 000000000A57 Power-on Hours
0C _99 _99 __0 000000000176 Power-on Count
B1 _99 _99 __0 00000000000C Wear Leveling Count
B3 100 100 _10 000000000000 Used Reserved Block Count (Total)
B5 100 100 _10 000000000000 Program Fail Count (Total)
B6 100 100 _10 000000000000 Erase Fail Count (Total)
B7 100 100 _10 000000000000 Runtime Bad Block (Total)
BB 100 100 __0 000000000000 Uncorrectable Error Count
BE _71 _63 __0 00000000001D Airflow Temperature
C3 200 200 __0 000000000000 ECC Error Rate
C7 100 100 __0 000000000000 CRC Error Count
EB _99 _99 __0 000000000014 POR Recovery Count
F1 _99 _99 __0 0001453A1ED5 Total LBA Written

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5331 4435 4E53 4246 3533 3437 3038 5820 2020 2020
020: 0000 0000 0000 4558 5430 4342 3651 5361 6D73 756E
030: 6720 5353 4420 3834 3020 4556 4F20 3132 3047 4220
040: 2020 2020 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0F10
070: 0000 0000 0000 0000 0000 001F 850E 0046 006C 0060
080: 03FC 0039 746B 7D01 4163 7469 BC01 4163 207F 0001
090: 0004 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0008 4000 0000 5002 5388
110: A045 D1E7 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0800 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 3BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 33 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 63 63 57 0A 00 00 00 00 00 0C 32 00 63 63 76
020: 01 00 00 00 00 00 B1 13 00 63 63 0C 00 00 00 00
030: 00 00 B3 13 00 64 64 00 00 00 00 00 00 00 B5 32
040: 00 64 64 00 00 00 00 00 00 00 B6 32 00 64 64 00
050: 00 00 00 00 00 00 B7 13 00 64 64 00 00 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BE 32
070: 00 47 3F 1D 00 00 00 00 00 00 C3 1A 00 C8 C8 00
080: 00 00 00 00 00 00 C7 3E 00 64 64 00 00 00 00 00
090: 00 00 EB 12 00 63 63 14 00 00 00 00 00 00 F1 32
0A0: 00 63 63 D5 1E 3A 45 01 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 68 10 00 53
170: 03 00 01 00 02 46 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 0A 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
030: 00 00 B3 0A 00 00 00 00 00 00 00 00 00 00 B5 0A
040: 00 00 00 00 00 00 00 00 00 00 B6 0A 00 00 00 00
050: 00 00 00 00 00 00 B7 0A 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BE 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
090: 00 00 EB 00 00 00 00 00 00 00 00 00 00 00 F1 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E

----------------------------------------------------------------------------
(2) ST1000DM003-1ER162
----------------------------------------------------------------------------
Model : ST1000DM003-1ER162
Firmware : CC43
Serial Number : Z4Y0HT0Z
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 2651 hod.
Power On Count : 381 krát
Temperature : 29 C (84 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 113 _99 __6 00000367EDB8 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 0000000004F7 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _68 _60 _30 0000006D5196 Počet chybných hledání
09 _97 _97 __0 000000000A5B Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 00000000017D Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _71 _68 _45 00001E17001D Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000004 Počet vypnutí disku
C1 _88 _88 __0 000000006016 Počet cyklů načítání/vymazání
C2 _29 _40 __0 00120000001D Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 3CC50000057B Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000AADD7653 Total Host Writes
F2 100 253 __0 0006FEAD3271 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A34 5930 4854 305A
020: 0000 0000 0004 4343 3433 2020 2020 5354 3130 3030
030: 444D 3030 332D 3145 5231 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0080
070: 0000 0000 0000 0000 0000 001F 850E 0006 00CC 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 207F 0035
090: 0035 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 6759 1ADB 0000 0000 0000 0000 0000 0000 0000 405E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0007 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 71 63 B8 ED 67 03 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 63 63 F7
020: 04 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 44 3C 96 51 6D 00 00 00 00 09 32
040: 00 61 61 5B 0A 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 7D 01 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 47 44 1D 00 17 1E 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 04 00 00 00 00
0C0: 00 00 C1 32 00 58 58 16 60 00 00 00 00 00 C2 22
0D0: 00 1D 28 1D 00 00 00 12 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 C8 00 00 00 00 00 00 00 F0 00
100: 00 64 FD 7B 05 00 00 C5 3C 21 F1 00 00 64 FD 53
110: 76 DD AA 00 00 00 F2 00 00 64 FD 71 32 AD FE 06
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 50 00 00 73
170: 03 00 01 00 01 6F 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 80 16 00 00 06 02 02 02 02 03 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 34 5F D7 4C AE 08 00 00
1B0: 00 00 00 00 01 00 24 1F 53 76 DD AA 00 00 00 00
1C0: 71 32 AD FE 06 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 22 13 00 00 01 00 00 00
1E0: 00 00 00 00 A8 36 02 00 00 00 00 00 00 00 00 03
1F0: 00 00 00 00 00 00 00 00 00 00 14 18 00 00 00 CE

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

Příspěvekod **jerabina** » 06 kvě 2015 16:37

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Nighters · Příspěvekod **Nighters** » 07 kvě 2015 15:22

RogueKiller V10.6.2.0 (x64) [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : Petr [Práva správce]
Started from : C:\Users\Petr\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 05/07/2015 15:21:39

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 18 ¤¤¤
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[VT.Unknown|PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{B4293D1C-CDE7-4CB4-A3D9-27B34DB728E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1862124054-3117100190-2353946209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 2 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] ::1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 840 EVO 120GB ATA Device +++++
--- User ---
[MBR] 00c07cb66eddb5634cd0cbc61001f6cd
[BSP] 44d38d39355fa7ecebee5b95d4790c5d : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 468992 | Size: 114244 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST1000DM003-1ER162 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Basic data partition | Offset (sectors): 264192 | Size: 953740 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_05052015_151655.log - RKreport_SCN_05052015_161816.log - RKreport_DEL_05052015_162007.log - RKreport_SCN_05072015_152051.log

Nighters · Příspěvekod **Nighters** » 07 kvě 2015 15:25

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Petr (administrator) on PETR-PC on 07-05-2015 15:23:36
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available profiles: Petr)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Spotify Ltd) C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-1862124054-3117100190-2353946209-1000\...\Run: [Spotify Web Helper] => C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-07] (Spotify Ltd)
HKU\S-1-5-21-1862124054-3117100190-2353946209-1000\...\Policies\Explorer: []
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-02-23]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1862124054-3117100190-2353946209-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Speed Dial - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2015-02-23]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\1ic7aekv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-23]

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2014-10-01] (ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
S4 MBAMScheduler; F:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; F:\Programy\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-01-22] (Qualcomm Atheros) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-04-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80080 2013-11-08] (Qualcomm Atheros, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2014-10-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [63160 2014-10-10] (ESET)
S4 IObitUnlocker; F:\Programy\IObit Unlocker\IObitUnlocker.sys [36944 2014-03-04] (IObit)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 15:23 - 2015-05-07 15:23 - 00010447 _____ () C:\Users\Petr\Desktop\FRST.txt
2015-05-07 15:23 - 2015-05-07 15:23 - 00000000 ____D () C:\FRST
2015-05-07 15:22 - 2015-05-07 15:22 - 02102272 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-05-05 15:13 - 2015-05-07 15:18 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-05 15:13 - 2015-05-05 15:19 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-05 15:13 - 2015-05-05 15:13 - 20688472 _____ () C:\Users\Petr\Desktop\RogueKillerX64.exe
2015-05-05 15:09 - 2015-05-05 15:09 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PETR-PC-Windows-7-Ultimate-(64-bit).dat
2015-05-05 15:09 - 2015-05-05 15:09 - 00000000 ____D () C:\RegBackup
2015-05-04 00:31 - 2015-05-05 18:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-04 00:31 - 2015-05-04 00:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-04 00:31 - 2015-05-04 00:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-04 00:31 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-04 00:31 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-04 00:31 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-04 00:28 - 2015-05-04 00:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-04 00:20 - 2015-05-04 00:29 - 00006864 _____ () C:\zoek-results.log
2015-05-04 00:19 - 2015-05-04 00:26 - 00000000 ____D () C:\zoek_backup
2015-05-04 00:15 - 2015-05-04 00:18 - 00000000 ____D () C:\AdwCleaner
2015-05-04 00:15 - 2015-05-04 00:15 - 02204160 _____ () C:\Users\Petr\Desktop\adwcleaner_4.203.exe
2015-05-04 00:13 - 2015-05-04 00:13 - 01305600 _____ () C:\Users\Petr\Desktop\zoek.exe
2015-05-04 00:10 - 2015-05-04 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker
2015-05-04 00:10 - 2015-05-04 00:10 - 00000000 ____D () C:\ProgramData\IObit
2015-05-03 23:37 - 2015-05-03 23:37 - 00000004 _____ () C:\Windows\SysWOW64\wnsm2i.rdb
2015-04-24 21:37 - 2015-04-24 21:37 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-22 16:25 - 2015-04-22 16:25 - 00000000 ____D () C:\Users\Petr\Documents\Ashampoo Burning Studio FREE
2015-04-22 13:59 - 2015-04-22 13:59 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\WinAuth
2015-04-22 10:29 - 2015-04-22 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astra SW
2015-04-22 10:29 - 2005-06-07 08:33 - 00000004 ___RH () C:\Windows\AstraSunLiS4_d.sec
2015-04-22 10:29 - 2000-05-18 20:29 - 00208896 _____ () C:\Windows\SysWOW64\glut32.dll
2015-04-21 16:50 - 2015-04-21 16:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 10:04 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 10:04 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 10:04 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 10:04 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 10:04 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 10:04 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:04 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 10:04 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 10:04 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 10:04 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 10:04 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 10:04 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 10:04 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 10:04 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 10:04 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 10:04 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 10:04 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 10:04 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 10:04 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 10:04 - 2015-03-17 07:17 - 05556672 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:04 - 2015-03-17 07:17 - 00695224 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-04-15 10:04 - 2015-03-17 07:17 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 10:04 - 2015-03-17 07:17 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 10:04 - 2015-03-17 07:15 - 01727392 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:04 - 2015-03-17 07:15 - 00618912 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-04-15 10:04 - 2015-03-17 07:12 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 10:04 - 2015-03-17 07:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 10:04 - 2015-03-17 07:12 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 10:04 - 2015-03-17 07:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00315904 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 10:04 - 2015-03-17 07:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 10:04 - 2015-03-17 07:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 10:04 - 2015-03-17 07:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 10:04 - 2015-03-17 07:11 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 10:04 - 2015-03-17 07:10 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 10:04 - 2015-03-17 07:10 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-04-15 10:04 - 2015-03-17 07:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 10:04 - 2015-03-17 07:10 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-04-15 10:04 - 2015-03-17 07:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 10:04 - 2015-03-17 07:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 07:05 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:49 - 03981248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 10:04 - 2015-03-17 06:49 - 03925944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 10:04 - 2015-03-17 06:47 - 01310200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 10:04 - 2015-03-17 06:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 10:04 - 2015-03-17 06:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 10:04 - 2015-03-17 06:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 10:04 - 2015-03-17 06:44 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 10:04 - 2015-03-17 06:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 10:04 - 2015-03-17 06:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 10:04 - 2015-03-17 06:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 10:04 - 2015-03-17 06:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 10:04 - 2015-03-17 06:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 06:06 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-04-15 10:04 - 2015-03-17 05:44 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 10:04 - 2015-03-17 05:44 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 10:04 - 2015-03-17 05:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 05:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 05:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:04 - 2015-03-17 05:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:04 - 2015-03-14 00:27 - 00620592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-04-15 10:04 - 2015-03-14 00:27 - 00534736 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-04-15 10:04 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 10:04 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 10:04 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:04 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 10:04 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 10:04 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 10:04 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:04 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 10:04 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:04 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 10:04 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 10:04 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 10:04 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 10:04 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:04 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 10:04 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 10:04 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:04 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 10:04 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 10:04 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 10:04 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:04 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 10:04 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 10:04 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 10:04 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 10:04 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 10:04 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 10:04 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 10:04 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 10:04 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 10:04 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 10:04 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 10:04 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 10:04 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 10:04 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 10:04 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 10:04 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 10:04 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 10:04 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 10:04 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:04 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:04 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 10:04 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 10:04 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 10:04 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 10:04 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 10:04 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 10:04 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 10:04 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 10:04 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 10:04 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 10:04 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 10:04 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 10:04 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 10:04 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 10:04 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 10:04 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 10:04 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 10:04 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 10:04 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 10:04 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:04 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 10:04 - 2015-02-24 08:06 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 10:03 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 10:03 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 10:03 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 15:59 - 2015-04-14 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astra 92
2015-04-13 17:39 - 2015-04-13 17:39 - 00000188 ____H () C:\Users\Petr\Documents\Výkres1.dwl2
2015-04-13 17:39 - 2015-04-13 17:39 - 00000038 ____H () C:\Users\Petr\Documents\Výkres1.dwl
2015-04-10 15:14 - 2015-04-10 15:15 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Running with rifles

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 15:11 - 2015-02-24 14:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 14:02 - 2014-04-29 16:53 - 00665332 _____ () C:\Windows\system32\perfh005.dat
2015-05-07 14:02 - 2014-04-29 16:53 - 00139524 _____ () C:\Windows\system32\perfc005.dat
2015-05-07 14:02 - 2009-07-14 07:13 - 01573880 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-07 14:01 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 14:01 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 13:58 - 2015-02-23 19:40 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2015-05-07 13:57 - 2015-02-23 19:17 - 01078195 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 13:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 13:56 - 2009-07-14 06:51 - 00041185 _____ () C:\Windows\setupact.log
2015-05-06 22:06 - 2015-02-23 21:21 - 00000000 ____D () C:\Users\Petr\AppData\Local\Battle.net
2015-05-06 21:36 - 2015-02-23 21:21 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-06 21:35 - 2015-02-23 20:46 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-06 19:46 - 2015-02-25 17:53 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TS3Client
2015-05-06 14:40 - 2015-02-23 21:25 - 00000000 ____D () C:\KMPlayer
2015-05-05 18:13 - 2015-02-26 16:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Spotify
2015-05-05 18:13 - 2015-02-26 16:36 - 00000000 ____D () C:\Users\Petr\AppData\Local\Spotify
2015-05-05 18:12 - 2010-11-21 05:47 - 00009896 _____ () C:\Windows\PFRO.log
2015-05-04 00:26 - 2015-02-23 19:17 - 00000000 ____D () C:\Users\Petr
2015-05-03 21:44 - 2015-02-23 20:11 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2015-04-28 15:07 - 2015-03-02 12:00 - 00001988 _____ () C:\Users\Petr\Documents\plot.log
2015-04-28 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-23 20:38 - 2015-02-24 14:01 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-23 20:38 - 2015-02-24 14:01 - 00000000 ____D () C:\Program Files\Java
2015-04-23 20:37 - 2015-02-24 14:02 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-23 17:50 - 2015-02-23 19:17 - 00000000 ____D () C:\Users\Petr\AppData\Local\VirtualStore
2015-04-22 15:47 - 2015-04-01 20:25 - 00000000 ____D () C:\Windows\Minidump
2015-04-22 09:07 - 2015-02-23 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 18:11 - 2015-02-24 14:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 18:11 - 2015-02-24 14:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 18:11 - 2015-02-24 14:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 17:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 13:48 - 2015-02-23 20:43 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 13:48 - 2014-04-29 17:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 13:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-15 13:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-15 12:27 - 2014-04-30 14:37 - 01548826 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 12:26 - 2015-02-23 20:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 12:24 - 2015-02-23 20:20 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-08 16:42 - 2015-04-01 20:25 - 504183825 _____ () C:\Windows\MEMORY.DMP
2015-04-07 14:14 - 2015-02-26 16:36 - 00001785 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== Files in the root of some directories =======

2015-03-26 14:45 - 2015-03-26 14:45 - 0740775 _____ () C:\ProgramData\AndyDrivers.zip
2015-02-25 12:04 - 2015-02-25 12:04 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-04-25 10:41

==================== End Of Log ============================

Nighters · Příspěvekod **Nighters** » 07 kvě 2015 15:26

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Petr at 2015-05-07 15:23:50
Running from C:\Users\Petr\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1862124054-3117100190-2353946209-500 - Administrator - Disabled)
Guest (S-1-5-21-1862124054-3117100190-2353946209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1862124054-3117100190-2353946209-1002 - Limited - Enabled)
Petr (S-1-5-21-1862124054-3117100190-2353946209-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
AutoCAD 2014 – Čeština (Czech) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack – Čeština (Czech) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2014 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2014 Language Pack – Čeština (Czech)) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
CrystalDiskInfo 6.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.1 - Crystal Dew World)
ESET Smart Security (HKLM\...\{443D1D0A-17E5-4F61-8074-8801BDB430CC}) (Version: 8.0.304.1 - ESET, spol s r. o.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.130 - PandoraTV)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.52213 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 cs)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.10 - MSI)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.39.1040 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.39.1040 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-1862124054-3117100190-2353946209-1000\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SunLiS verze 4.03 (HKLM-x32\...\SunLiS 2012 demo_is1) (Version: 4.03 - )
TeamSpeak 3 Client (HKU\S-1-5-21-1862124054-3117100190-2353946209-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Wdls 4.1 demo (HKLM-x32\...\Wdls 4.1 demo - výpočet denního osvětlení_is1) (Version: - ASTRA 92 a.s.)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1862124054-3117100190-2353946209-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1862124054-3117100190-2353946209-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1862124054-3117100190-2353946209-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1862124054-3117100190-2353946209-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================

21-04-2015 14:33:01 Windows Update
28-04-2015 12:24:35 Windows Update
01-05-2015 12:45:50 Windows Update
04-05-2015 00:20:12 zoek.exe restore point
05-05-2015 13:10:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-04 00:20 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1D08CBCB-16D0-4EB0-BAAB-463F69C25AA8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {92F7E788-EC28-46E5-B000-B1B22839E16A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {986C6B85-42F6-4F7F-9710-983A7BD4F74E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1862124054-3117100190-2353946209-1000
Task: {B458CE66-E5C0-4813-970B-0377956C27BA} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {C6DBAD91-3F69-4BC2-BAFF-0E91F1F873F7} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {CF77E901-D71D-4881-869B-E3C172F04D1B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-23 19:36 - 2014-02-21 12:21 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2015-02-23 19:36 - 2014-02-21 12:19 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-01-22 16:15 - 2014-01-22 16:15 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-02-23 19:36 - 2014-02-21 12:20 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2015-02-23 19:36 - 2014-02-21 12:17 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-02-19 19:51 - 2014-02-19 19:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1862124054-3117100190-2353946209-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{21019817-F7EE-4E6B-A38B-B7E8D5F39D19}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{400439B4-B3AA-4345-B048-EC2D54AC0C11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38AB6951-4E1F-4789-AA07-B54F0BC40E8F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{19941D3E-AB4C-4247-9B40-F07B503A522A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ED8CDB59-D9C8-44C3-A182-38E6AF253FC0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FFA0949A-A472-4A4C-BACB-DC4DED7022C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{39C773FB-128B-4CEA-B233-611F29B287FC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9F559422-B024-4086-BAF6-328F6FA39774}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{364E0F26-E19C-4653-88F0-F345F95AAB9D}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{F691479A-E03C-4CD7-A6B4-4D6291551D39}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D32B2E44-F03B-45DD-A91C-05B0F68BCFA6}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{7357A680-71AA-463D-8A39-3CD5A4C5F227}] => (Block) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4D0F39F8-6995-48E0-91F8-46E4B860D59F}] => (Block) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{08CD6318-5E60-4DE7-BCA2-D801932790B5}] => (Allow) F:\Games\CSGO\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{507F0B21-F131-4DA9-8C7A-78EF2E7885A0}] => (Allow) F:\Games\CSGO\steamapps\common\Counter-Strike Global Offensive\csgo.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 01:58:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 02:42:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 00:13:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 06:14:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 01:09:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 01:29:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 00:31:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 00:20:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 11:06:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 05:07:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (05/05/2015 03:09:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2015 03:09:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (05/05/2015 03:09:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Qualcomm Atheros Killer Service V2 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2015 03:09:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI_Trigger_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2015 03:09:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/05/2015 03:09:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (05/05/2015 03:09:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/04/2015 00:26:49 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/04/2015 00:26:49 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/04/2015 00:26:49 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 28%
Total physical RAM: 8143.86 MB
Available physical RAM: 5845.53 MB
Total Pagefile: 16285.91 MB
Available Pagefile: 14533.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.57 GB) (Free:61.63 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:793.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 1B4F15EF)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or

(Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Příspěvekod **jaro3** » 08 kvě 2015 09:07

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1862124054-3117100190-2353946209-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
C:\ProgramData\AndyDrivers.zip
C:\Users\Petr\AppData\Local\Temp\dllnt_dump.dll

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Windows\AstraSunLiS4_d.sec

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

KOntrola logu Vyřešeno

KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Re: KOntrola logu

Kdo je online